Vulnerabilities > Nvidia
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-13 | CVE-2022-42285 | Unspecified vulnerability in Nvidia Sbios DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering. | 7.8 |
| 2023-01-13 | CVE-2022-42274 | Classic Buffer Overflow vulnerability in Nvidia BMC NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution. | 7.8 |
| 2023-01-13 | CVE-2022-42275 | Missing Authentication for Critical Function vulnerability in Nvidia BMC NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. | 7.1 |
| 2023-01-12 | CVE-2022-42272 | Classic Buffer Overflow vulnerability in Nvidia DGX A100 Firmware NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow, which may lead to code execution, denial of service or escalation of privileges. | 8.8 |
| 2023-01-12 | CVE-2022-42273 | Classic Buffer Overflow vulnerability in Nvidia DGX A100 Firmware NVIDIA BMC contains a vulnerability in libwebsocket, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution. | 8.8 |
| 2023-01-11 | CVE-2022-42271 | Classic Buffer Overflow vulnerability in Nvidia DGX A100 Firmware NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution | 7.8 |
| 2022-12-30 | CVE-2022-34669 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Nvidia Cloud Gaming and Virtual GPU NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can access or modify system files or other files that are critical to the application, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | 7.8 |
| 2022-12-30 | CVE-2022-34670 | Incorrect Conversion between Numeric Types vulnerability in multiple products NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure. | 7.8 |
| 2022-12-30 | CVE-2022-34671 | Out-of-bounds Write vulnerability in Nvidia GPU Display Driver NVIDIA GPU Display Driver for Windows contains a vulnerability in the user-mode layer, where an unprivileged user can cause an out-of-bounds write, which may lead to code execution, information disclosure, and denial of service. | 8.8 |
| 2022-12-30 | CVE-2022-34672 | Unspecified vulnerability in Nvidia Cloud Gaming and Virtual GPU NVIDIA Control Panel for Windows contains a vulnerability where an unauthorized user or an unprivileged regular user can compromise the security of the software by gaining privileges, reading sensitive information, or executing commands. | 7.8 |