Filtered by vendor Nvidia
Subscriptions
Total
735 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-23280 | 2 Linux, Nvidia | 2 Linux, Display Driver | 2025-10-22 | 7 High |
| NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. | ||||
| CVE-2025-23282 | 2 Linux, Nvidia | 3 Linux, Display Driver, Driver | 2025-10-22 | 7 High |
| NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. | ||||
| CVE-2025-23356 | 1 Nvidia | 1 Isaac Lab | 2025-10-21 | 8.4 High |
| NVIDIA Isaac Lab contains a vulnerability in SB3 configuration parsing. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | ||||
| CVE-2025-33177 | 1 Nvidia | 4 Jetson Linux, Jetson Tk1, Jetson Tx1 and 1 more | 2025-10-21 | 5.5 Medium |
| NVIDIA Jetson Linux and IGX OS contain a vulnerability in NvMap, where improper tracking of memory allocations could allow a local attacker to cause memory overallocation. A successful exploitation of this vulnerability might lead to denial of service. | ||||
| CVE-2025-33182 | 1 Nvidia | 6 Jetson Agx Xavier, Jetson Linux, Jetson Tk1 and 3 more | 2025-10-21 | 7.6 High |
| NVIDIA Jetson Linux contains a vulnerability in UEFI, where improper authentication may allow a privileged user to cause corruption of the Linux Device Tree. A successful exploitation of this vulnerability might lead to data tampering, denial of service. | ||||
| CVE-2025-23242 | 2 Linux, Nvidia | 2 Linux Kernel, Riva | 2025-10-16 | 7.3 High |
| NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, denial of service, or information disclosure. | ||||
| CVE-2025-23243 | 2 Linux, Nvidia | 2 Linux Kernel, Riva | 2025-10-16 | 6.5 Medium |
| NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tampering or denial of service. | ||||
| CVE-2025-23260 | 1 Nvidia | 1 Aistore On Kubernetes | 2025-10-14 | 5 Medium |
| NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure. | ||||
| CVE-2025-23354 | 1 Nvidia | 1 Megatron-lm | 2025-10-10 | 7.8 High |
| NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensemble_classifer script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information disclosure, and data tampering. | ||||
| CVE-2025-23348 | 1 Nvidia | 1 Megatron-lm | 2025-10-10 | 7.8 High |
| NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretrain_gpt script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-23349 | 1 Nvidia | 1 Megatron-lm | 2025-10-10 | 7.8 High |
| NVIDIA Megatron-LM for all platforms contains a vulnerability in the tasks/orqa/unsupervised/nq.py component, where an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-23353 | 1 Nvidia | 1 Megatron-lm | 2025-10-10 | 7.8 High |
| NVIDIA Megatron-LM for all platforms contains a vulnerability in the msdp preprocessing script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information disclosure, and data tampering. | ||||
| CVE-2024-0081 | 1 Nvidia | 1 Nemo | 2025-10-10 | 8.6 High |
| NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. A successful exploit of this vulnerability may lead to a server-side denial of service. | ||||
| CVE-2023-31031 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2025-10-09 | 4.2 Medium |
| NVIDIA DGX Station A100 and DGX Station A800 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2025-23268 | 1 Nvidia | 1 Triton Inference Server | 2025-10-08 | 8 High |
| NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper input validation issue. A successful exploit of this vulnerability may lead to code execution. | ||||
| CVE-2025-23248 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-10-06 | 3.3 Low |
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. | ||||
| CVE-2025-23255 | 1 Nvidia | 1 Cuda Toolkit | 2025-10-06 | 3.3 Low |
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user may cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability may lead to a partial denial of service. | ||||
| CVE-2025-23273 | 3 Linux, Microsoft, Nvidia | 6 Linux Kernel, Windows, Cuda Toolkit and 3 more | 2025-10-06 | 2.5 Low |
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service. | ||||
| CVE-2025-23275 | 3 Linux, Microsoft, Nvidia | 6 Linux Kernel, Windows, Cuda Toolkit and 3 more | 2025-10-06 | 4.2 Medium |
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information disclosure. | ||||
| CVE-2025-23346 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-10-06 | 3.3 Low |
| NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a limited denial of service. | ||||