diff --git a/2021/1xxx/CVE-2021-1074.json b/2021/1xxx/CVE-2021-1074.json index 06cabd535b9..477217ec3ed 100644 --- a/2021/1xxx/CVE-2021-1074.json +++ b/2021/1xxx/CVE-2021-1074.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-1074", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file + "CVE_data_meta" : { + "ASSIGNER" : "psirt@nvidia.com", + "ID" : "CVE-2021-1074", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "NVIDIA GPU Display Driver", + "version" : { + "version_data" : [ + { + "version_value" : "R390 driver branch" + } + ] + } + } + ] + }, + "vendor_name" : "NVIDIA" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "NVIDIA Windows GPU Display Driver for Windows, R390 driver branch, contains a vulnerability in its installer where an attacker with local system access may replace an application resource with malicious files. Such an attack may lead to code execution, escalation of privileges, denial of service, or information disclosure. " + } + ] + }, + "generator" : { + "engine" : "Vulnogram 0.0.9" + }, + "impact" : { + "cvss" : { + "attackComplexity" : "HIGH", + "attackVector" : "LOCAL", + "availabilityImpact" : "HIGH", + "baseScore" : 7.5, + "baseSeverity" : "HIGH", + "confidentialityImpact" : "HIGH", + "integrityImpact" : "HIGH", + "privilegesRequired" : "LOW", + "scope" : "CHANGED", + "userInteraction" : "REQUIRED", + "vectorString" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", + "version" : "3.1" + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "code execution, denial of service, escalation of privileges, information disclosure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5172", + "refsource" : "CONFIRM", + "url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5172" + } + ] + }, + "source" : { + "discovery" : "UNKNOWN" + } +} diff --git a/2021/1xxx/CVE-2021-1075.json b/2021/1xxx/CVE-2021-1075.json index 7b8bcd519db..05c12ba45c7 100644 --- a/2021/1xxx/CVE-2021-1075.json +++ b/2021/1xxx/CVE-2021-1075.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-1075", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file + "CVE_data_meta" : { + "ASSIGNER" : "psirt@nvidia.com", + "ID" : "CVE-2021-1075", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "NVIDIA GPU Display Driver", + "version" : { + "version_data" : [ + { + "version_value" : "All" + } + ] + } + } + ] + }, + "vendor_name" : "NVIDIA" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of service, or escalation of privileges." + } + ] + }, + "generator" : { + "engine" : "Vulnogram 0.0.9" + }, + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "LOCAL", + "availabilityImpact" : "HIGH", + "baseScore" : 7.3, + "baseSeverity" : "HIGH", + "confidentialityImpact" : "NONE", + "integrityImpact" : "LOW", + "privilegesRequired" : "LOW", + "scope" : "CHANGED", + "userInteraction" : "NONE", + "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H", + "version" : "3.1" + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "code exectution, denial of service, escalation of privileges" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5172", + "refsource" : "CONFIRM", + "url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5172" + } + ] + }, + "source" : { + "discovery" : "UNKNOWN" + } +} diff --git a/2021/1xxx/CVE-2021-1076.json b/2021/1xxx/CVE-2021-1076.json index be6590ced28..31934a38cca 100644 --- a/2021/1xxx/CVE-2021-1076.json +++ b/2021/1xxx/CVE-2021-1076.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-1076", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file + "CVE_data_meta" : { + "ASSIGNER" : "psirt@nvidia.com", + "ID" : "CVE-2021-1076", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "NVIDIA GPU Display Driver", + "version" : { + "version_data" : [ + { + "version_value" : "All" + } + ] + } + } + ] + }, + "vendor_name" : "NVIDIA" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption." + } + ] + }, + "generator" : { + "engine" : "Vulnogram 0.0.9" + }, + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "LOCAL", + "availabilityImpact" : "HIGH", + "baseScore" : 6.6, + "baseSeverity" : "MEDIUM", + "confidentialityImpact" : "LOW", + "integrityImpact" : "LOW", + "privilegesRequired" : "LOW", + "scope" : "UNCHANGED", + "userInteraction" : "NONE", + "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", + "version" : "3.1" + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "denial of service , escalation of privileges, data loss" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5172", + "refsource" : "CONFIRM", + "url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5172" + } + ] + }, + "source" : { + "discovery" : "UNKNOWN" + } +} diff --git a/2021/1xxx/CVE-2021-1077.json b/2021/1xxx/CVE-2021-1077.json index 03079258778..a86011384ec 100644 --- a/2021/1xxx/CVE-2021-1077.json +++ b/2021/1xxx/CVE-2021-1077.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-1077", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file + "CVE_data_meta" : { + "ASSIGNER" : "psirt@nvidia.com", + "ID" : "CVE-2021-1077", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "NVIDIA GPU Display Driver", + "version" : { + "version_data" : [ + { + "version_value" : "R450 and R460 driver branch" + } + ] + } + } + ] + }, + "vendor_name" : "NVIDIA" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service." + } + ] + }, + "generator" : { + "engine" : "Vulnogram 0.0.9" + }, + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "LOCAL", + "availabilityImpact" : "HIGH", + "baseScore" : 6.6, + "baseSeverity" : "MEDIUM", + "confidentialityImpact" : "LOW", + "integrityImpact" : "LOW", + "privilegesRequired" : "LOW", + "scope" : "UNCHANGED", + "userInteraction" : "NONE", + "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", + "version" : "3.1" + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "denial of service" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5172", + "refsource" : "CONFIRM", + "url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5172" + } + ] + }, + "source" : { + "discovery" : "UNKNOWN" + } +} diff --git a/2021/1xxx/CVE-2021-1078.json b/2021/1xxx/CVE-2021-1078.json index 5917119f7b8..edf47e4963b 100644 --- a/2021/1xxx/CVE-2021-1078.json +++ b/2021/1xxx/CVE-2021-1078.json @@ -1,18 +1,84 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-1078", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} \ No newline at end of file + "CVE_data_meta" : { + "ASSIGNER" : "psirt@nvidia.com", + "ID" : "CVE-2021-1078", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "NVIDIA GPU Display Driver", + "version" : { + "version_data" : [ + { + "version_value" : "All" + } + ] + } + } + ] + }, + "vendor_name" : "NVIDIA" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel driver (nvlddmkm.sys) where a NULL pointer dereference may lead to system crash." + } + ] + }, + "generator" : { + "engine" : "Vulnogram 0.0.9" + }, + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "LOCAL", + "availabilityImpact" : "HIGH", + "baseScore" : 5.5, + "baseSeverity" : "MEDIUM", + "confidentialityImpact" : "NONE", + "integrityImpact" : "NONE", + "privilegesRequired" : "LOW", + "scope" : "UNCHANGED", + "userInteraction" : "NONE", + "vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version" : "3.1" + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "denial of service" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5172", + "refsource" : "CONFIRM", + "url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5172" + } + ] + }, + "source" : { + "discovery" : "UNKNOWN" + } +}