Filtered by vendor Nvidia
Subscribe
Total
721 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-5989 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.
|
|||||
| CVE-2020-5988 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.
|
|||||
| CVE-2020-5987 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or escalation of privileges. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.
|
|||||
| CVE-2020-5986 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.
|
|||||
| CVE-2020-5985 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.
|
|||||
| CVE-2020-5984 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.
|
|||||
| CVE-2020-5983 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.
|
|||||
| CVE-2020-5982 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) scheduler, in which the software does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests, which may lead to denial of service.
|
|||||
| CVE-2020-5981 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, which may lead to denial of service or code execution.
|
|||||
| CVE-2020-5980 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in multiple components in which a securely loaded system DLL will load its dependencies in an insecure fashion, which may lead to code execution or denial of service.
|
|||||
| CVE-2020-5979 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges.
|
|||||
| CVE-2020-5978 | 1 Nvidia | 1 Geforce Experience | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges.
|
|||||
| CVE-2020-5977 | 1 Nvidia | 1 Geforce Experience | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
|
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.
|
|||||
| CVE-2020-5976 | 4 Apple, Google, Microsoft and 1 more | 6 Macos, Android, Android Tv and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure.
|
|||||
| CVE-2020-5975 | 3 Apple, Microsoft, Nvidia | 3 Macos, Windows, Geforce Now | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure.
|
|||||
| CVE-2020-5974 | 1 Nvidia | 1 Jetpack Software Development Kit | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA JetPack SDK, version 4.2 and 4.3, contains a vulnerability in its installation scripts in which permissions are incorrectly set on certain directories, which can lead to escalation of privileges.
|
|||||
| CVE-2020-5973 | 2 Canonical, Nvidia | 2 Ubuntu Linux, Virtual Gpu | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).
|
|||||
| CVE-2020-5972 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).
|
|||||
| CVE-2020-5971 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads from a buffer by using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to code execution, denial of service, escalation of privileges, or information disclosure. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).
|
|||||
| CVE-2020-5970 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).
|
|||||
| CVE-2020-5969 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 3.3 LOW | 6.3 MEDIUM |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it validates a shared resource before using it, creating a race condition which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).
|
|||||
| CVE-2020-5968 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed by using an index or pointer, such as memory or files, which may lead to code execution, denial of service, escalation of privileges, or information disclosure. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).
|
|||||
| CVE-2020-5967 | 2 Canonical, Nvidia | 9 Ubuntu Linux, Geforce, Geforce Firmware and 6 more | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
|
NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which a race condition may lead to a denial of service.
|
|||||
| CVE-2020-5966 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, in which a NULL pointer is dereferenced, leading to denial of service or potential escalation of privileges.
|
|||||
| CVE-2020-5965 | 1 Nvidia | 8 Geforce, Geforce Firmware, Nvs and 5 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX 11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, leading to denial of service.
|
|||||
| CVE-2020-5964 | 2 Microsoft, Nvidia | 10 Windows, Geforce, Geforce Experience and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed. Such an attack may lead to code execution, denial of service or information disclosure.
|
|||||
| CVE-2020-5963 | 2 Canonical, Nvidia | 9 Ubuntu Linux, Geforce, Geforce Firmware and 6 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure.
|
|||||
| CVE-2020-5962 | 1 Nvidia | 8 Geforce, Geforce Firmware, Nvs and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.
|
|||||
| CVE-2020-5961 | 1 Nvidia | 1 Virtual Gpu Graphics Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource clean up on a failure path can impact the guest VM, leading to denial of service.
|
|||||
| CVE-2020-5960 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA Virtual GPU Manager contains a vulnerability in the kernel module (nvidia.ko), where a null pointer dereference may occur, which may lead to denial of service.
|
|||||
| CVE-2020-5959 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin in which an input index value is incorrectly validated which may lead to denial of service.
|
|||||
| CVE-2020-5958 | 2 Microsoft, Nvidia | 6 Windows, Geforce Experience, Quadro and 3 more | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can plant a malicious DLL file, which may lead to code execution, denial of service, or information disclosure.
|
|||||
| CVE-2020-5957 | 2 Microsoft, Nvidia | 6 Windows, Geforce Experience, Quadro and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.
|
|||||
| CVE-2020-11616 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which the Pseudo-Random Number Generator (PRNG) algorithm used in the JSOL package that implements the IPMI protocol is not cryptographically strong, which may lead to information disclosure.
|
|||||
| CVE-2020-11615 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure.
|
|||||
| CVE-2020-11489 | 2 Intel, Nvidia | 3 Bmc Firmware, Dgx-1, Dgx-2 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure.
|
|||||
| CVE-2020-11488 | 2 Intel, Nvidia | 3 Bmc Firmware, Dgx-1, Dgx-2 | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which software does not validate the RSA 1024 public key used to verify the firmware signature, which may lead to information disclosure or code execution.
|
|||||
| CVE-2020-11487 | 2 Intel, Nvidia | 4 Bmc Firmware, Dgx-1, Dgx-2 and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with weak ciphers may lead to information disclosure.
|
|||||
| CVE-2020-11486 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to remote code execution.
|
|||||
| CVE-2020-11485 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request, which can lead to information disclosure or code execution.
|
|||||