Filtered by vendor Nvidia
Subscriptions
Total
770 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-33188 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-11-28 | 8 High |
| NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service. | ||||
| CVE-2025-33189 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-11-28 | 7.8 High |
| NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, information disclosure, or escalation of privileges. | ||||
| CVE-2025-33190 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-11-28 | 6.7 Medium |
| NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or escalation of privileges. | ||||
| CVE-2025-33191 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-11-28 | 5.7 Medium |
| NVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause an invalid memory read. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2025-33192 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-11-28 | 5.7 Medium |
| NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2025-33193 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-11-28 | 5.7 Medium |
| NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper validation of integrity. A successful exploit of this vulnerability might lead to information disclosure. | ||||
| CVE-2025-33194 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-11-28 | 5.7 Medium |
| NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service. | ||||
| CVE-2025-33204 | 1 Nvidia | 1 Nemo | 2025-11-27 | 7.8 High |
| NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-33198 | 1 Nvidia | 1 Dgx | 2025-11-27 | 3.3 Low |
| NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure. | ||||
| CVE-2025-33203 | 1 Nvidia | 1 Nemo | 2025-11-27 | 7.6 High |
| NVIDIA NeMo Agent Toolkit UI for Web contains a vulnerability in the chat API endpoint where an attacker may cause a Server-Side Request Forgery. A successful exploit of this vulnerability may lead to information disclosure and denial of service. | ||||
| CVE-2025-33205 | 1 Nvidia | 1 Nemo | 2025-11-27 | 7.3 High |
| NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution. | ||||
| CVE-2025-33184 | 1 Nvidia | 1 Isaac-gr00t | 2025-11-19 | 7.8 High |
| NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-33183 | 1 Nvidia | 1 Isaac-gr00t | 2025-11-19 | 7.8 High |
| NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-23357 | 1 Nvidia | 1 Megatron-lm | 2025-11-14 | 7.8 High |
| NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, data tampering. | ||||
| CVE-2025-33185 | 1 Nvidia | 1 Aistore | 2025-11-14 | 5.3 Medium |
| NVIDIA AIStore contains a vulnerability in AuthN where an unauthenticated user may cause information disclosure. A successful exploit of this vulnerability may lead to information disclosure. | ||||
| CVE-2025-33186 | 1 Nvidia | 1 Aistore | 2025-11-14 | 8.8 High |
| NVIDIA AIStore contains a vulnerability in AuthN. A successful exploit of this vulnerability might lead to escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-23358 | 2 Microsoft, Nvidia | 2 Windows, App | 2025-11-06 | 8.2 High |
| NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successful exploit of this vulnerability might lead to code execution and escalation of privileges. | ||||
| CVE-2025-33176 | 1 Nvidia | 1 Runai | 2025-11-06 | 6.2 Medium |
| NVIDIA RunAI for all platforms contains a vulnerability where a user could cause an improper restriction of communications channels on an adjacent network. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, and information disclosure. | ||||
| CVE-2025-23267 | 1 Nvidia | 1 Container Toolkit | 2025-11-04 | 8.5 High |
| NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service. | ||||
| CVE-2024-0071 | 1 Nvidia | 5 Geforce, Gpu Display Driver, Quadro and 2 more | 2025-11-04 | 7.8 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds write. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||