Vulnerabilidades em NVIDIA
742 resultadosAnálise Vexday
O portfólio de vulnerabilidades da NVIDIA reúne 693 CVEs catalogadas, com 18 classificadas como críticas e 58 surgidas nos últimos 90 dias, indicando um fluxo contínuo de descobertas que exige monitoramento ativo. Nenhuma vulnerabilidade consta atualmente no catálogo KEV da CISA, taxa que fica abaixo da média geral do catálogo, sugerindo menor pressão imediata de exploração em campo — mas não ausência de risco. A CVE mais perigosa no momento é CVE-2024-0132, com EPSS de 0,3646, o valor mais elevado observado no conjunto, o que a posiciona como prioridade de remediação. A falha mais recorrente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a afetar componentes de baixo nível como drivers e firmware, onde a superfície de ataque costuma ser ampla e o impacto potencial elevado.
CVE-2021-1113MEDIUMNVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification EPSS 0.2%CVE-2025-23294HIGHNVIDIA WebDataset for all platforms contains a vulnerability where an attacker could execute arbitrary code with elevated permissions. A sucEPSS 0.2%CVE-2021-34391MEDIUMTrusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow throEPSS 0.2%CVE-2025-33217HIGHNVIDIA Display Driver for Windows contains a vulnerability where an attacker could trigger a use after free. A successful exploit of this vuEPSS 0.2%CVE-2023-31015MEDIUMNVIDIA DGX H100 BMC contains a vulnerability in the REST service where a host user may cause as improper authentication issue. A successful EPSS 0.2%CVE-2022-42269HIGHNVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged lEPSS 0.2%CVE-2021-34395LOWTrusty TLK contains a vulnerability in its access permission settings where it does not properly restrict access to a resource from a user wEPSS 0.2%CVE-2025-33226HIGHNVIDIA NeMo Framework for all platforms contains a vulnerability where malicious data created by an attacker may cause a code injection. A sEPSS 0.2%CVE-2023-0208HIGH
NVIDIA DCGM for Linux contains a vulnerability in HostEngine (server component) where a user may cause a heap-based buffer overflow throughEPSS 0.2%CVE-2024-0131MEDIUMNVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode attacker could read a buffer with an inEPSS 0.2%CVE-2026-24190HIGHNVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GEPSS 0.2%CVE-2024-53879LOWNVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a maEPSS 0.2%CVE-2025-33204HIGHNVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker EPSS 0.2%CVE-2023-31035HIGHCVEEPSS 0.2%CVE-2023-0186MEDIUMNVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an out-of-bounds write can lead to denial of EPSS 0.2%CVE-2022-31618MEDIUMNVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a null pointer, which may lEPSS 0.2%CVE-2025-33221MEDIUMNVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission EPSS 0.2%CVE-2025-33236HIGHNVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit EPSS 0.2%CVE-2023-25506HIGHNVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause aEPSS 0.2%CVE-2025-23278HIGHNVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might cause an improper index validation by issuing aEPSS 0.2%