cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-0108,https://securityvulnerability.io/vulnerability/CVE-2024-0108,"NVIDIA Jetson Linux Vulnerability Allows Denial of Service, Code Execution, and Privilege Escalation","The NVIDIA Jetson Linux platform is affected by a vulnerability in the GPU Memory Management Unit (MMU) mapping process, specifically within the NvGPU error handling functions. When a mapping operation fails, the paths intended for error handling inadequately clean up the failed attempt, which could potentially be exploited by an attacker. This flaw may result in a denial of service and provide opportunities for code execution, raising serious concerns around privilege escalation and system integrity.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Tx1, Jetson Nano Series",8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-08T16:18:27.914Z,0
CVE-2023-25520,https://securityvulnerability.io/vulnerability/CVE-2023-25520,Denial of Service Vulnerability in NVIDIA Jetson Linux Driver Package,"The NVIDIA Jetson Linux Driver Package exhibits a vulnerability in the nvbootctrl component, allowing a privileged local attacker to configure invalid settings. This misconfiguration can result in a denial of service condition, impacting the functionality of the affected systems. It is crucial for users to monitor this issue and apply necessary mitigations to secure their installations.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-06-23T18:15:00.000Z,0
CVE-2023-25518,https://securityvulnerability.io/vulnerability/CVE-2023-25518,Memory Access Vulnerability in NVIDIA Jetson's CBoot Component,"NVIDIA Jetson devices contain a vulnerability in the CBoot component resulting from improper initialization of the PCIe controller without IOMMU support. This weakness allows attackers with physical access to exploit the device by reading from and writing to arbitrary memory regions. Successful exploits could lead to severe consequences, including unauthorized code execution, denial of service, and potential information leaks that compromise data integrity.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx",7.1,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2023-06-23T18:15:00.000Z,0
CVE-2022-42269,https://securityvulnerability.io/vulnerability/CVE-2022-42269,Information Disclosure Vulnerability in NVIDIA Trusted OS,"NVIDIA Trusted OS contains a significant security flaw within its SMC call handler that arises from the failure to validate untrusted inputs. This vulnerability permits highly privileged local attackers to potentially disclose sensitive information and compromise the integrity of the system. The potential consequences may extend to affecting various components within the platform, raising concerns over the confidential data managed by the system. Addressing this issue promptly is crucial for maintaining the integrity and security of NVIDIA Trusted OS.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx1, Jetson Tx2 Series, Jetson Tx2 Nx",7.9,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-12-30T00:00:00.000Z,0
CVE-2022-42270,https://securityvulnerability.io/vulnerability/CVE-2022-42270,Stack-based Buffer Overflow in NVIDIA Linux Distributions,"NVIDIA Linux distributions contain a vulnerability in the nvdla_emu_task_submit function, where unvalidated input can lead to a stack-based buffer overflow in kernel code. This flaw may allow local attackers to execute malicious code, potentially leading to privilege escalation, impaired integrity, compromised confidentiality, and service disruptions.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Agx Orin Series",7.8,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2022-12-30T00:00:00.000Z,0
CVE-2022-28197,https://securityvulnerability.io/vulnerability/CVE-2022-28197,Integer Overflow in NVIDIA Jetson Linux Driver Package Due to Insufficient Data Validation,"A vulnerability exists in the NVIDIA Jetson Linux Driver Package due to insufficient validation of untrusted data in the Cboot ext4_mount function. This flaw may allow a highly privileged local attacker to exploit an integer overflow, potentially leading to serious consequences such as code execution, privilege escalation, and Denial of Service (DoS) conditions. The impact of this vulnerability can extend to other components, posing risks to confidentiality and integrity.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx",5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2022-04-27T17:57:53.000Z,0
CVE-2022-28196,https://securityvulnerability.io/vulnerability/CVE-2022-28196,Memory Buffer Overflow Vulnerability in NVIDIA Jetson Linux Driver Package,"The NVIDIA Jetson Linux Driver Package has a vulnerability in the Cboot blob_decompress function due to inadequate validation of untrusted data. This flaw allows a local attacker with elevated privileges to exploit the system, potentially causing a memory buffer overflow. Exploitation of this vulnerability can lead to unauthorized code execution, compromise system integrity, and may result in a limited denial of service. Furthermore, the implications of this vulnerability could extend to other components, emphasizing the need for immediate attention and remediation.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Nx, Jetson Tx2 Series",4.6,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-04-27T17:57:44.000Z,0
CVE-2022-28195,https://securityvulnerability.io/vulnerability/CVE-2022-28195,Integer Overflow Vulnerability in NVIDIA Jetson Linux Driver Package,"The NVIDIA Jetson Linux Driver Package presents a vulnerability in the Cboot ext4_read_file function due to insufficient validation of untrusted data. This flaw can be exploited by local attackers with high privileges, potentially causing an integer overflow. The impact of this issue may lead to unauthorized code execution, privilege escalation, limited denial of service, and threats to confidentiality and integrity of the system. The ramifications of this vulnerability can extend to other system components, emphasizing the importance of prompt remediation.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx",5.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2022-04-27T17:57:35.000Z,0
CVE-2022-28194,https://securityvulnerability.io/vulnerability/CVE-2022-28194,Memory Buffer Overflow in NVIDIA Jetson Linux Driver Package Cboot Module,"The NVIDIA Jetson Linux Driver Package has a security flaw in its Cboot module (tegrabl_cbo.c). When TFTP is enabled, a local attacker with elevated privileges can exploit this vulnerability to trigger a memory buffer overflow. This could lead to unauthorized code execution, compromising system integrity, resulting in a limited denial of service, and potentially affecting data confidentiality.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx",7.3,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-04-27T17:57:27.000Z,0
CVE-2022-28193,https://securityvulnerability.io/vulnerability/CVE-2022-28193,Memory Buffer Overflow Vulnerability in NVIDIA Jetson Linux Driver Package,"The NVIDIA Jetson Linux Driver Package is affected by a vulnerability in the Cboot module within the tegrabl_cbo.c file, where insufficient validation of untrusted data can lead to a memory buffer overflow. This flaw may allow a local attacker with elevated privileges to execute arbitrary code, potentially compromising system integrity and confidentiality, while also enabling limited denial of service scenarios.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx",5.6,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-04-27T17:57:17.000Z,0
CVE-2021-1114,https://securityvulnerability.io/vulnerability/CVE-2021-1114,Use After Free Vulnerability in NVIDIA Linux Kernel Distributions,"A vulnerability exists in NVIDIA's Linux kernel distributions related to the kernel crypto node, allowing a Use After Free condition. This could potentially enable an attacker to trigger a complete denial of service, disrupting normal operations and affecting system stability. Users are advised to review the provided information and apply necessary patches to mitigate potential risks.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:07.000Z,0
CVE-2021-1113,https://securityvulnerability.io/vulnerability/CVE-2021-1113,Privilege Escalation Vulnerability in NVIDIA Camera Firmware,The NVIDIA camera firmware has a vulnerability that allows a highly privileged attacker to unauthorizedly modify camera resources. This exploitation can lead to significant service disruption and may result in partial data loss for all clients reliant on this firmware. It is crucial for users to apply the latest updates to mitigate this risk.,Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1",4.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:06.000Z,0
CVE-2021-1112,https://securityvulnerability.io/vulnerability/CVE-2021-1112,Null Pointer Dereference in NVIDIA Linux Kernel Distributions,"A vulnerability exists in NVIDIA Linux kernel distributions that affects the nvmap module, allowing a null pointer dereference issue. This flaw may lead to complete denial of service, impacting system stability and accessibility. Administrators are encouraged to review the relevant updates and apply necessary patches to mitigate the potential risks associated with this vulnerability.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1",5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:05.000Z,0
CVE-2021-1111,https://securityvulnerability.io/vulnerability/CVE-2021-1111,Buffer Overflow Vulnerability in NVIDIA Bootloader NV3P Server,"A buffer overflow vulnerability exists in the NV3P server of NVIDIA's Bootloader, allowing an adversary with physical access via USB to exploit an incorrect bounds check. This flaw may enable limited information disclosure, compromise data integrity, and cause a denial of service across multiple system components. Due to its design, the NV3P server is susceptible to unauthorized manipulation if physical access controls are not strictly enforced. Ensuring timely updates and access restrictions is crucial in mitigating potential risks associated with this vulnerability.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",6.7,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2021-08-11T21:33:04.000Z,0
CVE-2021-1110,https://securityvulnerability.io/vulnerability/CVE-2021-1110,Camera Firmware Input Data Manipulation in NVIDIA Jetson Xavier,"A vulnerability exists in the camera firmware of NVIDIA Jetson Xavier Linux kernel distributions which allows a user to manipulate input data after it has been validated. This issue could result in a complete denial of service and serious data corruption across all kernel components, posing significant risks to system stability and data integrity.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx.",7.1,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:03.000Z,0
CVE-2021-1109,https://securityvulnerability.io/vulnerability/CVE-2021-1109,Timing-Related Vulnerability in NVIDIA Camera Firmware,"NVIDIA camera firmware has a multistep vulnerability that arises during specific timing operations. This flaw allows unauthorized modifications to camera resources, potentially leading to data integrity loss and interruptions in service across multiple streams. Addressing this vulnerability is crucial to ensure the reliable performance of systems reliant on NVIDIA camera technology.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1.",7.2,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:02.000Z,0
CVE-2021-1108,https://securityvulnerability.io/vulnerability/CVE-2021-1108,Integer Underflow Vulnerability in NVIDIA Linux Kernel Distributions,"NVIDIA Linux kernel distributions are impacted by an integer underflow vulnerability in the FuSa Capture (VI/ISP) component. This vulnerability arises from insufficient input validation, potentially allowing attackers to exploit this flaw, which may result in a complete denial of service, compromised integrity, and severe confidentiality breaches across all processes within the operating system. Such vulnerabilities highlight the importance of ensuring robust input validation mechanisms to protect system integrity and confidentiality.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1,Shield Tv",7.3,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:01.000Z,0
CVE-2021-1107,https://securityvulnerability.io/vulnerability/CVE-2021-1107,Access Control Flaw in NVIDIA Linux Kernel Distributions,"A security issue in NVIDIA's Linux kernel distributions is present within the nvmap NVMAP_IOC_WRITE* interface due to insufficient access controls. This vulnerability can potentially allow unauthorized code execution, leading to a complete denial of service and a significant compromise of the integrity of system components. Users of affected products are advised to take the necessary precautions to mitigate risks associated with this flaw.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1,Shield Tv",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:00.000Z,0
CVE-2021-1106,https://securityvulnerability.io/vulnerability/CVE-2021-1106,Privilege Escalation and Data Tampering Vulnerability in NVIDIA Linux Kernel Distributions,"A vulnerability within NVIDIA's Linux kernel distributions affects the nvmap interface, allowing unauthorized write access to read-only buffers. This flaw can lead to significant risks, including privilege escalation, complete denial of service, and serious data tampering across all processes. Users and organizations utilizing these distributions need to prioritize applying the relevant updates to mitigate these security risks.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1,Shield Tv",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:32:58.000Z,0
CVE-2021-34384,https://securityvulnerability.io/vulnerability/CVE-2021-34384,Heap Overflow Vulnerability in NVIDIA Bootloader Software,"The NVIDIA bootloader software contains a vulnerability that can lead to a potential heap overflow, resulting in memory corruption. This issue poses risks, as it could be exploited to cause denial of service, allowing an attacker to disrupt normal operations or possibly execute arbitrary code, which could compromise system integrity. For more detailed information, refer to the official NVIDIA support documentation.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",6.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:37.000Z,0
CVE-2021-34383,https://securityvulnerability.io/vulnerability/CVE-2021-34383,Heap Overflow Vulnerability in NVIDIA Bootloader MB2,"NVIDIA MB2 Bootloader has a vulnerability that allows for a potential heap overflow. This could enable an attacker to exploit the system, resulting in a denial of service or the possibility to escalate privileges. It is essential for users of this bootloader to assess their systems and consider applying any available mitigations.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",6.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:36.000Z,0
CVE-2021-34380,https://securityvulnerability.io/vulnerability/CVE-2021-34380,Heap Overflow Vulnerability in NVIDIA Bootloader,"A vulnerability in the NVIDIA bootloader (MB2) allows for a potential heap overflow, which may corrupt the heap metadata. This could enable attackers to execute arbitrary code, disrupt service availability, or disclose sensitive information during the secure boot process.",Nvidia,"Nvidia Jetson Tx1, Tx2 Series, Tx2 Nx, Agx Xavier Series, Xavier Nx, Nano And Nano 2gb",7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:34.000Z,0
CVE-2021-34379,https://securityvulnerability.io/vulnerability/CVE-2021-34379,Memory Corruption Vulnerability in HDCP Service of Trusty by NVIDIA,"Trusty, a product by NVIDIA, has a vulnerability within its HDCP service that stems from inadequate bounds checking in command 10. This oversight allows the manipulation of the length of an I/O buffer parameter, potentially leading to memory corruption. If exploited, this vulnerability could compromise system integrity and security.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:33.000Z,0
CVE-2021-34378,https://securityvulnerability.io/vulnerability/CVE-2021-34378,Memory Buffer Vulnerability in NVIDIA Trusty HDCP Service,"NVIDIA Trusty has a vulnerability in its HDCP service where the lack of bounds checking in command 11 can potentially expose sensitive information. This vulnerability arises from improper restrictions on operations within the memory buffer, which may allow unauthorized access, triggering denial of service conditions, or leading to an escalation of privileges. Organizations using affected versions should apply appropriate security measures to mitigate potential risks.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:32.000Z,0
CVE-2021-34377,https://securityvulnerability.io/vulnerability/CVE-2021-34377,HDCP Service Vulnerability in Trusty by Nvidia,"Trusty by Nvidia is affected by a vulnerability in its HDCP service where a lack of bounds checking in command 9 allows for improper restrictions on operations. This oversight can lead to serious security implications, such as privilege escalation, unauthorized information disclosure, and potential denial of service, posing significant risks to system integrity.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:31.000Z,0