Vulnerabilities > Nvidia
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-20 | CVE-2023-31008 | Improper Input Validation vulnerability in Nvidia DGX H100 Firmware NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. | 7.8 |
| 2023-09-20 | CVE-2023-31009 | Improper Input Validation vulnerability in Nvidia DGX H100 Firmware NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. | 9.8 |
| 2023-09-12 | CVE-2023-25519 | Unspecified vulnerability in Nvidia products NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. | 7.8 |
| 2023-08-03 | CVE-2023-25524 | Unspecified vulnerability in Nvidia Omniverse Launcher NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. | 5.3 |
| 2023-07-04 | CVE-2023-25516 | Integer Overflow or Wraparound vulnerability in Nvidia GPU Display Driver NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of service. | 7.1 |
| 2023-07-04 | CVE-2023-25517 | Unspecified vulnerability in Nvidia GPU Display Driver 13.0/15.0 NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a guest OS may be able to control resources for which it is not authorized, which may lead to information disclosure and data tampering. | 7.1 |
| 2023-07-04 | CVE-2023-25521 | Improper Privilege Management vulnerability in Nvidia DGX A100 Firmware and DGX A800 Firmware NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. | 7.8 |
| 2023-07-04 | CVE-2023-25522 | Improper Input Validation vulnerability in Nvidia DGX A100 Firmware and DGX A800 Firmware NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in an unexpected format. | 7.8 |
| 2023-07-04 | CVE-2023-25523 | NULL Pointer Dereference vulnerability in Nvidia Cuda Toolkit NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. | 3.3 |
| 2023-06-23 | CVE-2023-25515 | Unspecified vulnerability in Nvidia GPU Display Driver and Virtual GPU NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure. low complexity nvidia | 7.6 |