Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. In this situation, the web page can get access to the token of the user login session, leading to the possibility that the user’s account is compromised. This may lead to the targeted user’s data being accessed, altered, or lost.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
NVIDIA GeForce Experience 安全漏洞
Vulnerability Description
Nvidia NVIDIA GeForce Experience是美国英伟达(Nvidia)公司的一套显卡自动更新工具。该产品能够自动更新显卡驱动程序,并支持显卡性能管理和优化等。 NVIDIA GeForce Experience 中存在安全漏洞,攻击者可通过诱导用户通过浏览器点击一个恶意格式的链接,并输入他们的登录信息,恶意站点可以访问用户登录会话的令牌。以下产品及版本会受到影响:NVIDIA GeForce Experience, 3.23之前的所有版本。
CVSS Information
N/A
Vulnerability Type
N/A