Vulnerabilities > Nvidia

DATE CVE VULNERABILITY TITLE RISK
2023-09-20 CVE-2023-25527 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory.
local
low complexity
nvidia CWE-119
7.8
2023-09-20 CVE-2023-25528 Out-of-bounds Write vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet.
network
low complexity
nvidia CWE-787
critical
9.8
2023-09-20 CVE-2023-25529 Information Exposure Through Discrepancy vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses.
network
high complexity
nvidia CWE-203
8.1
2023-09-20 CVE-2023-25530 Unspecified vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation.
network
low complexity
nvidia
critical
9.8
2023-09-20 CVE-2023-25531 Insufficiently Protected Credentials vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials.
network
low complexity
nvidia CWE-522
critical
9.8
2023-09-20 CVE-2023-25532 Insufficiently Protected Credentials vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials.
network
low complexity
nvidia CWE-522
7.5
2023-09-20 CVE-2023-25533 Unspecified vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation.
network
low complexity
nvidia
critical
9.8
2023-09-20 CVE-2023-25534 Unspecified vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation.
network
low complexity
nvidia
critical
9.8
2023-09-20 CVE-2023-31008 Improper Input Validation vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation.
local
low complexity
nvidia CWE-20
7.8
2023-09-20 CVE-2023-31009 Improper Input Validation vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation.
network
low complexity
nvidia CWE-20
critical
9.8