Vulnerabilities > Nvidia
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-12 | CVE-2023-25519 | Unspecified vulnerability in Nvidia products NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. | 7.8 |
2023-08-03 | CVE-2023-25524 | Unspecified vulnerability in Nvidia Omniverse Launcher NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. | 5.3 |
2023-07-04 | CVE-2023-25516 | Integer Overflow or Wraparound vulnerability in Nvidia GPU Display Driver NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of service. | 7.1 |
2023-07-04 | CVE-2023-25517 | Unspecified vulnerability in Nvidia GPU Display Driver NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a guest OS may be able to control resources for which it is not authorized, which may lead to information disclosure and data tampering. | 7.1 |
2023-07-04 | CVE-2023-25521 | Improper Privilege Management vulnerability in Nvidia DGX A100 Firmware and DGX A800 Firmware NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. | 7.8 |
2023-07-04 | CVE-2023-25522 | Improper Input Validation vulnerability in Nvidia DGX A100 Firmware and DGX A800 Firmware NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in an unexpected format. | 7.8 |
2023-07-04 | CVE-2023-25523 | NULL Pointer Dereference vulnerability in Nvidia Cuda Toolkit NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. | 3.3 |
2023-06-23 | CVE-2023-25515 | Unspecified vulnerability in Nvidia GPU Display Driver and Virtual GPU NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure. low complexity nvidia | 7.6 |
2023-06-23 | CVE-2023-25518 | Unspecified vulnerability in Nvidia Jetson Linux NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. low complexity nvidia | 6.8 |
2023-06-23 | CVE-2023-25520 | Improper Input Validation vulnerability in Nvidia Jetson Linux NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service. | 5.5 |