Search Results (Refine Search)
- Keyword (text search): nvidia
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-34666 |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service. Published: November 10, 2022; 11:15:10 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-28199 |
NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality. Published: September 01, 2022; 1:15:08 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-31618 |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a null pointer, which may lead to denial of service. Published: August 05, 2022; 5:15:08 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-31614 |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it may double-free some resources. An attacker may exploit this vulnerability with other vulnerabilities to cause denial of service, code execution, and information disclosure. Published: August 05, 2022; 5:15:08 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-31609 |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure. Published: August 05, 2022; 5:15:08 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-31603 |
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause code execution, which may lead to denial of service, data integrity impact, and information disclosure. Published: July 04, 2022; 2:15:08 PM -0400 |
V3.1: 6.7 MEDIUM V2.0: 4.4 MEDIUM |
CVE-2022-31602 |
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to code execution, denial of service, data integrity impact, and information disclosure. Published: July 04, 2022; 2:15:08 PM -0400 |
V3.1: 6.7 MEDIUM V2.0: 4.4 MEDIUM |
CVE-2022-31601 |
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure. Published: July 04, 2022; 2:15:08 PM -0400 |
V3.1: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2022-31600 |
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly leading to code execution, escalation of privileges, denial of service, compromised integrity, and information disclosure. The scope of impact can extend to other components. Published: July 04, 2022; 2:15:08 PM -0400 |
V3.1: 8.2 HIGH V2.0: 4.6 MEDIUM |
CVE-2022-31599 |
NVIDIA DGX A100 contains a vulnerability in SBIOS in the Ofbd, where a local user with elevated privileges can cause access to an uninitialized pointer, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components. Published: July 04, 2022; 2:15:07 PM -0400 |
V3.1: 8.2 HIGH V2.0: 4.6 MEDIUM |
CVE-2022-28200 |
NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components. Published: July 01, 2022; 9:15:07 PM -0400 |
V3.1: 8.2 HIGH V2.0: 4.6 MEDIUM |
CVE-2022-28192 |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free, which in turn may cause denial of service. This attack is complex to carry out because the attacker needs to have control over freeing some host side resources out of sequence, which requires elevated privileges. Published: May 17, 2022; 4:15:09 PM -0400 |
V3.1: 4.1 MEDIUM V2.0: 1.9 LOW |
CVE-2022-28191 |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where uncontrolled resource consumption can be triggered by an unprivileged regular user, which may lead to denial of service. Published: May 17, 2022; 4:15:09 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2022-28190 |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where improper input validation can cause denial of service. Published: May 17, 2022; 4:15:09 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2022-28189 |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a NULL pointer dereference may lead to a system crash. Published: May 17, 2022; 4:15:09 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2022-28188 |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service. Published: May 17, 2022; 4:15:09 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2022-28187 |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where the memory management software does not release a resource after its effective lifetime has ended, which may lead to denial of service. Published: May 17, 2022; 4:15:09 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2022-28186 |
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service or data tampering. Published: May 17, 2022; 4:15:08 PM -0400 |
V3.1: 6.1 MEDIUM V2.0: 3.6 LOW |
CVE-2022-28185 |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the ECC layer, where an unprivileged regular user can cause an out-of-bounds write, which may lead to denial of service and data tampering. Published: May 17, 2022; 4:15:08 PM -0400 |
V3.1: 7.1 HIGH V2.0: 3.6 LOW |
CVE-2022-28184 |
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can access administrator- privileged registers, which may lead to denial of service, information disclosure, and data tampering. Published: May 17, 2022; 4:15:08 PM -0400 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |