Vulnerabilities in NVIDIA
742 resultsVexday analysis
O portfólio de vulnerabilidades da NVIDIA reúne 693 CVEs catalogadas, com 18 classificadas como críticas e 58 surgidas nos últimos 90 dias, indicando um fluxo contínuo de descobertas que exige monitoramento ativo. Nenhuma vulnerabilidade consta atualmente no catálogo KEV da CISA, taxa que fica abaixo da média geral do catálogo, sugerindo menor pressão imediata de exploração em campo — mas não ausência de risco. A CVE mais perigosa no momento é CVE-2024-0132, com EPSS de 0,3646, o valor mais elevado observado no conjunto, o que a posiciona como prioridade de remediação. A falha mais recorrente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a afetar componentes de baixo nível como drivers e firmware, onde a superfície de ataque costuma ser ampla e o impacto potencial elevado.
CVE-2023-25514MEDIUMNVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by trickiEPSS 0.2%CVE-2021-34388MEDIUMBootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM afterEPSS 0.2%CVE-2023-25508MEDIUMNVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and EPSS 0.2%CVE-2023-0191HIGHNVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds access mayEPSS 0.2%CVE-2023-0183HIGHNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of serEPSS 0.2%CVE-2026-24177HIGHNVIDIA KAI Scheduler contains a vulnerability where an attacker could access API endpoints without authorization. A successful exploit of thEPSS 0.2%CVE-2025-23358HIGHNVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successfEPSS 0.2%CVE-2022-42281MEDIUMNVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bEPSS 0.2%CVE-2024-0089HIGHCVEEPSS 0.2%CVE-2022-34682MEDIUMNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a null-pEPSS 0.2%CVE-2023-0199MEDIUMNVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can EPSS 0.2%CVE-2023-0190MEDIUMNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial oEPSS 0.2%CVE-2024-0110MEDIUMNVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed EEPSS 0.2%CVE-2022-28196MEDIUMNVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusteEPSS 0.2%CVE-2022-28195MEDIUMNVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of untrustedEPSS 0.2%CVE-2021-34384MEDIUMBootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial EPSS 0.2%CVE-2022-31599HIGHNVIDIA DGX A100 contains a vulnerability in SBIOS in the Ofbd, where a local user with elevated privileges can cause access to an uninitialiEPSS 0.2%CVE-2022-31601MEDIUMNVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-boEPSS 0.2%CVE-2022-28200HIGHNVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond EPSS 0.2%CVE-2021-1120HIGHNVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a string provided by the guest OS may not be pEPSS 0.2%