Filtered by vendor Nvidia
Subscriptions
Total
586 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-25527 | 1 Nvidia | 3 Dgx H100, Dgx H100 Bmc, Dgx H100 Firmware | 2024-11-21 | 7.8 High |
| NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2023-25526 | 1 Nvidia | 1 Cumulus Linux | 2024-11-21 | 6.5 Medium |
| NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanager where an attacker on an adjacent network may cause an uncaught exception by injecting a crafted packet. A successful exploit may lead to denial of service. | ||||
| CVE-2023-25525 | 1 Nvidia | 1 Cumulus Linux | 2024-11-21 | 7.5 High |
| NVIDIA Cumulus Linux contains a vulnerability in forwarding where a VxLAN-encapsulated IPv6 packet received on an SVI interface with DMAC/DIPv6 set to the link-local address of the SVI interface may be incorrectly forwarded. A successful exploit may lead to information disclosure. | ||||
| CVE-2023-25524 | 1 Nvidia | 1 Omniverse Launcher | 2024-11-21 | 4 Medium |
| NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. An attacker could use this token to impersonate the user to access launcher resources. A successful exploit of this vulnerability may lead to information disclosure. | ||||
| CVE-2023-25523 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2024-11-21 | 3.3 Low |
| NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. | ||||
| CVE-2023-25520 | 1 Nvidia | 5 Jetson Agx Xavier, Jetson Linux, Jetson Tx2 and 2 more | 2024-11-21 | 4.4 Medium |
| NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service. | ||||
| CVE-2023-25519 | 1 Nvidia | 8 Bluefield 1, Bluefield 1 Firmware, Bluefield 2 Ga and 5 more | 2024-11-21 | 7.8 High |
| NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges. | ||||
| CVE-2023-25516 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 7.1 High |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of service. | ||||
| CVE-2023-0196 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2024-11-21 | 3.3 Low |
| NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer dereference, which may result in a limited denial of service. | ||||
| CVE-2023-0193 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2024-11-21 | 4.4 Medium |
| NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a local user running the tool against a malicious binary may cause an out-of-bounds read, which may result in a limited denial of service and limited information disclosure. | ||||
| CVE-2022-42292 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2024-11-21 | 5 Medium |
| NVIDIA GeForce Experience contains a vulnerability in the NVContainer component, where a user without administrator privileges can create a symbolic link to a file that requires elevated privileges to write to or modify, which may lead to denial of service, escalation of privilege or limited data tampering. | ||||
| CVE-2022-42291 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2024-11-21 | 8.2 High |
| NVIDIA GeForce Experience contains a vulnerability in the installer, where a user installing the NVIDIA GeForce Experience software may inadvertently delete data from a linked location, which may lead to data tampering. An attacker does not have explicit control over the exploitation of this vulnerability, which requires the user to explicitly launch the installer from the compromised directory. | ||||
| CVE-2022-42290 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | 7.2 High |
| NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering. | ||||
| CVE-2022-42289 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | 7.2 High |
| NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering. | ||||
| CVE-2022-42288 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | 5.3 Medium |
| NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure. | ||||
| CVE-2022-42287 | 1 Nvidia | 2 Bmc, Dgx A100 | 2024-11-21 | 6 Medium |
| NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure and data tampering. | ||||
| CVE-2022-42286 | 1 Nvidia | 2 Dgx A100, Sbios | 2024-11-21 | 6 Medium |
| DGX A100 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, or escalation of privileges. | ||||
| CVE-2022-42285 | 1 Nvidia | 2 Dgx A100, Sbios | 2024-11-21 | 6 Medium |
| DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering. | ||||
| CVE-2022-42284 | 1 Nvidia | 2 Bmc, Dgx A100 | 2024-11-21 | 6.2 Medium |
| NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This may lead to a credentials exposure. | ||||
| CVE-2022-42283 | 1 Nvidia | 2 Bmc, Dgx A100 | 2024-11-21 | 6.4 Medium |
| NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution. | ||||