Filtered by vendor Nvidia
Subscribe
Total
555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1065 | 5 Citrix, Nutanix, Nvidia and 2 more | 5 Hypervisor, Ahv, Virtual Gpu Manager and 2 more | 2021-01-11 | 3.6 LOW | 7.1 HIGH |
| NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||
| CVE-2021-1064 | 5 Citrix, Nutanix, Nvidia and 2 more | 5 Hypervisor, Ahv, Virtual Gpu Manager and 2 more | 2021-01-11 | 3.6 LOW | 7.1 HIGH |
| NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which it obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||
| CVE-2021-1063 | 5 Citrix, Nutanix, Nvidia and 2 more | 5 Hypervisor, Ahv, Virtual Gpu Manager and 2 more | 2021-01-11 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may lead to a buffer overread, which in turn may cause tampering of data, information disclosure, or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||
| CVE-2021-1061 | 5 Citrix, Nutanix, Nvidia and 2 more | 5 Hypervisor, Ahv, Virtual Gpu Manager and 2 more | 2021-01-11 | 3.3 LOW | 6.3 MEDIUM |
| NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||
| CVE-2020-5992 | 2 Microsoft, Nvidia | 2 Windows, Geforce Now | 2020-11-23 | 4.4 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges. | |||||
| CVE-2020-5991 | 2 Microsoft, Nvidia | 2 Windows, Cuda Toolkit | 2020-11-13 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure. | |||||
| CVE-2020-11487 | 2 Intel, Nvidia | 4 Bmc Firmware, Dgx-1, Dgx-2 and 1 more | 2020-11-12 | 5.0 MEDIUM | 7.5 HIGH |
| NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with weak ciphers may lead to information disclosure. | |||||
| CVE-2020-11485 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2020-11-05 | 6.8 MEDIUM | 8.8 HIGH |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request, which can lead to information disclosure or code execution. | |||||
| CVE-2020-11486 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2020-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to remote code execution. | |||||
| CVE-2020-11483 | 2 Intel, Nvidia | 3 Bmc Firmware, Dgx-1, Dgx-2 | 2020-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure. | |||||
| CVE-2020-11615 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2020-11-05 | 5.0 MEDIUM | 7.5 HIGH |
| NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure. | |||||
| CVE-2020-11488 | 2 Intel, Nvidia | 3 Bmc Firmware, Dgx-1, Dgx-2 | 2020-11-05 | 4.6 MEDIUM | 6.7 MEDIUM |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which software does not validate the RSA 1024 public key used to verify the firmware signature, which may lead to information disclosure or code execution. | |||||
| CVE-2020-5978 | 1 Nvidia | 1 Geforce Experience | 2020-10-27 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges. | |||||
| CVE-2020-5990 | 1 Nvidia | 1 Geforce Experience | 2020-10-27 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure. | |||||
| CVE-2020-5983 | 1 Nvidia | 1 Virtual Gpu Manager | 2020-10-14 | 3.6 LOW | 7.1 HIGH |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0. | |||||
| CVE-2020-5984 | 1 Nvidia | 1 Virtual Gpu Manager | 2020-10-14 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0. | |||||
| CVE-2020-5985 | 1 Nvidia | 1 Virtual Gpu Manager | 2020-10-14 | 3.6 LOW | 7.1 HIGH |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0. | |||||
| CVE-2020-5989 | 1 Nvidia | 1 Virtual Gpu Manager | 2020-10-13 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0. | |||||
| CVE-2020-5987 | 1 Nvidia | 1 Virtual Gpu Manager | 2020-10-13 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or escalation of privileges. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0. | |||||
| CVE-2020-5986 | 1 Nvidia | 1 Virtual Gpu Manager | 2020-10-13 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0. | |||||