Vulnerabilities > Nvidia > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-17 | CVE-2022-28185 | Out-of-bounds Write vulnerability in Nvidia Virtual GPU NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the ECC layer, where an unprivileged regular user can cause an out-of-bounds write, which may lead to denial of service and data tampering. | 7.1 |
| 2022-03-29 | CVE-2022-21821 | Integer Overflow or Wraparound vulnerability in Nvidia Cuda Toolkit NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. | 7.8 |
| 2022-03-17 | CVE-2022-21822 | Allocation of Resources Without Limits or Throttling vulnerability in Nvidia Federated Learning Application Runtime Environment NVIDIA FLARE contains a vulnerability in the admin interface, where an un-authorized attacker can cause Allocation of Resources Without Limits or Throttling, which may lead to cause system unavailable. | 7.5 |
| 2022-03-11 | CVE-2022-21819 | Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Jetson Linux NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. | 7.6 |
| 2022-01-18 | CVE-2021-34401 | Unspecified vulnerability in Nvidia Shield Experience NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVGPU_IOCTL_CHANNEL_SET_ERROR_NOTIFIER, where improper access control may lead to code execution, compromised integrity, or denial of service. | 7.8 |
| 2022-01-18 | CVE-2021-34403 | Use After Free vulnerability in Nvidia Shield Experience NVIDIA Linux distributions contain a vulnerability in nvmap ioctl, which allows any user with a local account to exploit a use-after-free condition, leading to code privilege escalation, loss of confidentiality and integrity, or denial of service. | 7.8 |
| 2022-01-18 | CVE-2021-34404 | Unspecified vulnerability in Nvidia Shield Experience Android images for T210 provided by NVIDIA contain a vulnerability in BROM, where failure to limit access to AHB-DMA when BROM fails may allow an unprivileged attacker with physical access to cause denial of service or impact integrity and confidentiality beyond the security scope of BROM. low complexity nvidia | 7.6 |
| 2021-12-23 | CVE-2021-23175 | Incorrect Authorization vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not correctly apply individual user access controls for users on the same device, which, with user intervention, may lead to escalation of privileges, information disclosure, data tampering, and denial of service, affecting other resources beyond the intended security authority of GameStream. | 8.2 |
| 2021-11-20 | CVE-2021-23201 | Unspecified vulnerability in Nvidia products NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller, which may allow a user with elevated privileges to generate valid microcode by identifying, exploiting, and loading vulnerable microcode. | 7.5 |
| 2021-11-20 | CVE-2021-23217 | Unspecified vulnerability in Nvidia products NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. | 7.5 |