Vulnerabilities > Nvidia > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-18 | CVE-2021-34403 | Use After Free vulnerability in Nvidia Shield Experience NVIDIA Linux distributions contain a vulnerability in nvmap ioctl, which allows any user with a local account to exploit a use-after-free condition, leading to code privilege escalation, loss of confidentiality and integrity, or denial of service. | 7.8 |
2022-01-18 | CVE-2021-34404 | Unspecified vulnerability in Nvidia Shield Experience Android images for T210 provided by NVIDIA contain a vulnerability in BROM, where failure to limit access to AHB-DMA when BROM fails may allow an unprivileged attacker with physical access to cause denial of service or impact integrity and confidentiality beyond the security scope of BROM. low complexity nvidia | 7.6 |
2021-12-23 | CVE-2021-23175 | Incorrect Authorization vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not correctly apply individual user access controls for users on the same device, which, with user intervention, may lead to escalation of privileges, information disclosure, data tampering, and denial of service, affecting other resources beyond the intended security authority of GameStream. | 8.2 |
2021-11-20 | CVE-2021-23201 | Unspecified vulnerability in Nvidia products NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller, which may allow a user with elevated privileges to generate valid microcode by identifying, exploiting, and loading vulnerable microcode. | 7.5 |
2021-11-20 | CVE-2021-23217 | Unspecified vulnerability in Nvidia products NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. | 7.5 |
2021-10-29 | CVE-2021-1118 | Improper Privilege Management vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to execute privileged operations by the guest OS, which may lead to information disclosure, data tampering, escalation of privileges, and denial of service | 7.8 |
2021-10-29 | CVE-2021-1119 | Double Free vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. | 7.1 |
2021-10-29 | CVE-2021-1120 | Unspecified vulnerability in Nvidia Virtual GPU NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a string provided by the guest OS may not be properly null terminated. | 7.0 |
2021-08-13 | CVE-2021-34398 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Nvidia Data Center GPU Manager NVIDIA DCGM, all versions prior to 2.2.9, contains a vulnerability in the DIAG module where any user can inject shared libraries into the DCGM server, which is usually running as root, which may lead to privilege escalation, total loss of confidentiality and integrity, and complete denial of service. | 7.8 |
2021-08-11 | CVE-2021-1106 | Out-of-bounds Write vulnerability in Nvidia Jetson Linux and Shield Experience NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system. | 7.8 |