Vulnerabilities > Nvidia > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-12 CVE-2023-31030 Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 00.19.07
NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet.
network
low complexity
nvidia CWE-787
critical
9.8
2024-01-12 CVE-2023-31029 Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 00.19.07
NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet.
network
low complexity
nvidia CWE-787
critical
9.8
2024-01-12 CVE-2023-31024 Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 00.19.07
NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet.
network
low complexity
nvidia CWE-787
critical
9.8
2023-09-20 CVE-2023-31009 Improper Input Validation vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation.
network
low complexity
nvidia CWE-20
critical
9.8
2023-09-20 CVE-2023-25534 Unspecified vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation.
network
low complexity
nvidia
critical
9.8
2023-09-20 CVE-2023-25533 Unspecified vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation.
network
low complexity
nvidia
critical
9.8
2023-09-20 CVE-2023-25531 Insufficiently Protected Credentials vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials.
network
low complexity
nvidia CWE-522
critical
9.8
2023-09-20 CVE-2023-25530 Unspecified vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation.
network
low complexity
nvidia
critical
9.8
2023-09-20 CVE-2023-25528 Out-of-bounds Write vulnerability in Nvidia DGX H100 Firmware
NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet.
network
low complexity
nvidia CWE-787
critical
9.8
2022-05-17 CVE-2022-28181 Out-of-bounds Write vulnerability in Nvidia GPU Display Driver and Virtual GPU
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
network
low complexity
nvidia CWE-787
critical
9.9