Vulnerabilities > Nvidia > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-23 | CVE-2023-25515 | Unspecified vulnerability in Nvidia GPU Display Driver and Virtual GPU NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure. low complexity nvidia | 7.6 |
| 2023-04-22 | CVE-2023-0184 | Unspecified vulnerability in Nvidia GPU Display Driver NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering. | 7.8 |
| 2023-04-22 | CVE-2023-0202 | Unspecified vulnerability in Nvidia DGX A100 Firmware 1.8 NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. | 7.8 |
| 2023-04-22 | CVE-2023-0203 | Unspecified vulnerability in Nvidia Connectx Firmware NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service. | 7.7 |
| 2023-04-22 | CVE-2023-0204 | Improper Handling of Exceptional Conditions vulnerability in Nvidia Connectx Firmware NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can cause improper handling of exceptional conditions, which may lead to denial of service. | 7.7 |
| 2023-04-22 | CVE-2023-0205 | Unspecified vulnerability in Nvidia Connectx Firmware NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service. | 7.7 |
| 2023-04-22 | CVE-2023-0206 | Unspecified vulnerability in Nvidia DGX A100 Firmware 1.8 NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. | 7.8 |
| 2023-04-22 | CVE-2023-0209 | Improper Authentication vulnerability in Nvidia Sbios NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware implant, data tampering, and SecureBoot bypass. | 7.8 |
| 2023-04-22 | CVE-2023-25505 | Classic Buffer Overflow vulnerability in Nvidia BMC NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to denial of service, information disclosure, or arbitrary code execution. | 7.8 |
| 2023-04-22 | CVE-2023-25506 | Out-of-bounds Write vulnerability in Nvidia Sbios NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. | 8.2 |