Hardware Driver Software Vulnerabilities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Vendor

Identifying all affected vendors is a good starting point for an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Product

NVIDIA Windows GPU Display Driver64
NVIDIA GPU Display Driver56
Intel Graphics Drivers50
Intel Graphics Driver38
NVIDIA Graphics Driver27

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix362
Temporary Fix0
Workaround0
Unavailable10
Not Defined202

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High9
Functional0
Proof-of-Concept47
Unproven5
Not Defined513

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector

Not Defined0
Physical3
Local381
Adjacent30
Network160

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication

Not Defined0
High15
Low428
None131

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction

Not Defined0
Required16
None558

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

C3BM Index

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base

≤10
≤20
≤34
≤426
≤592
≤6110
≤7198
≤887
≤929
≤1028

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤34
≤429
≤598
≤6121
≤7202
≤875
≤924
≤1021

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤37
≤4103
≤523
≤6238
≤765
≤881
≤933
≤1024

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤32
≤46
≤515
≤688
≤731
≤8199
≤920
≤1012

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤32
≤45
≤54
≤614
≤77
≤85
≤92
≤100

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

Exploit 0-day

<1k87
<2k206
<5k164
<10k72
<25k30
<50k15
<100k0
≥100k0

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today

<1k500
<2k31
<5k34
<10k3
<25k6
<50k0
<100k0
≥100k0

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Exploit Market Volume

Our unique calculation of exploit prices makes it possible to forecast the expected exploit market volume. The calculated prices for all possible 0-day expoits are cumulated for this task. Comparing the volume to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

🔴 CTI Activities

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

Affected Products (218): adb-driver, ALFA AWUS036ACH Driver, ALFA AWUS036H Driver, Alps Pointing-Device Driver, ALPS Alpine TouchPad Driver, AMD Display Driver, AMD Driver, AMD fglrx-driver, AMD Graphics Driver, AMD NUC M15 Laptop Kit Management Engine Driver Pack, AMD Radeon DirectX 11 Driver, Apache DriverHive JDBC Driver, ARM Mali GPU Driver, ARM Mali GPU Kernel Driver, ART EX DocuCentre-VI, ART EX Driver for ApeosPort-VI, ASRock RGB Driver, ASUSTOR exFAT Driver, Atheros 802.11 ABG Wireless Adapter Driver, ATI Catalyst Driver, ATMEL Linux PCI PCMCIA USB Driver, AVEVA Batch Management, AVEVA Communication Drivers Pack, AVEVA Data Acquisition Server, AVEVA Historian, AVEVA InTouch, AVEVA MES, AVEVA Operations Integration Core, AVEVA System Platform, Azure Plugin, Barron McCann X-Kryptor Driver BMS1446HRR, Beckhoff TwinCAT RT Network Driver, Broadcom brcmfmac WiFi Driver, Broadcom wl WiFi Driver, Canon TR150 Print Driver, Cheetah Free WiFi Driver, clickhouse-driver, Codemasters Toca Race Driver, Compuware DriverStudio, Compuware SoftICE DriverStudio, Copadata zenon DNP3 NG driver, Dell DBUtilDrv2.sys Driver, Dell DBUtil BIOS Driver, Dell Pre-Boot Authentication Driver, DriverAgent, DriverGenius, Driverse, DriverWizard WinDriver, EFS Mobile Driver Source App, ElanTech Touchpad Driver, Epson Lp-s9000 Driver 4.1.11, Ethernet Driver, GCP Plugin, geckodriver, Genius VideoCAM NB Driver, Heavy Duty Truck Driver Simulator 3D, HP HP OfficeJet 6700 Driver, HP OLE Point of Sale Driver, HP Photosmart Print Driver, HP PML Driver HPZ12, HWiNFO AMD64 Kernel Driver, Intel 2100 PRO Wireless Network Connection Driver, Intel CSI2 Host Controller Driver, Intel CSME Driver, Intel Driver, Intel Driver , Intel Driver Update Utility, Intel Driver & Support Assistant, Intel Ethernet Diagnostics Driver, Intel Ethernet Diagnostic Driver, Intel Ethernet E810 Adapter Driver, Intel Ethernet I218 Adapter Driver, Intel Ethernet ixgbe Driver, Intel G41 driver, Intel Graphics DCH Driver, Intel Graphics Driver, Intel Graphics Drivers, Intel HID Event Filter Driver, Intel High Definition Audio Driver, Intel Iris Xe MAX Dedicated Graphics Driver, Intel Mailbox Interface Driver, Intel Management Engine Consumer Driver, Intel Network Adapter Driver, Intel NUC 9 Extreme Laptop Kit LAN Driver, Intel NUC M15 Laptop Kit Audio Driver Pack, Intel NUC M15 Laptop Kit Driver Pack, Intel NUC M15 Laptop Kit HID Event Filter Driver Pack, Intel NUC M15 Laptop Kit Integrated Sensor Hub Driver Pack, Intel NUC M15 Laptop Kit Keyboard LED Service Driver Pack, Intel NUC M15 Laptop Kit Serial IO Driver Pack, Intel PROSet Wireless WiFi Software driver, Intel PRO Wireless 2011B LAN USB Device Driver, Intel RealSense D400 Series UWP Driver, Intel RSTe Software RAID Driver, Intel Serial IO Driver, Intel SGX Driver, Intel SOC Driver Package for STK1A32SC, Intel Support Assistant, Intel Thunderbolt DCH Driver, Intel Thunderbolt Non-DCH Driver, Intel Turbo Boost Max Technology 3.0 Driver, Intel TXE, Intel USB 3.0 eXtensible Host Controller Driver, Intel WiFi Driver, Intel Wireless Bluetooth Driver, Intel Support Assistant, IOBit Advanced System Care, IOBit Driver Booster, IOServer OPC Drivers, iSCSI Driver, ITE Tech Consumer Infrared Driver, ixj Telephony Card Driver, Jungo DriverWizard WinDriver, Jungo WinDriver, K7computing K7AV Sentry Device Driver, K7computing K7Firewall Packet Driver, Lemur Vehicle Monitors BlueDriver, Lenovo BIOS EFI Driver, Lenovo Drivers Management, Lenovo Driver Management, Lenovo Edge, Lenovo Energy Management Driver, Lenovo Power Management Driver, Lenovo Slim USB Keyboard Driver, Lenovo Smart Standby Driver, Linksys WPC300N Wireless-n Notebook Adapter Driver, Magnitude Simba Amazon Athena JDBC Driver, Magnitude Simba Amazon Athena ODBC Driver, Magnitude Simba Amazon Redshift JDBC Driver, Magnitude Simba Amazon Redshift ODBC Driver, McAfee File Lock Driver, MediaTek Driver, MSI AmbientLink MsIo64 Driver, Nahimic APO Software Component Driver, National Instruments NI-PAL Driver, NetGear Ma521 Driver, NetGear Wg111v2 Driver, NetIQ Identity Manager Oracle EBS Driver, NetIQ IDM ServiceNow Driver, NetKVM Windows Virtio Driver, Nouveau Display Driver, Nuvoton CIR Driver, NVIDIA 9400M driver, NVIDIA Binary Graphics Driver, NVIDIA Display Driver Service, NVIDIA Driver, NVIDIA Geforce 310 driver, NVIDIA GeForce Experience, NVIDIA GPUModeSwitch Tool, NVIDIA GPU Display Driver, NVIDIA GPU Driver, NVIDIA GPU Driver R346, NVIDIA GPU Graphics Driver, NVIDIA Graphics Driver, NVIDIA Graphics Drivers, NVIDIA Jetson Linux Driver Package, NVIDIA Kernel Mode Driver, NVIDIA Linux GPU Display Driver, NVIDIA NVFlash, NVIDIA NVUFlash Tool, NVIDIA Stereoscopic 3D driver, NVIDIA Tegra Kernel Driver, NVIDIA Unix Graphic Driver, NVIDIA vGPU Graphics Driver, NVIDIA Video Driver, NVIDIA Windows GPU Display Driver, OP-TEE OPTEE-OS CSU Driver, Pacosdrivers PacPoll, Pacos Drivers PacPoll, Panda Kernel Memory Access Driver, Patriot Viper RGB Driver, Pedestal Integrity Protection Driver, Realtek HDA Driver, Realtek HD Audio Codec Drivers, Realtek NDIS Driver, Realtek RtsUpx USB Utility Driver, Realtek USB Driver, Realtek Waves MaxxAudio Driver, RW-4040 Driver Installer, RW-5100 Driver InNstaller, Samsung Android USB Driver Windows Installer, Samsung DPU Driver, Samsung DSP Driver, Samsung DSP driver, Samsung DSP Kernel Driver, Samsung Exynos CP Booting Driver, Samsung Exynos fimg2d Driver, Samsung ION driver, Samsung m2m1shot Driver Framework, Samsung MFC Driver, Samsung Modem Interface Driver, Samsung NPU Driver, Samsung Scx-4200_driver, Samsung sdp Driver, Samsung USB Driver Windows Installer for Mobile Phones, Samsung Vision DSP Kernel Driver, SAP MaxDB ODBC Driver, Savitech Driver Package, Schneider Electric Modbus Serial Driver, Secrets Store CSI Driver, Secrets Store CSI Driver Vault Plugin, Sierra Wireless Windows Mobile Broadband Driver Package, Sony Audio USB Driver, Sony HAP Music Transfer, Soundblaster Ensoniq Pci Es1371 Wdm Driver, Synaptics Fingerprint Driver, Synaptics Sound Device Driver, Synaptics TouchPad Driver, Synaptics WBF Driver, TaskDriver, ThinkPad Compact USB Keyboard Driver, Toshiba Bluetooth wireless device driver, Uniwill SparkIO.sys Driver, Wacom Driver, WildTangent WebDriver, Windriver Helix ALM, Windriver PCNFSd, Windriver VxWorks

PublishedBaseTempVulnerabilityProductExpRemCTICVE
08/05/20225.55.3Uniwill SparkIO.sys Driver IOCTL stack-based overflowSparkIO.sys DriverNot DefinedNot Defined0.13CVE-2022-37415
08/03/20225.55.5ARM Mali GPU Kernel Driver memory corruptionMali GPU Kernel DriverNot DefinedNot Defined0.04CVE-2022-33917
07/13/20225.45.3Samsung USB Driver Windows Installer for Mobile Phones integrity checkUSB Driver Windows Installer for Mobile PhonesNot DefinedOfficial Fix0.04CVE-2022-33711
07/06/20227.47.2IOBit Advanced System Care/Driver Booster Update Procedure data authenticityAdvanced System Care/Driver BoosterNot DefinedNot Defined0.03CVE-2022-24140
06/20/20226.36.1Realtek USB Driver API buffer overflowUSB DriverNot DefinedNot Defined0.04CVE-2022-21742
06/16/20224.44.3Synaptics Fingerprint Driver synaTEE.signed.dll heap-based overflowFingerprint DriverNot DefinedOfficial Fix0.00CVE-2021-3675
05/19/20226.05.9Lenovo Smart Standby Driver buffer overflowSmart Standby DriverNot DefinedOfficial Fix0.07CVE-2022-1110
05/18/20226.05.9NVIDIA GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape denial of serviceGPU Display DriverNot DefinedOfficial Fix0.04CVE-2022-28190
05/18/20226.05.9NVIDIA GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape null pointer dereferenceGPU Display DriverNot DefinedOfficial Fix0.04CVE-2022-28189
05/18/20225.95.8NVIDIA GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape input validationGPU Display DriverNot DefinedOfficial Fix0.03CVE-2022-28188
05/18/20226.26.0NVIDIA GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape input validationGPU Display DriverNot DefinedOfficial Fix0.03CVE-2022-28186
05/18/20226.66.5NVIDIA GPU Display Driver ECC Layer out-of-bounds writeGPU Display DriverNot DefinedOfficial Fix0.00CVE-2022-28185
05/18/20226.05.9NVIDIA GPU Display Driver Kernel Mode Layer nvlddmkm.sys release of resourceGPU Display DriverNot DefinedOfficial Fix0.04CVE-2022-28187
05/18/20228.07.8NVIDIA GPU Display Driver DirectX11 User Mode Driver x.dll out-of-bounds writeGPU Display DriverNot DefinedOfficial Fix0.02CVE-2022-28182
05/18/20228.07.8NVIDIA GPU Display Driver Kernel Mode Layer nvlddmkm.sys DxgkDdiEscape access controlGPU Display DriverNot DefinedOfficial Fix0.00CVE-2022-28184
05/18/20227.97.7NVIDIA GPU Display Driver Kernel Mode Layer out-of-boundsGPU Display DriverNot DefinedOfficial Fix0.03CVE-2022-28183
05/18/20228.07.8NVIDIA GPU Display Driver Kernel Mode Layer out-of-bounds writeGPU Display DriverNot DefinedOfficial Fix0.04CVE-2022-28181
05/10/20225.35.3Magnitude Simba Amazon Redshift JDBC Driver Browser-based Authentication argument injectionSimba Amazon Redshift JDBC DriverNot DefinedNot Defined0.02CVE-2022-30240
05/10/20225.35.3Magnitude Simba Amazon Athena JDBC Driver Browser-based Authentication argument injectionSimba Amazon Athena JDBC DriverNot DefinedNot Defined0.03CVE-2022-30239
05/10/20225.35.1Magnitude Simba Amazon Redshift ODBC Driver Browser-based Authentication argument injectionSimba Amazon Redshift ODBC DriverNot DefinedOfficial Fix0.04CVE-2022-29972
05/10/20225.35.1Magnitude Simba Amazon Athena ODBC Driver Browser-based Authentication argument injectionSimba Amazon Athena ODBC DriverNot DefinedOfficial Fix0.00CVE-2022-29971
04/28/20224.44.4NVIDIA Jetson Linux Driver Package Cboot Module ext4_mount integer overflowJetson Linux Driver PackageNot DefinedOfficial Fix0.00CVE-2022-28197
04/28/20225.55.4NVIDIA Jetson Linux Driver Package Cboot Module blob_decompress buffer overflowJetson Linux Driver PackageNot DefinedOfficial Fix0.03CVE-2022-28196
04/28/20224.94.8NVIDIA Jetson Linux Driver Package Cboot Module ext4_read_file integer overflowJetson Linux Driver PackageNot DefinedOfficial Fix0.07CVE-2022-28195
04/28/20226.36.2NVIDIA Jetson Linux Driver Package Cboot Module tegrabl_cbo.c buffer overflowJetson Linux Driver PackageNot DefinedOfficial Fix0.00CVE-2022-28194

549 more entries are not shown

Might our Artificial Intelligence support you?

Check our Alexa App!