Vulnerabilities > Nvidia > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-30 | CVE-2021-34380 | Out-of-bounds Write vulnerability in Nvidia Jetson Linux Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot. | 7.8 |
| 2021-06-30 | CVE-2021-34381 | Integer Overflow or Wraparound vulnerability in Nvidia Jetson Linux Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow on the size parameter of the tz_map_shared_mem function, which might lead to denial of service, information disclosure, or data tampering. | 7.8 |
| 2021-06-30 | CVE-2021-34382 | Integer Overflow or Wraparound vulnerability in Nvidia Jetson Linux Trusty TLK contains a vulnerability in the NVIDIA TLK kernel’s tz_map_shared_mem function where an integer overflow on the size parameter causes the request buffer and the logging buffer to overflow, allowing writes to arbitrary addresses within the kernel. | 7.8 |
| 2021-06-30 | CVE-2021-34384 | Out-of-bounds Write vulnerability in Nvidia Jetson Linux Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution. | 7.8 |
| 2021-06-25 | CVE-2021-1073 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded in other tabs of the same browser. | 8.3 |
| 2021-06-22 | CVE-2021-34372 | Integer Overflow or Wraparound vulnerability in Nvidia Jetson Linux Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service. | 7.8 |
| 2021-06-21 | CVE-2021-34388 | Out-of-bounds Write vulnerability in Nvidia Jetson Linux Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution. | 7.8 |
| 2021-04-29 | CVE-2021-1086 | Incorrect Authorization vulnerability in Nvidia Virtual GPU Manager NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it allows guests to control unauthorized resources, which may lead to integrity and confidentiality loss or information disclosure. | 7.1 |
| 2021-04-29 | CVE-2021-1084 | Improper Input Validation vulnerability in Nvidia Virtual GPU Manager NVIDIA vGPU driver contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data or denial of service. | 7.8 |
| 2021-04-29 | CVE-2021-1085 | Improper Input Validation vulnerability in Nvidia Virtual GPU Manager NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to write to a shared memory location and manipulate the data after the data has been validated, which may lead to denial of service and escalation of privileges and information disclosure but attacker doesn't have control over what information is obtained. | 7.3 |