Vulnerabilities > Nvidia
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-05 | CVE-2024-0134 | Unspecified vulnerability in Nvidia Container Toolkit and Nvidia GPU Operator NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. | 4.1 |
| 2024-10-15 | CVE-2024-0129 | Path Traversal vulnerability in Nvidia Nemo NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. | 7.8 |
| 2024-09-26 | CVE-2024-0132 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Nvidia Container Toolkit and Nvidia GPU Operator NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. | 8.3 |
| 2024-09-26 | CVE-2024-0133 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Nvidia Container Toolkit and Nvidia GPU Operator NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. | 3.4 |
| 2024-08-31 | CVE-2024-0109 | Out-of-bounds Read vulnerability in Nvidia Cuda Toolkit NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. | 3.3 |
| 2024-08-31 | CVE-2024-0110 | Out-of-bounds Write vulnerability in Nvidia Cuda Toolkit NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. | 7.8 |
| 2024-08-31 | CVE-2024-0111 | Improper Validation of Specified Quantity in Input vulnerability in Nvidia Cuda Toolkit NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. | 4.4 |
| 2024-08-12 | CVE-2024-0113 | Path Traversal vulnerability in Nvidia products NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. | 8.8 |
| 2024-08-12 | CVE-2024-0115 | Unspecified vulnerability in Nvidia Cv-Cuda NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process. | 6.1 |
| 2024-08-08 | CVE-2024-0104 | Unspecified vulnerability in Nvidia products NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in the LDAP AAA component, where a user can cause improper access. | 8.8 |