Filtered by vendor Nvidia
Subscribe
Total
646 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-31010 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 6.8 MEDIUM |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, and denial of service. | |||||
| CVE-2023-31009 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 8.3 HIGH |
| NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure. | |||||
| CVE-2023-31008 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 7.3 HIGH |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of services, escalation of privileges, and information disclosure. | |||||
| CVE-2023-25534 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 5.7 MEDIUM |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | |||||
| CVE-2023-25533 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 8.3 HIGH |
| NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to information disclosure, code execution, and escalation of privileges. | |||||
| CVE-2023-25532 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to information disclosure. | |||||
| CVE-2023-25531 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 7.6 HIGH |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and escalation of privileges. | |||||
| CVE-2023-25530 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 8.0 HIGH |
| NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure. | |||||
| CVE-2023-25529 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 8.0 HIGH |
| NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information disclosure, escalation of privileges, and data tampering. | |||||
| CVE-2023-25528 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | |||||
| CVE-2023-25527 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 7.8 HIGH |
| NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | |||||
| CVE-2023-25526 | 1 Nvidia | 1 Cumulus Linux | 2024-11-21 | N/A | 6.5 MEDIUM |
| NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanager where an attacker on an adjacent network may cause an uncaught exception by injecting a crafted packet. A successful exploit may lead to denial of service. | |||||
| CVE-2023-25525 | 1 Nvidia | 1 Cumulus Linux | 2024-11-21 | N/A | 7.5 HIGH |
| NVIDIA Cumulus Linux contains a vulnerability in forwarding where a VxLAN-encapsulated IPv6 packet received on an SVI interface with DMAC/DIPv6 set to the link-local address of the SVI interface may be incorrectly forwarded. A successful exploit may lead to information disclosure. | |||||
| CVE-2023-25524 | 1 Nvidia | 1 Omniverse Launcher | 2024-11-21 | N/A | 4.0 MEDIUM |
| NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. An attacker could use this token to impersonate the user to access launcher resources. A successful exploit of this vulnerability may lead to information disclosure. | |||||
| CVE-2023-25523 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2024-11-21 | N/A | 3.3 LOW |
| NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. | |||||
| CVE-2023-25522 | 1 Nvidia | 4 Dgx A100, Dgx A100 Firmware, Dgx A800 and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
| NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in an unexpected format. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering. | |||||
| CVE-2023-25521 | 1 Nvidia | 4 Dgx A100, Dgx A100 Firmware, Dgx A800 and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
| NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering. | |||||
| CVE-2023-25520 | 1 Nvidia | 5 Jetson Agx Xavier, Jetson Linux, Jetson Tx2 and 2 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service. | |||||
| CVE-2023-25519 | 1 Nvidia | 8 Bluefield 1, Bluefield 1 Firmware, Bluefield 2 Ga and 5 more | 2024-11-21 | N/A | 7.8 HIGH |
| NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges. | |||||
| CVE-2023-25518 | 1 Nvidia | 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx | 2024-11-21 | N/A | 7.1 HIGH |
| NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity. | |||||