Vulnerabilidades en NVIDIA
742 resultadosAnálisis Vexday
O portfólio de vulnerabilidades da NVIDIA reúne 693 CVEs catalogadas, com 18 classificadas como críticas e 58 surgidas nos últimos 90 dias, indicando um fluxo contínuo de descobertas que exige monitoramento ativo. Nenhuma vulnerabilidade consta atualmente no catálogo KEV da CISA, taxa que fica abaixo da média geral do catálogo, sugerindo menor pressão imediata de exploração em campo — mas não ausência de risco. A CVE mais perigosa no momento é CVE-2024-0132, com EPSS de 0,3646, o valor mais elevado observado no conjunto, o que a posiciona como prioridade de remediação. A falha mais recorrente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a afetar componentes de baixo nível como drivers e firmware, onde a superfície de ataque costuma ser ampla e o impacto potencial elevado.
CVE-2026-24191HIGHNVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful expEPSS 0.1%CVE-2025-23297HIGHNVIDIA Installer for NvAPP for Windows contains a vulnerability in the FrameviewSDK installation process, where an attacker with local unpriEPSS 0.1%CVE-2025-23253LOWNVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constaEPSS 0.1%CVE-2025-33190MEDIUMNVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware where an attacker could cause an out-of-bound write. A successful exploit oEPSS 0.1%CVE-2025-33188HIGHNVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls. A successful expEPSS 0.1%CVE-2025-23269MEDIUMNVIDIA Jetson Linux contains a vulnerability in the kernel where an attacker may cause an exposure of sensitive information due to a shared EPSS 0.1%CVE-2025-23290LOWNVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a guest could get global GPU metrics which may be influencedEPSS 0.1%CVE-2025-23256HIGHNVIDIA BlueField contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorizatiEPSS 0.1%CVE-2025-23245MEDIUMNVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows a guest to accEPSS 0.1%CVE-2025-23286MEDIUMNVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful exploit oEPSS 0.1%CVE-2025-23300MEDIUMNVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocaEPSS 0.1%CVE-2025-33194MEDIUMNVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successEPSS 0.1%CVE-2025-33205HIGHNVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an unEPSS 0.1%CVE-2023-31014MEDIUMNVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device canEPSS 0.1%CVE-2026-24231MEDIUMNVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl() SSRF protection component, where an attacker could cause a server-sideEPSS 0.1%CVE-2025-23332MEDIUMNVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deferEPSS 0.1%CVE-2025-33195MEDIUMNVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unexpected memory buffer operations. A succeEPSS 0.1%CVE-2025-23275MEDIUMNVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds writEPSS 0.1%CVE-2024-0139MEDIUMNVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. A successful exploit of tEPSS 0.1%CVE-2026-24182MEDIUMNVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit ofEPSS 0.1%