Vulnerabilidades em NVIDIA
742 resultadosAnálise Vexday
O portfólio de vulnerabilidades da NVIDIA reúne 693 CVEs catalogadas, com 18 classificadas como críticas e 58 surgidas nos últimos 90 dias, indicando um fluxo contínuo de descobertas que exige monitoramento ativo. Nenhuma vulnerabilidade consta atualmente no catálogo KEV da CISA, taxa que fica abaixo da média geral do catálogo, sugerindo menor pressão imediata de exploração em campo — mas não ausência de risco. A CVE mais perigosa no momento é CVE-2024-0132, com EPSS de 0,3646, o valor mais elevado observado no conjunto, o que a posiciona como prioridade de remediação. A falha mais recorrente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a afetar componentes de baixo nível como drivers e firmware, onde a superfície de ataque costuma ser ampla e o impacto potencial elevado.
CVE-2022-42284MEDIUMNVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. This may lead to a credentials exposure.EPSS 0.1%CVE-2025-23289MEDIUMNVIDIA Omniverse Launcher for Windows and Linux contains a vulnerability in the launcher logs, where a user could cause sensitive informatioEPSS 0.1%CVE-2025-23288LOWNVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may cause an exposure of sensitive system information withEPSS 0.1%CVE-2025-33192MEDIUMNVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploEPSS 0.1%CVE-2025-23274MEDIUMNVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted inpuEPSS 0.1%CVE-2026-24153MEDIUMNVIDIA Jetson Linux has a vulnerability in initrd, where the nvluks trusted application is not disabled. A successful exploit of this vulnerEPSS 0.1%CVE-2025-33196MEDIUMNVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploiEPSS 0.1%CVE-2025-23273LOWNVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error bEPSS 0.1%CVE-2025-33199LOWNVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. A successfuEPSS 0.1%CVE-2024-0085MEDIUMCVEEPSS 0.1%CVE-2025-33200LOWNVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploiEPSS 0.1%CVE-2025-23291LOWNVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an User/Attacker may cause an authorized actioEPSS 0.1%CVE-2025-33198LOWNVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploiEPSS 0.1%CVE-2025-33237MEDIUMNVIDIA HD Audio Driver for Windows contains a vulnerability where an attacker could exploit a NULL pointer dereference issue. A successful eEPSS 0.1%CVE-2022-42267HIGHNVIDIA GPU Display Driver for Windows contains a vulnerability where a regular user can cause an out-of-bounds read, which may lead to code EPSS 0.1%CVE-2025-23302MEDIUMNVIDIA HGX and DGX contain a vulnerability where a misconfiguration of the LS10 could enable an attacker to set an unsafe debug access levelEPSS 0.1%CVE-2025-23301MEDIUMNVIDIA HGX and DGX contain a vulnerability where a misconfiguration of the VBIOS could enable an attacker to set an unsafe debug access leveEPSS 0.1%CVE-2025-33177MEDIUMNVIDIA Jetson Linux and IGX OS contain a vulnerability in NvMap, where improper tracking of memory allocations could allow a local attacker EPSS 0.1%CVE-2025-33235HIGHNVIDIA Resiliency Extension for Linux contains a vulnerability in the checkpointing core, where an attacker may cause a race condition. A suEPSS 0.1%CVE-2025-23279HIGHNVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A EPSS 0.1%