Vulnerabilities > Nvidia > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-0089 | Improper Initialization vulnerability in Nvidia GPU Display Driver and Virtual GPU NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. | 7.8 |
| 2024-06-13 | CVE-2024-0090 | Out-of-bounds Write vulnerability in Nvidia GPU Display Driver and Virtual GPU NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. | 7.8 |
| 2024-06-13 | CVE-2024-0091 | Unspecified vulnerability in Nvidia GPU Display Driver and Virtual GPU NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. | 7.8 |
| 2024-01-24 | CVE-2023-31037 | OS Command Injection vulnerability in Nvidia Bluefield BMC NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. | 7.2 |
| 2024-01-12 | CVE-2023-31025 | Injection vulnerability in Nvidia DGX A100 Firmware 00.19.07 NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. | 7.5 |
| 2024-01-12 | CVE-2023-31031 | Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 1.18/1.8 NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. | 7.8 |
| 2024-01-12 | CVE-2023-31033 | Missing Authentication for Critical Function vulnerability in Nvidia DGX A100 Firmware 00.19.07 NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network . | 8.0 |
| 2024-01-12 | CVE-2023-31034 | Integer Overflow or Wraparound vulnerability in Nvidia DGX A100 Firmware 1.18/1.8 NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow. | 7.8 |
| 2024-01-12 | CVE-2023-31035 | Unspecified vulnerability in Nvidia DGX A100 Firmware 1.18/1.8 NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level. | 7.8 |
| 2024-01-12 | CVE-2023-31036 | Path Traversal vulnerability in Nvidia Triton Inference Server NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the model load API to cause a relative path traversal. | 8.8 |