Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or possibly gain privileges via unknown vectors. NOTE: this identifier was SPLIT from CVE-2015-7869 per ADT2 and ADT3 due to different vulnerability types and affected versions.
CVE-2015-8328 is a security vulnerability that . Impacting 2 products from nvidia, from microsoft organizations running these solutions should prioritize assessment and patching.
First disclosed in 2015, this vulnerability was reported during a period defined by widespread IoT adoption challenges, mobile security concerns, and the emergence of advanced persistent threat (APT) techniques. Contemporary mitigation strategies focused on secure development practices and third-party component vetting.
2015-11-24T20:59:23.333
2025-04-12T10:46:40.837
Deferred
CVSSv2: 6.6 (MEDIUM)
AV:L/AC:M/Au:N/C:C/I:P/A:C
3.4
9.5
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | nvidia | gpu_driver | < 341.92 | Yes |
| Application | nvidia | gpu_driver | ≤ 354.35 | Yes |
| Application | nvidia | gpu_driver | ≤ 358.87 | Yes |
| Operating System | microsoft | windows | * | No |
SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For nvidia's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.