Vulnerabilities > Nvidia > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-10 | CVE-2023-0193 | Out-of-bounds Read vulnerability in Nvidia Cuda Toolkit NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a local user running the tool against a malicious binary may cause an out-of-bounds read, which may result in a limited denial of service and limited information disclosure. | 4.4 |
| 2023-02-07 | CVE-2022-42291 | Link Following vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience contains a vulnerability in the installer, where a user installing the NVIDIA GeForce Experience software may inadvertently delete data from a linked location, which may lead to data tampering. | 5.5 |
| 2023-01-13 | CVE-2022-42288 | Information Exposure Through Discrepancy vulnerability in Nvidia DGX A100 Firmware NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure. | 5.3 |
| 2023-01-13 | CVE-2022-42281 | Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure. | 6.7 |
| 2023-01-13 | CVE-2022-42282 | Unspecified vulnerability in Nvidia BMC NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can access arbitrary files, which may lead to information disclosure. | 5.5 |
| 2023-01-13 | CVE-2022-42284 | Cleartext Storage of Sensitive Information vulnerability in Nvidia BMC NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. | 5.5 |
| 2022-12-30 | CVE-2022-34674 | NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak. | 6.1 |
| 2022-12-30 | CVE-2022-34675 | NULL Pointer Dereference vulnerability in Nvidia Cloud Gaming and GPU Display Driver NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of service. | 5.5 |
| 2022-12-30 | CVE-2022-34678 | NULL Pointer Dereference vulnerability in Nvidia Cloud Gaming and Virtual GPU NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause a null-pointer dereference, which may lead to denial of service. | 5.5 |
| 2022-12-30 | CVE-2022-34679 | NULL Pointer Dereference vulnerability in Nvidia Cloud Gaming and Virtual GPU NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unhandled return value can lead to a null-pointer dereference, which may lead to denial of service. | 5.5 |