Filtered by vendor Nvidia
Subscriptions
Total
587 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-25533 | 1 Nvidia | 3 Dgx H100, Dgx H100 Bmc, Dgx H100 Firmware | 2024-11-21 | 8.3 High |
| NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to information disclosure, code execution, and escalation of privileges. | ||||
| CVE-2023-25532 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | 6.5 Medium |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to information disclosure. | ||||
| CVE-2023-25531 | 1 Nvidia | 3 Dgx H100, Dgx H100 Bmc, Dgx H100 Firmware | 2024-11-21 | 7.6 High |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and escalation of privileges. | ||||
| CVE-2023-25530 | 1 Nvidia | 3 Dgx H100, Dgx H100 Bmc, Dgx H100 Firmware | 2024-11-21 | 8 High |
| NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure. | ||||
| CVE-2023-25529 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | 8 High |
| NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information disclosure, escalation of privileges, and data tampering. | ||||
| CVE-2023-25528 | 1 Nvidia | 3 Dgx H100, Dgx H100 Bmc, Dgx H100 Firmware | 2024-11-21 | 8.8 High |
| NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2023-25527 | 1 Nvidia | 3 Dgx H100, Dgx H100 Bmc, Dgx H100 Firmware | 2024-11-21 | 7.8 High |
| NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2023-25526 | 1 Nvidia | 1 Cumulus Linux | 2024-11-21 | 6.5 Medium |
| NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanager where an attacker on an adjacent network may cause an uncaught exception by injecting a crafted packet. A successful exploit may lead to denial of service. | ||||
| CVE-2023-25525 | 1 Nvidia | 1 Cumulus Linux | 2024-11-21 | 7.5 High |
| NVIDIA Cumulus Linux contains a vulnerability in forwarding where a VxLAN-encapsulated IPv6 packet received on an SVI interface with DMAC/DIPv6 set to the link-local address of the SVI interface may be incorrectly forwarded. A successful exploit may lead to information disclosure. | ||||
| CVE-2023-25524 | 1 Nvidia | 1 Omniverse Launcher | 2024-11-21 | 4 Medium |
| NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. An attacker could use this token to impersonate the user to access launcher resources. A successful exploit of this vulnerability may lead to information disclosure. | ||||
| CVE-2023-25523 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2024-11-21 | 3.3 Low |
| NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. | ||||
| CVE-2023-25520 | 1 Nvidia | 5 Jetson Agx Xavier, Jetson Linux, Jetson Tx2 and 2 more | 2024-11-21 | 4.4 Medium |
| NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service. | ||||
| CVE-2023-25519 | 1 Nvidia | 8 Bluefield 1, Bluefield 1 Firmware, Bluefield 2 Ga and 5 more | 2024-11-21 | 7.8 High |
| NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges. | ||||
| CVE-2023-25516 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 7.1 High |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of service. | ||||
| CVE-2022-42290 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | 7.2 High |
| NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering. | ||||
| CVE-2022-42289 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | 7.2 High |
| NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering. | ||||
| CVE-2022-42288 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | 5.3 Medium |
| NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure. | ||||
| CVE-2022-42287 | 1 Nvidia | 2 Bmc, Dgx A100 | 2024-11-21 | 6 Medium |
| NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure and data tampering. | ||||
| CVE-2022-42286 | 1 Nvidia | 2 Dgx A100, Sbios | 2024-11-21 | 6 Medium |
| DGX A100 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, or escalation of privileges. | ||||
| CVE-2022-42285 | 1 Nvidia | 2 Dgx A100, Sbios | 2024-11-21 | 6 Medium |
| DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering. | ||||