Filtered by vendor Nvidia
Subscribe
Total
721 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-23219 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2024-11-21 | 1.9 LOW | 4.1 MEDIUM |
|
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.
|
|||||
| CVE-2021-23217 | 3 Linux, Microsoft, Nvidia | 65 Linux Kernel, Windows, Geforce Gt 605 and 62 more | 2024-11-21 | 6.9 MEDIUM | 7.5 HIGH |
|
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components.
|
|||||
| CVE-2021-23201 | 3 Linux, Microsoft, Nvidia | 37 Linux Kernel, Windows, Geforce Gtx 950 and 34 more | 2024-11-21 | 6.9 MEDIUM | 7.5 HIGH |
|
NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller, which may allow a user with elevated privileges to generate valid microcode by identifying, exploiting, and loading vulnerable microcode. Such an attack could lead to information disclosure, data corruption, or denial of service of the device. The scope may extend to other components.
|
|||||
| CVE-2021-23175 | 2 Microsoft, Nvidia | 2 Windows, Geforce Experience | 2024-11-21 | 4.4 MEDIUM | 8.2 HIGH |
|
NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does not correctly apply individual user access controls for users on the same device, which, with user intervention, may lead to escalation of privileges, information disclosure, data tampering, and denial of service, affecting other resources beyond the intended security authority of GameStream.
|
|||||
| CVE-2021-1125 | 3 Linux, Microsoft, Nvidia | 109 Linux Kernel, Windows, Dgx-1 P100 and 106 more | 2024-11-21 | 4.9 MEDIUM | 4.1 MEDIUM |
|
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data.
|
|||||
| CVE-2021-1123 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can deadlock, which may lead to denial of service.
|
|||||
| CVE-2021-1122 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service.
|
|||||
| CVE-2021-1121 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel driver, where a vGPU can cause resource starvation among other vGPUs hosted on the same GPU, which may lead to denial of service.
|
|||||
| CVE-2021-1120 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 4.6 MEDIUM | 7.0 HIGH |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a string provided by the guest OS may not be properly null terminated. The guest OS or attacker has no ability to push content to the plugin through this vulnerability, which may lead to information disclosure, data tampering, unauthorized code execution, and denial of service.
|
|||||
| CVE-2021-1119 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. This flaw may result in a write-what-where condition, allowing an attacker to execute arbitrary code impacting integrity and availability.
|
|||||
| CVE-2021-1118 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to execute privileged operations by the guest OS, which may lead to information disclosure, data tampering, escalation of privileges, and denial of service
|
|||||
| CVE-2021-1117 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
|
Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an attacker through specific configuration and with local unprivileged system access may cause improper input validation, which may lead to denial of service.
|
|||||
| CVE-2021-1116 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.
|
|||||
| CVE-2021-1115 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
|
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs, where an attacker with local unprivileged system access may cause a NULL pointer dereference, which may lead to denial of service in a component beyond the vulnerable component.
|
|||||
| CVE-2021-1114 | 1 Nvidia | 5 Jetson Agx Xavier, Jetson Linux, Jetson Tx2 and 2 more | 2024-11-21 | 4.9 MEDIUM | 4.4 MEDIUM |
|
NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, where use after free may lead to complete denial of service.
|
|||||
| CVE-2021-1113 | 1 Nvidia | 8 Jetson Agx Xavier, Jetson Linux, Jetson Nano and 5 more | 2024-11-21 | 5.4 MEDIUM | 4.7 MEDIUM |
|
NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification to camera resources, which may result in complete denial of service and partial loss of data integrity for all clients.
|
|||||
| CVE-2021-1112 | 1 Nvidia | 8 Jetson Agx Xavier, Jetson Linux, Jetson Nano and 5 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.
|
|||||
| CVE-2021-1111 | 1 Nvidia | 5 Jetson Agx Xavier, Jetson Linux, Jetson Tx2 and 2 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components.
|
|||||
| CVE-2021-1110 | 1 Nvidia | 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx | 2024-11-21 | 6.6 MEDIUM | 7.1 HIGH |
|
NVIDIA Linux kernel distributions on Jetson Xavier contain a vulnerability in camera firmware where a user can change input data after validation, which may lead to complete denial of service and serious data corruption of all kernel components.
|
|||||
| CVE-2021-1109 | 1 Nvidia | 8 Jetson Agx Xavier, Jetson Linux, Jetson Nano and 5 more | 2024-11-21 | 3.3 LOW | 7.2 HIGH |
|
NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams.
|
|||||
| CVE-2021-1108 | 1 Nvidia | 10 Jetson Agx Xavier, Jetson Linux, Jetson Nano and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.3 HIGH |
|
NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system.
|
|||||
| CVE-2021-1107 | 1 Nvidia | 10 Jetson Agx Xavier, Jetson Linux, Jetson Nano and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components.
|
|||||
| CVE-2021-1106 | 1 Nvidia | 10 Jetson Agx Xavier, Jetson Linux, Jetson Nano and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system.
|
|||||
| CVE-2021-1105 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2024-11-21 | 2.1 LOW | 4.1 MEDIUM |
|
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.
|
|||||
| CVE-2021-1103 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).
|
|||||
| CVE-2021-1102 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can lead to floating point exceptions, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).
|
|||||
| CVE-2021-1101 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).
|
|||||
| CVE-2021-1100 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 2.1 LOW | 6.2 MEDIUM |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia.ko), in which a pointer to a user-space buffer is not validated before it is dereferenced, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).
|
|||||
| CVE-2021-1099 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 4.6 MEDIUM | 7.0 HIGH |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. Such an attack may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).
|
|||||
| CVE-2021-1098 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doesn't release some resources during driver unload requests from guests. This flaw allows a malicious guest to perform operations by reusing those resources, which may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).
|
|||||
| CVE-2021-1097 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it improperly validates the length field in a request from a guest. This flaw allows a malicious guest to send a length field that is inconsistent with the actual length of the input, which may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).
|
|||||
| CVE-2021-1096 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where dereferencing a NULL pointer may lead to a system crash.
|
|||||
| CVE-2021-1095 | 2 Debian, Nvidia | 2 Debian Linux, Gpu Display Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service.
|
|||||
| CVE-2021-1094 | 2 Debian, Nvidia | 2 Debian Linux, Gpu Display Driver | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
|
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure.
|
|||||
| CVE-2021-1093 | 2 Debian, Nvidia | 2 Debian Linux, Gpu Display Driver | 2024-11-21 | 4.9 MEDIUM | 6.2 MEDIUM |
|
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.
|
|||||
| CVE-2021-1092 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel application where it is susceptible to a Windows file system symbolic link attack where an unprivileged attacker can cause the applications to overwrite privileged files, resulting in potential denial of service or data loss.
|
|||||
| CVE-2021-1091 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create a file hard link that causes the driver to overwrite a file that requires elevated privilege to modify, which could lead to data loss or denial of service.
|
|||||
| CVE-2021-1090 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for control calls where the software reads or writes to a buffer by using an index or pointer that references a memory location after the end of the buffer, which may lead to data tampering or denial of service.
|
|||||
| CVE-2021-1089 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled DLL loading path may lead to arbitrary code execution, denial of service, information disclosure, and data tampering.
|
|||||
| CVE-2021-1088 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2024-11-21 | 2.1 LOW | 4.1 MEDIUM |
|
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.
|
|||||