Filtered by vendor Nvidia
Subscribe
Search
Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31605 | 1 Nvidia | 1 Nvflare | 2022-07-13 | 7.5 HIGH | 9.8 CRITICAL |
| NVFLARE, versions prior to 2.1.2, contains a vulnerability in its utils module, where YAML files are loaded via yaml.load() instead of yaml.safe_load(). The deserialization of Untrusted Data, may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity. | |||||
| CVE-2022-31604 | 1 Nvidia | 1 Nvflare | 2022-07-13 | 7.5 HIGH | 9.8 CRITICAL |
| NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI implementation module, where The CA credentials are transported via pickle and no safe deserialization. The deserialization of Untrusted Data may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity. | |||||
| CVE-2022-21817 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Omniverse Launcher | 2022-02-07 | 5.8 MEDIUM | 9.3 CRITICAL |
| NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity. | |||||
| CVE-2020-11486 | 2 Intel, Nvidia | 2 Bmc Firmware, Dgx-1 | 2020-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product's environment, which may lead to remote code execution. | |||||
| CVE-2020-11483 | 2 Intel, Nvidia | 3 Bmc Firmware, Dgx-1, Dgx-2 | 2020-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure. | |||||
| CVE-2019-15788 | 1 Nvidia | 1 Clara Genomics Analysis | 2019-09-03 | 7.5 HIGH | 9.8 CRITICAL |
| Clara Genomics Analysis before 0.2.0 has an integer overflow for cudapoa memory management in allocate_block.cpp. | |||||
| CVE-2019-5685 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2019-08-13 | 10.0 HIGH | 9.8 CRITICAL |
| NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution. | |||||
| CVE-2019-5684 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2019-08-13 | 10.0 HIGH | 10.0 CRITICAL |
| NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution. | |||||
| CVE-2019-5672 | 1 Nvidia | 2 Jetson Tx1, Jetson Tx2 | 2019-04-25 | 6.4 MEDIUM | 9.1 CRITICAL |
| NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure. | |||||