Filtered by vendor Nvidia
Subscriptions
Total
770 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-33226 | 1 Nvidia | 1 Nemo | 2025-12-17 | 7.8 High |
| NVIDIA NeMo Framework for all platforms contains a vulnerability where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-33212 | 1 Nvidia | 1 Nemo | 2025-12-17 | 7.3 High |
| NVIDIA NeMo Framework contains a vulnerability in model loading that could allow an attacker to exploit improper control mechanisms if a user loads a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, and data tampering. | ||||
| CVE-2025-33210 | 1 Nvidia | 1 Isaac Lab | 2025-12-16 | 9 Critical |
| NVIDIA Isaac Lab contains a deserialization vulnerability. A successful exploit of this vulnerability might lead to code execution. | ||||
| CVE-2025-33225 | 2 Linux, Nvidia | 2 Linux, Resiliency Extension | 2025-12-16 | 8.4 High |
| NVIDIA Resiliency Extension for Linux contains a vulnerability in log aggregation, where an attacker could cause predictable log-file names. A successful exploit of this vulnerability may lead to escalation of privileges, code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2025-33235 | 2 Linux, Nvidia | 2 Linux, Resiliency Extension | 2025-12-16 | 7.8 High |
| NVIDIA Resiliency Extension for Linux contains a vulnerability in the checkpointing core, where an attacker may cause a race condition. A successful exploit of this vulnerability might lead to information disclosure, data tampering, denial of service, or escalation of privileges. | ||||
| CVE-2025-23260 | 1 Nvidia | 1 Aistore | 2025-12-15 | 5 Medium |
| NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure. | ||||
| CVE-2025-23361 | 1 Nvidia | 1 Nemo | 2025-12-11 | 7.8 High |
| NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-33178 | 1 Nvidia | 1 Nemo | 2025-12-11 | 7.8 High |
| NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to Code execution, Escalation of privileges, Information disclosure, and Data tampering. | ||||
| CVE-2025-33214 | 2 Linux, Nvidia | 2 Linux, Nvtabular | 2025-12-10 | 8.8 High |
| NVIDIA NVTabular for Linux contains a vulnerability in the Workflow component, where a user could cause a deserialization issue. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2025-33213 | 1 Nvidia | 1 Merlin Transformers4rec | 2025-12-10 | 8.8 High |
| NVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in the Trainer component, where a user could cause a deserialization issue. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2025-33202 | 3 Linux, Microsoft, Nvidia | 4 Linux, Linux Kernel, Windows and 1 more | 2025-12-08 | 6.5 Medium |
| NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large payloads. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2025-33201 | 2 Linux, Nvidia | 2 Linux Kernel, Triton Inference Server | 2025-12-05 | 7.5 High |
| NVIDIA Triton Inference Server contains a vulnerability where an attacker may cause an improper check for unusual or exceptional conditions issue by sending extra large payloads. A successful exploit of this vulnerability may lead to denial of service. | ||||
| CVE-2025-33211 | 2 Linux, Nvidia | 3 Linux, Linux Kernel, Triton Inference Server | 2025-12-05 | 7.5 High |
| NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified quantity in input. A successful exploit of this vulnerability may lead to denial of service. | ||||
| CVE-2025-33208 | 1 Nvidia | 1 Tao | 2025-12-04 | 8.8 High |
| NVIDIA TAO contains a vulnerability where an attacker may cause a resource to be loaded via an uncontrolled search path. A successful exploit of this vulnerability may lead to escalation of privileges, data tampering, denial of service, information disclosure. | ||||
| CVE-2025-33195 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-12-02 | 4.4 Medium |
| NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unexpected memory buffer operations. A successful exploit of this vulnerability might lead to data tampering, denial of service, or escalation of privileges. | ||||
| CVE-2025-33196 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-12-02 | 4.4 Medium |
| NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure. | ||||
| CVE-2025-33197 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-12-02 | 4.3 Medium |
| NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a NULL pointer dereference. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2025-33199 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-12-02 | 3.2 Low |
| NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. A successful exploit of this vulnerability might lead to data tampering. | ||||
| CVE-2025-33200 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-12-02 | 2.3 Low |
| NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure. | ||||
| CVE-2025-33187 | 1 Nvidia | 3 Dgx, Dgx Os, Dgx Spark | 2025-11-28 | 9.3 Critical |
| NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to SoC protected areas. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, denial of service, or escalation of privileges. | ||||