Filtered by vendor Nvidia
Subscriptions
Total
587 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-11486 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2024-11-21 | 9.8 Critical |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to remote code execution. | ||||
| CVE-2020-11485 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2024-11-21 | 8.8 High |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request, which can lead to information disclosure or code execution. | ||||
| CVE-2020-11484 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2024-11-21 | 4.9 Medium |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a vulnerability in the AMI BMC firmware in which an attacker with administrative privileges can obtain the hash of the BMC/IPMI user password, which may lead to information disclosure. | ||||
| CVE-2020-11483 | 2 Intel, Nvidia | 3 Bmc Firmware, Dgx-1, Dgx-2 | 2024-11-21 | 9.8 Critical |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure. | ||||
| CVE-2019-5702 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2024-11-21 | 7.8 High |
| NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. | ||||
| CVE-2019-5701 | 1 Nvidia | 1 Geforce Experience | 2024-11-21 | 7.8 High |
| NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service, information disclosure, or escalation of privileges through code execution. | ||||
| CVE-2019-5700 | 2 Google, Nvidia | 2 Android, Shield Experience | 2024-11-21 | 7.8 High |
| NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vulnerability in the bootloader, where it does not validate the fields of the boot image, which may lead to code execution, denial of service, escalation of privileges, and information disclosure. | ||||
| CVE-2019-5699 | 2 Google, Nvidia | 2 Android, Shield Experience | 2024-11-21 | 7.8 High |
| NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader contains a vulnerability where the software performs an incorrect bounds check, which may lead to buffer overflow resulting in escalation of privileges and code execution. escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges. | ||||
| CVE-2019-5698 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 4.4 Medium |
| NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin, in which an input index value is incorrectly validated, which may lead to denial of service. | ||||
| CVE-2019-5697 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 7.1 High |
| NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which it may grant a guest access to memory that it does not own, which may lead to information disclosure or denial of service. | ||||
| CVE-2019-5696 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 5.5 Medium |
| NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of service. | ||||
| CVE-2019-5695 | 2 Microsoft, Nvidia | 3 Windows, Geforce Experience, Gpu Driver | 2024-11-21 | 6.5 Medium |
| NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. | ||||
| CVE-2019-5694 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 6.5 Medium |
| NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. The attacker requires local system access. | ||||
| CVE-2019-5693 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 5.5 Medium |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which may lead to denial of service. | ||||
| CVE-2019-5692 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.8 High |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the product uses untrusted input when calculating or using an array index, which may lead to escalation of privileges or denial of service. | ||||
| CVE-2019-5691 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.8 High |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a NULL pointer is dereferenced, which may lead to denial of service or escalation of privileges. | ||||
| CVE-2019-5690 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.8 High |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the size of an input buffer is not validated, which may lead to denial of service or escalation of privileges. | ||||
| CVE-2019-5689 | 1 Nvidia | 1 Geforce Experience | 2024-11-21 | 7.8 High |
| NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or information disclosure. | ||||
| CVE-2019-5688 | 2 Microsoft, Nvidia | 4 Windows, Gpumodeswitch, Nvflash and 1 more | 2024-11-21 | 6.7 Medium |
| NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver (nvflash.sys, nvflsh32.sys, and nvflsh64.sys) contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of other devices not managed by NVIDIA, which may lead to escalation of privileges, information disclosure, or denial of service. | ||||
| CVE-2019-5687 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | N/A |
| NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor | ||||