Filtered by vendor Nvidia
Subscribe
Total
555 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-25534 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | |||||
CVE-2023-31027 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-12-10 | N/A | 7.3 HIGH |
NVIDIA GPU Display Driver for Windows contains a vulnerability that allows Windows users with low levels of privilege to escalate privileges when an administrator is updating GPU drivers, which may lead to escalation of privileges. | |||||
CVE-2023-25528 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | |||||
CVE-2023-25526 | 1 Nvidia | 1 Cumulus Linux | 2023-12-10 | N/A | 6.5 MEDIUM |
NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanager where an attacker on an adjacent network may cause an uncaught exception by injecting a crafted packet. A successful exploit may lead to denial of service. | |||||
CVE-2023-25531 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and escalation of privileges. | |||||
CVE-2023-31012 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-12-10 | N/A | 8.8 HIGH |
NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure. | |||||
CVE-2023-31011 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-12-10 | N/A | 8.8 HIGH |
NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure. | |||||
CVE-2023-31013 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-12-10 | N/A | 8.8 HIGH |
NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure. | |||||
CVE-2023-25532 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to information disclosure. | |||||
CVE-2023-31010 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-12-10 | N/A | 8.8 HIGH |
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, and denial of service. | |||||
CVE-2023-44216 | 7 Amd, Apple, Canonical and 4 more | 16 Ryzen 5 7600x, Ryzen 7 4800u, M1 Mac Mini and 13 more | 2023-12-10 | N/A | 5.3 MEDIUM |
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin. | |||||
CVE-2023-31020 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-12-10 | N/A | 7.1 HIGH |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause improper access control, which may lead to denial of service or data tampering. | |||||
CVE-2023-31021 | 7 Canonical, Citrix, Linux-kvm and 4 more | 7 Ubuntu Linux, Hypervisor, Kernel Virtual Machine and 4 more | 2023-12-10 | N/A | 5.5 MEDIUM |
NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service. | |||||
CVE-2023-25524 | 1 Nvidia | 1 Omniverse Launcher | 2023-12-10 | N/A | 5.3 MEDIUM |
NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. An attacker could use this token to impersonate the user to access launcher resources. A successful exploit of this vulnerability may lead to information disclosure. | |||||
CVE-2023-25527 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-12-10 | N/A | 7.8 HIGH |
NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | |||||
CVE-2023-31017 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-12-10 | N/A | 7.8 HIGH |
NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to write arbitrary data to privileged locations by using reparse points. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | |||||
CVE-2023-31016 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-12-10 | N/A | 7.8 HIGH |
NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | |||||
CVE-2023-31015 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-12-10 | N/A | 7.8 HIGH |
NVIDIA DGX H100 BMC contains a vulnerability in the REST service where a host user may cause as improper authentication issue. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, code execution, and denial of service. | |||||
CVE-2023-31019 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-12-10 | N/A | 7.1 HIGH |
NVIDIA GPU Display Driver for Windows contains a vulnerability in wksServicePlugin.dll, where the driver implementation does not restrict or incorrectly restricts access from the named pipe server to a connecting client, which may lead to potential impersonation to the client's secure context. | |||||
CVE-2023-31018 | 8 Canonical, Citrix, Linux and 5 more | 9 Ubuntu Linux, Hypervisor, Linux Kernel and 6 more | 2023-12-10 | N/A | 5.5 MEDIUM |
NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of service. |