Vulnerabilities > Nvidia
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2023-31034 | Integer Overflow or Wraparound vulnerability in Nvidia DGX A100 Firmware 1.18/1.8 NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow. | 7.8 |
| 2024-01-12 | CVE-2023-31035 | Unspecified vulnerability in Nvidia DGX A100 Firmware 1.18/1.8 NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level. | 7.8 |
| 2024-01-12 | CVE-2023-31036 | Path Traversal vulnerability in Nvidia Triton Inference Server NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the model load API to cause a relative path traversal. | 8.8 |
| 2023-11-02 | CVE-2023-31016 | Uncontrolled Search Path Element vulnerability in Nvidia Virtual GPU NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | 7.8 |
| 2023-11-02 | CVE-2023-31017 | Files or Directories Accessible to External Parties vulnerability in Nvidia Virtual GPU NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to write arbitrary data to privileged locations by using reparse points. | 7.8 |
| 2023-11-02 | CVE-2023-31018 | NULL Pointer Dereference vulnerability in Nvidia Virtual GPU NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of service. | 5.5 |
| 2023-11-02 | CVE-2023-31019 | Unspecified vulnerability in Nvidia Virtual GPU NVIDIA GPU Display Driver for Windows contains a vulnerability in wksServicePlugin.dll, where the driver implementation does not restrict or incorrectly restricts access from the named pipe server to a connecting client, which may lead to potential impersonation to the client's secure context. | 7.1 |
| 2023-11-02 | CVE-2023-31020 | Unspecified vulnerability in Nvidia Virtual GPU NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause improper access control, which may lead to denial of service or data tampering. | 7.1 |
| 2023-11-02 | CVE-2023-31021 | NULL Pointer Dereference vulnerability in Nvidia Virtual GPU NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service. | 5.5 |
| 2023-11-02 | CVE-2023-31022 | NULL Pointer Dereference vulnerability in Nvidia Virtual GPU NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service. | 5.5 |