Filtered by vendor Nvidia Subscriptions
Total 586 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-25523 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2024-11-21 3.3 Low
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2023-25520 1 Nvidia 5 Jetson Agx Xavier, Jetson Linux, Jetson Tx2 and 2 more 2024-11-21 4.4 Medium
NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.
CVE-2023-25519 1 Nvidia 8 Bluefield 1, Bluefield 1 Firmware, Bluefield 2 Ga and 5 more 2024-11-21 7.8 High
NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges. 
CVE-2023-25516 1 Nvidia 1 Gpu Display Driver 2024-11-21 7.1 High
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of service.
CVE-2023-25514 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2024-11-21 5.3 Medium
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure.
CVE-2023-25513 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2024-11-21 5.3 Medium
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure.
CVE-2023-25512 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2024-11-21 5.3 Medium
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds memory read by running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure.
CVE-2023-25511 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2024-11-21 3.3 Low
NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerability in cuobjdump, where a division-by-zero error may enable a user to cause a crash, which may lead to a limited denial of service.
CVE-2023-25510 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2024-11-21 3.3 Low
NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer dereference in cuobjdump, where a local user running the tool against a malformed binary may cause a limited denial of service.
CVE-2023-25509 1 Nvidia 2 Dgx-1, Sbios 2024-11-21 6 Medium
NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges.
CVE-2023-25508 1 Nvidia 2 Bmc, Dgx-1 2024-11-21 6.7 Medium
NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2023-25507 1 Nvidia 2 Bmc, Dgx-1 2024-11-21 7.2 High
NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, and data tampering.
CVE-2023-25506 1 Nvidia 2 Dgx-1, Sbios 2024-11-21 7.5 High
NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components.
CVE-2023-25505 1 Nvidia 2 Bmc, Dgx-1 2024-11-21 7.8 High
NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to denial of service, information disclosure, or arbitrary code execution.
CVE-2023-0209 1 Nvidia 2 Dgx-1, Sbios 2024-11-21 8.2 High
NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware implant, data tampering, and SecureBoot bypass.
CVE-2023-0208 2 Linux, Nvidia 2 Linux Kernel, Data Center Gpu Manager 2024-11-21 8.4 High
NVIDIA DCGM for Linux contains a vulnerability in HostEngine (server component) where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering.
CVE-2023-0207 1 Nvidia 2 Dgx-2, Sbios 2024-11-21 7.5 High
NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. A successful exploit of this vulnerability may lead to denial of service.
CVE-2023-0206 1 Nvidia 2 Dgx A100, Dgx A100 Firmware 2024-11-21 7.5 High
NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure.
CVE-2023-0205 1 Nvidia 4 Connectx-5, Connectx-6, Connectx-6-dx and 1 more 2024-11-21 5 Medium
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service.
CVE-2023-0204 1 Nvidia 4 Connectx-5, Connectx-6, Connectx-6-dx and 1 more 2024-11-21 6.5 Medium
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can cause improper handling of exceptional conditions, which may lead to denial of service.