Vulnerabilities > Nvidia

DATE CVE VULNERABILITY TITLE RISK
2023-01-13 CVE-2022-42274 Classic Buffer Overflow vulnerability in Nvidia BMC
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution.
local
low complexity
nvidia CWE-120
7.8
2023-01-13 CVE-2022-42275 Missing Authentication for Critical Function vulnerability in Nvidia BMC
NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections.
local
low complexity
nvidia CWE-306
7.1
2023-01-12 CVE-2022-42272 Classic Buffer Overflow vulnerability in Nvidia DGX A100 Firmware
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow, which may lead to code execution, denial of service or escalation of privileges.
network
low complexity
nvidia CWE-120
8.8
2023-01-12 CVE-2022-42273 Classic Buffer Overflow vulnerability in Nvidia DGX A100 Firmware
NVIDIA BMC contains a vulnerability in libwebsocket, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution.
network
low complexity
nvidia CWE-120
8.8
2023-01-11 CVE-2022-42271 Classic Buffer Overflow vulnerability in Nvidia DGX A100 Firmware
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution
local
low complexity
nvidia CWE-120
7.8
2022-12-30 CVE-2022-34669 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Nvidia Cloud Gaming and Virtual GPU
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can access or modify system files or other files that are critical to the application, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
local
low complexity
nvidia CWE-610
7.8
2022-12-30 CVE-2022-34670 Incorrect Conversion between Numeric Types vulnerability in multiple products
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure.
local
low complexity
nvidia debian CWE-681
7.8
2022-12-30 CVE-2022-34671 Out-of-bounds Write vulnerability in Nvidia GPU Display Driver
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user-mode layer, where an unprivileged user can cause an out-of-bounds write, which may lead to code execution, information disclosure, and denial of service.
network
low complexity
nvidia CWE-787
8.8
2022-12-30 CVE-2022-34672 Unspecified vulnerability in Nvidia Cloud Gaming and Virtual GPU
NVIDIA Control Panel for Windows contains a vulnerability where an unauthorized user or an unprivileged regular user can compromise the security of the software by gaining privileges, reading sensitive information, or executing commands.
local
low complexity
nvidia
7.8
2022-12-30 CVE-2022-34673 Out-of-bounds Read vulnerability in Nvidia GPU Display Driver 515
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering.
local
low complexity
nvidia CWE-125
7.3