Search Results (Refine Search)
- Keyword (text search): nvidia
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-0083 |
NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause a cross-site scripting error by network by running malicious scripts in users' browsers. A successful exploit of this vulnerability might lead to code execution, denial of service, and information disclosure. Published: April 08, 2024; 6:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0082 |
NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause improper privilege management by sending open file requests to the application. A successful exploit of this vulnerability might lead to local escalation of privileges, information disclosure, and data tampering Published: April 08, 2024; 6:15:07 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0081 |
NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. A successful exploit of this vulnerability may lead to a server-side denial of service. Published: April 05, 2024; 3:15:07 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0080 |
NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service. Published: April 05, 2024; 2:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0076 |
NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. Published: April 05, 2024; 2:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0072 |
NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. Published: April 05, 2024; 2:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-31028 |
NVIDIA nvJPEG2000 Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service. Published: April 05, 2024; 2:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-26770 |
In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Add missing null pointer checks to LED initialization devm_kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity. [jkosina@suse.com: tweak changelog a bit] Published: April 03, 2024; 1:15:52 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0079 |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest VM can cause a NULL-pointer dereference in the host. A successful exploit of this vulnerability may lead to denial of service. Published: March 27, 2024; 6:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0078 |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial of service. Published: March 27, 2024; 6:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0077 |
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, where it allows a guest OS to allocate resources for which the guest OS is not authorized. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Published: March 27, 2024; 6:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0075 |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerability may lead to denial of service and limited information disclosure. Published: March 27, 2024; 6:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0074 |
NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering. Published: March 27, 2024; 6:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0073 |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer when the driver is performing an operation at a privilege level that is higher than the minimum level required. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Published: March 27, 2024; 6:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0071 |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds write. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Published: March 27, 2024; 6:15:07 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-31037 |
NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. A successful exploit of this vulnerability may lead to code execution on the OS. Published: January 23, 2024; 10:15:08 PM -0500 |
V3.1: 7.2 HIGH V2.0:(not available) |
CVE-2023-31035 |
NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure. Published: January 12, 2024; 2:15:11 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-31034 |
NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering. Published: January 12, 2024; 2:15:10 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-31033 |
NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network . A successful exploit of this vulnerability may lead to escalation of privileges, code execution, denial of service, information disclosure, and data tampering. Published: January 12, 2024; 2:15:10 PM -0500 |
V3.1: 8.0 HIGH V2.0:(not available) |
CVE-2023-31032 |
NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access. A successful exploit of this vulnerability may lead to denial of service. Published: January 12, 2024; 2:15:10 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |