Skip to main content

Nvidia

919 CVEs vendor

Monthly

CVE-2024-0149 LOW Monitor

NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Buffer Overflow Nvidia Information Disclosure
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2024-0147 MEDIUM PATCH This Month

NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead to denial of service or data tampering. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Nvidia Microsoft Memory Corruption +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-0146 HIGH This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure RCE Nvidia
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-0140 MEDIUM This Month

NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user could cause a deserialization of untrusted data issue. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure RCE Nvidia Deserialization
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2024-0137 MEDIUM PATCH This Month

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

Nvidia Denial Of Service Nvidia Container Toolkit Nvidia Gpu Operator Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-0136 HIGH PATCH This Month

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

RCE Information Disclosure Nvidia Denial Of Service Nvidia Container Toolkit +3
NVD
CVSS 3.1
7.6
EPSS
0.1%
CVE-2024-0135 HIGH PATCH This Month

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

RCE Information Disclosure Nvidia Denial Of Service Nvidia Container Toolkit +3
NVD
CVSS 3.1
7.6
EPSS
0.1%
CVE-2025-21663 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree Nvidia's Tegra MGBE controllers require the IOMMU "Stream ID" (SID). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Nvidia Linux Linux Kernel Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-56719 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Nvidia Denial Of Service Linux
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-0139 MEDIUM This Month

NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. Rated medium severity (CVSS 4.4). No vendor patch available.

Nvidia Denial Of Service
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2024-0130 HIGH This Week

NVIDIA UFM Enterprise, UFM Appliance, and UFM CyberAI contain a vulnerability where an attacker can cause an improper authentication issue by sending a malformed request through the Ethernet. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Nvidia Denial Of Service
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-0138 CRITICAL Act Now

NVIDIA Base Command Manager contains a missing authentication vulnerability in the CMDaemon component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Information Disclosure Denial Of Service Nvidia
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-0122 HIGH This Week

NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker may cause an unauthorized action. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Nvidia Denial Of Service
NVD
CVSS 3.1
7.6
EPSS
0.2%
CVE-2024-50252 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Nvidia Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-0134 MEDIUM This Month

NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nvidia Nvidia Container Toolkit Nvidia Gpu Operator
NVD
CVSS 3.1
4.1
EPSS
0.4%
CVE-2024-0106 HIGH This Week

NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. Rated high severity (CVSS 8.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Denial Of Service
NVD
CVSS 3.1
8.7
EPSS
0.2%
CVE-2024-0105 HIGH This Week

NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. Rated high severity (CVSS 8.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Denial Of Service
NVD
CVSS 3.1
8.9
EPSS
0.3%
CVE-2024-0128 HIGH This Week

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager that allows a user of the guest OS to access global resources. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-0127 HIGH This Week

NVIDIA vGPU software contains a vulnerability in the GPU kernel driver of the vGPU Manager for all supported hypervisors, where a user of the guest OS can cause an improper input validation by. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Information Disclosure Nvidia Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0126 HIGH This Week

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Microsoft RCE Information Disclosure Denial Of Service Nvidia
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2024-0121 HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-0120 HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-0119 HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-0118 HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-0117 HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-0129 HIGH This Week

NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Path Traversal Nvidia Nemo
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0125 LOW Monitor

NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Nvidia Denial Of Service Microsoft Cuda Toolkit
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-0124 LOW Monitor

NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Microsoft Memory Corruption Denial Of Service Nvidia +1
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-0123 LOW Monitor

NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Microsoft Cuda Toolkit
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-0116 MEDIUM This Month

NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Nvidia Denial Of Service Triton Inference Server
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-0133 Go LOW PATCH Monitor

NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Nvidia Nvidia Container Toolkit Nvidia Gpu Operator
NVD
CVSS 3.1
3.4
EPSS
0.2%
CVE-2024-0132 Go HIGH POC PATCH THREAT This Week

NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

RCE Information Disclosure Nvidia Denial Of Service Nvidia Container Toolkit +1
NVD Exploit-DB
CVSS 3.1
8.3
EPSS
37.1%
CVE-2024-0111 MEDIUM This Month

NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Cuda Toolkit
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-0110 HIGH This Week

NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption RCE Denial Of Service Nvidia +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0109 LOW Monitor

NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Nvidia Denial Of Service Cuda Toolkit
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-0115 MEDIUM This Month

NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Python Nvidia Denial Of Service Ubuntu Cv Cuda
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-0113 HIGH This Week

NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Nvidia Mlnx Os Onyx +2
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2024-0104 HIGH This Week

NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in the LDAP AAA component, where a user can cause improper access. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Nvidia Onyx Mlnx Os +2
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-0108 HIGH This Week

NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Denial Of Service Jetson Linux
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-0107 HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Information Disclosure Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-0102 MEDIUM This Month

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Nvidia Denial Of Service Cuda Toolkit
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-0101 HIGH This Week

NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter, where improper ipfilter definitions could enable an attacker to cause a failure by attacking the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Mlnx Os Mlnx Gw Onyx +1
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-0103 MEDIUM This Month

NVIDIA Triton Inference Server for Linux contains a vulnerability where a user may cause an incorrect Initialization of resource by network issue. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nvidia Triton Inference Server
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-0099 HIGH This Week

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could cause buffer overrun in the host. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Nvidia Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0095 HIGH This Week

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft RCE Information Disclosure Denial Of Service Nvidia +1
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2024-0094 MEDIUM This Month

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where an untrusted guest VM can cause improper control of the interaction frequency in the host. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-0093 MEDIUM This Month

NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Virtual Gpu Cloud Gaming
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-0092 MEDIUM This Month

NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Microsoft Gpu Display Driver Virtual Gpu +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-0091 HIGH This Week

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Denial Of Service Microsoft Gpu Display Driver +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0090 HIGH This Week

NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Memory Corruption RCE Information Disclosure +5
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-0089 HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Information Disclosure Nvidia Microsoft Gpu Display Driver +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0086 MEDIUM This Month

NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Nvidia Denial Of Service Virtual Gpu Cloud Gaming
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-0085 HIGH This Week

NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Microsoft Virtual Gpu Cloud Gaming
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-0084 HIGH This Week

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Nvidia Denial Of Service Virtual Gpu +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-36884 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidia_smmu_context_fault() This was missed because of the function pointer indirection. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Nvidia Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-0100 HIGH This Week

NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a user can corrupt system files. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Triton Inference Server
NVD
CVSS 3.1
8.1
EPSS
0.7%
CVE-2024-0098 MEDIUM This Month

NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user can cause a clear-text transmission of sensitive information issue by data sniffing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Microsoft Chatrtx
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-0097 HIGH This Week

NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. Rated high severity (CVSS 7.5). No vendor patch available.

Privilege Escalation Information Disclosure Nvidia Microsoft Chatrtx
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-0096 HIGH This Week

NVIDIA ChatRTX for Windows contains a vulnerability in Chat RTX UI, where a user can cause an improper privilege management issue by sending user inputs to change execution flow. Rated high severity (CVSS 7.5). No vendor patch available.

Privilege Escalation Information Disclosure Nvidia Microsoft Chatrtx
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-0088 HIGH This Week

NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Nvidia Denial Of Service Triton Inference Server
NVD
CVSS 3.1
8.1
EPSS
18.9%
CVE-2024-0087 HIGH This Week

NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitrary file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Information Disclosure Nvidia Denial Of Service Triton Inference Server
NVD
CVSS 3.1
8.8
EPSS
19.0%
CVE-2024-0083 MEDIUM This Month

NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause a cross-site scripting error by network by running malicious scripts in users' browsers. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Information Disclosure Denial Of Service XSS +2
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-0082 HIGH This Week

NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause improper privilege management by sending open file requests to the application. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Nvidia Microsoft Chatrtx
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2024-0081 PyPI HIGH This Week

NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Ubuntu Nemo
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-0080 LOW Monitor

NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Microsoft
NVD
CVSS 3.1
2.8
EPSS
0.2%
CVE-2024-0076 LOW Monitor

NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Nvidia Denial Of Service Cuda Toolkit
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-0072 LOW Monitor

NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Nvidia Denial Of Service Cuda Toolkit
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-26770 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Add missing null pointer checks to LED initialization devm_kasprintf() returns a pointer to dynamically. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Nvidia Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-0079 MEDIUM This Month

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest VM can cause a NULL-pointer dereference in the host. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Denial Of Service Linux Null Pointer Dereference Nvidia
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-0078 MEDIUM This Month

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Denial Of Service Linux Null Pointer Dereference Nvidia
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-0077 HIGH This Week

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, where it allows a guest OS to allocate resources for which the guest OS is not authorized. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass RCE Information Disclosure Denial Of Service Nvidia
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0075 MEDIUM This Month

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Denial Of Service Null Pointer Dereference Nvidia
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-0074 HIGH This Week

NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-0073 HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer when the driver is performing an operation at a privilege level that is higher than the minimum level required. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft RCE Information Disclosure Denial Of Service Privilege Escalation +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0071 HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-31035 HIGH This Week

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level. Rated high severity (CVSS 7.5). No vendor patch available.

Information Disclosure Nvidia RCE Denial Of Service Dgx A100 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2023-31034 MEDIUM This Month

NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow. Rated medium severity (CVSS 6.6). No vendor patch available.

Integer Overflow Nvidia Denial Of Service Information Disclosure Dgx A100 Firmware
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2023-31033 MEDIUM This Month

NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network . Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Information Disclosure Nvidia RCE +1
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2023-31032 HIGH This Week

NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access. Rated high severity (CVSS 7.5). No vendor patch available.

Nvidia Denial Of Service Dgx A100 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2023-31031 MEDIUM This Month

NVIDIA DGX Station A100 and DGX Station A800 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow Information Disclosure Nvidia +2
NVD
CVSS 3.1
4.2
EPSS
0.0%
CVE-2023-31030 CRITICAL Act Now

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow Information Disclosure Nvidia +2
NVD
CVSS 3.1
9.3
EPSS
0.2%
CVE-2023-31029 CRITICAL Act Now

NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow Information Disclosure Nvidia +2
NVD
CVSS 3.1
9.3
EPSS
0.2%
CVE-2023-31025 MEDIUM This Month

NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nvidia Code Injection LDAP Dgx A100 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-31024 CRITICAL Act Now

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow Information Disclosure Nvidia +2
NVD
CVSS 3.1
9.0
EPSS
0.4%
CVE-2023-31036 HIGH POC This Week

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Microsoft Information Disclosure Nvidia Path Traversal +3
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-31027 HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability that allows Windows users with low levels of privilege to escalate privileges when an administrator is updating GPU drivers, which may. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Privilege Escalation Microsoft Virtual Gpu
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2023-31026 MEDIUM This Month

NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a NULL-pointer dereference may lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Null Pointer Dereference Microsoft Virtual Gpu
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-31023 MEDIUM This Month

NVIDIA Display Driver for Windows contains a vulnerability where an attacker may cause a pointer dereference of an untrusted value, which may lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Microsoft Virtual Gpu
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-31022 MEDIUM This Month

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Linux Microsoft Null Pointer Dereference +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-31021 MEDIUM This Month

NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Null Pointer Dereference Microsoft Virtual Gpu
NVD
CVSS 3.1
5.5
EPSS
0.2%
EPSS 0% CVSS 3.3
LOW Monitor

NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Buffer Overflow Nvidia +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead to denial of service or data tampering. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Nvidia +4
NVD
EPSS 0% CVSS 7.8
HIGH This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure +2
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user could cause a deserialization of untrusted data issue. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure RCE +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

Nvidia Denial Of Service Nvidia Container Toolkit +3
NVD
EPSS 0% CVSS 7.6
HIGH PATCH This Month

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

RCE Information Disclosure Nvidia +5
NVD
EPSS 0% CVSS 7.6
HIGH PATCH This Month

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

RCE Information Disclosure Nvidia +5
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree Nvidia's Tegra MGBE controllers require the IOMMU "Stream ID" (SID). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Nvidia Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Nvidia Denial Of Service Linux
NVD VulDB
EPSS 0% CVSS 4.4
MEDIUM This Month

NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. Rated medium severity (CVSS 4.4). No vendor patch available.

Nvidia Denial Of Service
NVD
EPSS 0% CVSS 8.8
HIGH This Week

NVIDIA UFM Enterprise, UFM Appliance, and UFM CyberAI contain a vulnerability where an attacker can cause an improper authentication issue by sending a malformed request through the Ethernet. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Nvidia +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

NVIDIA Base Command Manager contains a missing authentication vulnerability in the CMDaemon component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Information Disclosure +2
NVD
EPSS 0% CVSS 7.6
HIGH This Week

NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker may cause an unauthorized action. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Nvidia +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Nvidia Linux +1
NVD
EPSS 0% CVSS 4.1
MEDIUM This Month

NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nvidia Nvidia Container Toolkit +1
NVD
EPSS 0% CVSS 8.7
HIGH This Week

NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. Rated high severity (CVSS 8.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Denial Of Service
NVD
EPSS 0% CVSS 8.9
HIGH This Week

NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. Rated high severity (CVSS 8.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Denial Of Service
NVD
EPSS 0% CVSS 7.1
HIGH This Week

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager that allows a user of the guest OS to access global resources. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA vGPU software contains a vulnerability in the GPU kernel driver of the vGPU Manager for all supported hypervisors, where a user of the guest OS can cause an improper input validation by. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Information Disclosure Nvidia +1
NVD
EPSS 0% CVSS 8.2
HIGH This Week

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Microsoft RCE Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Path Traversal Nvidia +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Nvidia Denial Of Service +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Microsoft Memory Corruption +3
NVD
EPSS 0% CVSS 3.3
LOW Monitor

NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Microsoft +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Nvidia +2
NVD
EPSS 0% CVSS 3.4
LOW PATCH Monitor

NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Nvidia Nvidia Container Toolkit +1
NVD
EPSS 37% CVSS 8.3
HIGH POC PATCH THREAT This Week

NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

RCE Information Disclosure Nvidia +3
NVD Exploit-DB
EPSS 0% CVSS 4.4
MEDIUM This Month

NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Cuda Toolkit
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption RCE +3
NVD
EPSS 0% CVSS 3.3
LOW Monitor

NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Nvidia +2
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Python Nvidia Denial Of Service +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Nvidia +4
NVD
EPSS 0% CVSS 8.8
HIGH This Week

NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in the LDAP AAA component, where a user can cause improper access. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Nvidia +4
NVD
EPSS 0% CVSS 8.8
HIGH This Week

NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Denial Of Service +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE +6
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Nvidia +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter, where improper ipfilter definitions could enable an attacker to cause a failure by attacking the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Mlnx Os +3
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

NVIDIA Triton Inference Server for Linux contains a vulnerability where a user may cause an incorrect Initialization of resource by network issue. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nvidia Triton Inference Server
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could cause buffer overrun in the host. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Nvidia +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft RCE Information Disclosure +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where an untrusted guest VM can cause improper control of the interaction frequency in the host. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Virtual Gpu +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Microsoft +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Denial Of Service +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Memory Corruption +7
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability where the information from a previous client or another process could be disclosed. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Information Disclosure Nvidia +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Nvidia Denial Of Service +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Microsoft +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the guest OS could execute privileged operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Nvidia +3
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidia_smmu_context_fault() This was missed because of the function pointer indirection. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Nvidia Denial Of Service +2
NVD
EPSS 1% CVSS 8.1
HIGH This Week

NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a user can corrupt system files. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Triton Inference Server
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user can cause a clear-text transmission of sensitive information issue by data sniffing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Microsoft +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. Rated high severity (CVSS 7.5). No vendor patch available.

Privilege Escalation Information Disclosure Nvidia +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

NVIDIA ChatRTX for Windows contains a vulnerability in Chat RTX UI, where a user can cause an improper privilege management issue by sending user inputs to change execution flow. Rated high severity (CVSS 7.5). No vendor patch available.

Privilege Escalation Information Disclosure Nvidia +2
NVD
EPSS 19% CVSS 8.1
HIGH This Week

NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Nvidia Denial Of Service +1
NVD
EPSS 19% CVSS 8.8
HIGH This Week

NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitrary file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Information Disclosure Nvidia +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause a cross-site scripting error by network by running malicious scripts in users' browsers. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Information Disclosure +4
NVD
EPSS 0% CVSS 8.2
HIGH This Week

NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause improper privilege management by sending open file requests to the application. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Nvidia +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Ubuntu +1
NVD GitHub
EPSS 0% CVSS 2.8
LOW Monitor

NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Microsoft
NVD
EPSS 0% CVSS 3.3
LOW Monitor

NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Nvidia +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Nvidia Denial Of Service +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Add missing null pointer checks to LED initialization devm_kasprintf() returns a pointer to dynamically. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Nvidia Denial Of Service +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest VM can cause a NULL-pointer dereference in the host. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Denial Of Service Linux +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Denial Of Service Linux +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, where it allows a guest OS to allocate resources for which the guest OS is not authorized. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass RCE Information Disclosure +2
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Denial Of Service +2
NVD
EPSS 0% CVSS 7.1
HIGH This Week

NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer when the driver is performing an operation at a privilege level that is higher than the minimum level required. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft RCE Information Disclosure +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE +3
NVD
EPSS 0% CVSS 7.5
HIGH This Week

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level. Rated high severity (CVSS 7.5). No vendor patch available.

Information Disclosure Nvidia RCE +2
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow. Rated medium severity (CVSS 6.6). No vendor patch available.

Integer Overflow Nvidia Denial Of Service +2
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network . Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Information Disclosure +3
NVD
EPSS 0% CVSS 7.5
HIGH This Week

NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access. Rated high severity (CVSS 7.5). No vendor patch available.

Nvidia Denial Of Service Dgx A100 Firmware
NVD
EPSS 0% CVSS 4.2
MEDIUM This Month

NVIDIA DGX Station A100 and DGX Station A800 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow +4
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +4
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +4
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nvidia Code Injection +2
NVD
EPSS 0% CVSS 9.0
CRITICAL Act Now

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Buffer Overflow Stack Overflow +4
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Microsoft Information Disclosure +5
NVD GitHub
EPSS 0% CVSS 7.3
HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability that allows Windows users with low levels of privilege to escalate privileges when an administrator is updating GPU drivers, which may. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Privilege Escalation Microsoft +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a NULL-pointer dereference may lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Null Pointer Dereference +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NVIDIA Display Driver for Windows contains a vulnerability where an attacker may cause a pointer dereference of an untrusted value, which may lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Microsoft +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Linux +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Null Pointer Dereference +2
NVD
Prev Page 4 of 11 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy