Vulnerabilities > Nvidia
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-13 | CVE-2022-42280 | Path Traversal vulnerability in Nvidia BMC NVIDIA BMC contains a vulnerability in SPX REST auth handler, where an un-authorized attacker can exploit a path traversal, which may lead to authentication bypass. | 7.8 |
| 2023-01-13 | CVE-2022-42281 | Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure. | 6.7 |
| 2023-01-13 | CVE-2022-42282 | Unspecified vulnerability in Nvidia BMC NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can access arbitrary files, which may lead to information disclosure. | 5.5 |
| 2023-01-13 | CVE-2022-42283 | Classic Buffer Overflow vulnerability in Nvidia BMC NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution. | 7.8 |
| 2023-01-13 | CVE-2022-42284 | Cleartext Storage of Sensitive Information vulnerability in Nvidia BMC NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. | 5.5 |
| 2023-01-13 | CVE-2022-42285 | Unspecified vulnerability in Nvidia Sbios DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering. | 7.8 |
| 2023-01-13 | CVE-2022-42274 | Classic Buffer Overflow vulnerability in Nvidia BMC NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution. | 7.8 |
| 2023-01-13 | CVE-2022-42275 | Missing Authentication for Critical Function vulnerability in Nvidia BMC NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. | 7.1 |
| 2023-01-12 | CVE-2022-42272 | Classic Buffer Overflow vulnerability in Nvidia DGX A100 Firmware NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow, which may lead to code execution, denial of service or escalation of privileges. | 8.8 |
| 2023-01-12 | CVE-2022-42273 | Classic Buffer Overflow vulnerability in Nvidia DGX A100 Firmware NVIDIA BMC contains a vulnerability in libwebsocket, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution. | 8.8 |