cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-0108,https://securityvulnerability.io/vulnerability/CVE-2024-0108,"NVIDIA Jetson Linux Vulnerability Allows Denial of Service, Code Execution, and Privilege Escalation","The NVIDIA Jetson Linux platform is affected by a vulnerability in the GPU Memory Management Unit (MMU) mapping process, specifically within the NvGPU error handling functions. When a mapping operation fails, the paths intended for error handling inadequately clean up the failed attempt, which could potentially be exploited by an attacker. This flaw may result in a denial of service and provide opportunities for code execution, raising serious concerns around privilege escalation and system integrity.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Tx1, Jetson Nano Series",8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-08T16:18:27.914Z,0
CVE-2023-25520,https://securityvulnerability.io/vulnerability/CVE-2023-25520,Denial of Service Vulnerability in NVIDIA Jetson Linux Driver Package,"The NVIDIA Jetson Linux Driver Package exhibits a vulnerability in the nvbootctrl component, allowing a privileged local attacker to configure invalid settings. This misconfiguration can result in a denial of service condition, impacting the functionality of the affected systems. It is crucial for users to monitor this issue and apply necessary mitigations to secure their installations.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-06-23T18:15:00.000Z,0
CVE-2022-42269,https://securityvulnerability.io/vulnerability/CVE-2022-42269,Information Disclosure Vulnerability in NVIDIA Trusted OS,"NVIDIA Trusted OS contains a significant security flaw within its SMC call handler that arises from the failure to validate untrusted inputs. This vulnerability permits highly privileged local attackers to potentially disclose sensitive information and compromise the integrity of the system. The potential consequences may extend to affecting various components within the platform, raising concerns over the confidential data managed by the system. Addressing this issue promptly is crucial for maintaining the integrity and security of NVIDIA Trusted OS.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx1, Jetson Tx2 Series, Jetson Tx2 Nx",7.9,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-12-30T00:00:00.000Z,0
CVE-2022-28196,https://securityvulnerability.io/vulnerability/CVE-2022-28196,Memory Buffer Overflow Vulnerability in NVIDIA Jetson Linux Driver Package,"The NVIDIA Jetson Linux Driver Package has a vulnerability in the Cboot blob_decompress function due to inadequate validation of untrusted data. This flaw allows a local attacker with elevated privileges to exploit the system, potentially causing a memory buffer overflow. Exploitation of this vulnerability can lead to unauthorized code execution, compromise system integrity, and may result in a limited denial of service. Furthermore, the implications of this vulnerability could extend to other components, emphasizing the need for immediate attention and remediation.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Nx, Jetson Tx2 Series",4.6,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-04-27T17:57:44.000Z,0
CVE-2021-1114,https://securityvulnerability.io/vulnerability/CVE-2021-1114,Use After Free Vulnerability in NVIDIA Linux Kernel Distributions,"A vulnerability exists in NVIDIA's Linux kernel distributions related to the kernel crypto node, allowing a Use After Free condition. This could potentially enable an attacker to trigger a complete denial of service, disrupting normal operations and affecting system stability. Users are advised to review the provided information and apply necessary patches to mitigate potential risks.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:07.000Z,0
CVE-2021-1113,https://securityvulnerability.io/vulnerability/CVE-2021-1113,Privilege Escalation Vulnerability in NVIDIA Camera Firmware,The NVIDIA camera firmware has a vulnerability that allows a highly privileged attacker to unauthorizedly modify camera resources. This exploitation can lead to significant service disruption and may result in partial data loss for all clients reliant on this firmware. It is crucial for users to apply the latest updates to mitigate this risk.,Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1",4.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:06.000Z,0
CVE-2021-1112,https://securityvulnerability.io/vulnerability/CVE-2021-1112,Null Pointer Dereference in NVIDIA Linux Kernel Distributions,"A vulnerability exists in NVIDIA Linux kernel distributions that affects the nvmap module, allowing a null pointer dereference issue. This flaw may lead to complete denial of service, impacting system stability and accessibility. Administrators are encouraged to review the relevant updates and apply necessary patches to mitigate the potential risks associated with this vulnerability.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1",5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:05.000Z,0
CVE-2021-1111,https://securityvulnerability.io/vulnerability/CVE-2021-1111,Buffer Overflow Vulnerability in NVIDIA Bootloader NV3P Server,"A buffer overflow vulnerability exists in the NV3P server of NVIDIA's Bootloader, allowing an adversary with physical access via USB to exploit an incorrect bounds check. This flaw may enable limited information disclosure, compromise data integrity, and cause a denial of service across multiple system components. Due to its design, the NV3P server is susceptible to unauthorized manipulation if physical access controls are not strictly enforced. Ensuring timely updates and access restrictions is crucial in mitigating potential risks associated with this vulnerability.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",6.7,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2021-08-11T21:33:04.000Z,0
CVE-2021-1109,https://securityvulnerability.io/vulnerability/CVE-2021-1109,Timing-Related Vulnerability in NVIDIA Camera Firmware,"NVIDIA camera firmware has a multistep vulnerability that arises during specific timing operations. This flaw allows unauthorized modifications to camera resources, potentially leading to data integrity loss and interruptions in service across multiple streams. Addressing this vulnerability is crucial to ensure the reliable performance of systems reliant on NVIDIA camera technology.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1.",7.2,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:02.000Z,0
CVE-2021-1108,https://securityvulnerability.io/vulnerability/CVE-2021-1108,Integer Underflow Vulnerability in NVIDIA Linux Kernel Distributions,"NVIDIA Linux kernel distributions are impacted by an integer underflow vulnerability in the FuSa Capture (VI/ISP) component. This vulnerability arises from insufficient input validation, potentially allowing attackers to exploit this flaw, which may result in a complete denial of service, compromised integrity, and severe confidentiality breaches across all processes within the operating system. Such vulnerabilities highlight the importance of ensuring robust input validation mechanisms to protect system integrity and confidentiality.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1,Shield Tv",7.3,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:01.000Z,0
CVE-2021-1107,https://securityvulnerability.io/vulnerability/CVE-2021-1107,Access Control Flaw in NVIDIA Linux Kernel Distributions,"A security issue in NVIDIA's Linux kernel distributions is present within the nvmap NVMAP_IOC_WRITE* interface due to insufficient access controls. This vulnerability can potentially allow unauthorized code execution, leading to a complete denial of service and a significant compromise of the integrity of system components. Users of affected products are advised to take the necessary precautions to mitigate risks associated with this flaw.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1,Shield Tv",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:00.000Z,0
CVE-2021-1106,https://securityvulnerability.io/vulnerability/CVE-2021-1106,Privilege Escalation and Data Tampering Vulnerability in NVIDIA Linux Kernel Distributions,"A vulnerability within NVIDIA's Linux kernel distributions affects the nvmap interface, allowing unauthorized write access to read-only buffers. This flaw can lead to significant risks, including privilege escalation, complete denial of service, and serious data tampering across all processes. Users and organizations utilizing these distributions need to prioritize applying the relevant updates to mitigate these security risks.",Nvidia,"Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1,Shield Tv",7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:32:58.000Z,0
CVE-2021-34384,https://securityvulnerability.io/vulnerability/CVE-2021-34384,Heap Overflow Vulnerability in NVIDIA Bootloader Software,"The NVIDIA bootloader software contains a vulnerability that can lead to a potential heap overflow, resulting in memory corruption. This issue poses risks, as it could be exploited to cause denial of service, allowing an attacker to disrupt normal operations or possibly execute arbitrary code, which could compromise system integrity. For more detailed information, refer to the official NVIDIA support documentation.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",6.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:37.000Z,0
CVE-2021-34383,https://securityvulnerability.io/vulnerability/CVE-2021-34383,Heap Overflow Vulnerability in NVIDIA Bootloader MB2,"NVIDIA MB2 Bootloader has a vulnerability that allows for a potential heap overflow. This could enable an attacker to exploit the system, resulting in a denial of service or the possibility to escalate privileges. It is essential for users of this bootloader to assess their systems and consider applying any available mitigations.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",6.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:36.000Z,0
CVE-2021-34380,https://securityvulnerability.io/vulnerability/CVE-2021-34380,Heap Overflow Vulnerability in NVIDIA Bootloader,"A vulnerability in the NVIDIA bootloader (MB2) allows for a potential heap overflow, which may corrupt the heap metadata. This could enable attackers to execute arbitrary code, disrupt service availability, or disclose sensitive information during the secure boot process.",Nvidia,"Nvidia Jetson Tx1, Tx2 Series, Tx2 Nx, Agx Xavier Series, Xavier Nx, Nano And Nano 2gb",7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:34.000Z,0
CVE-2021-34379,https://securityvulnerability.io/vulnerability/CVE-2021-34379,Memory Corruption Vulnerability in HDCP Service of Trusty by NVIDIA,"Trusty, a product by NVIDIA, has a vulnerability within its HDCP service that stems from inadequate bounds checking in command 10. This oversight allows the manipulation of the length of an I/O buffer parameter, potentially leading to memory corruption. If exploited, this vulnerability could compromise system integrity and security.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:33.000Z,0
CVE-2021-34378,https://securityvulnerability.io/vulnerability/CVE-2021-34378,Memory Buffer Vulnerability in NVIDIA Trusty HDCP Service,"NVIDIA Trusty has a vulnerability in its HDCP service where the lack of bounds checking in command 11 can potentially expose sensitive information. This vulnerability arises from improper restrictions on operations within the memory buffer, which may allow unauthorized access, triggering denial of service conditions, or leading to an escalation of privileges. Organizations using affected versions should apply appropriate security measures to mitigate potential risks.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:32.000Z,0
CVE-2021-34377,https://securityvulnerability.io/vulnerability/CVE-2021-34377,HDCP Service Vulnerability in Trusty by Nvidia,"Trusty by Nvidia is affected by a vulnerability in its HDCP service where a lack of bounds checking in command 9 allows for improper restrictions on operations. This oversight can lead to serious security implications, such as privilege escalation, unauthorized information disclosure, and potential denial of service, posing significant risks to system integrity.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:31.000Z,0
CVE-2021-34376,https://securityvulnerability.io/vulnerability/CVE-2021-34376,Memory Buffer Vulnerability in Trusty's HDCP Service by NVIDIA,"NVIDIA's Trusty HDCP service contains a vulnerability due to the absence of proper bounds checking in command 5. This oversight allows for potential exploitation that could result in denial of service, privilege escalation, and exposure of sensitive information. Cybersecurity practitioners must be vigilant to protect against threats arising from this vulnerability.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:30.000Z,0
CVE-2021-34375,https://securityvulnerability.io/vulnerability/CVE-2021-34375,Buffer Overflow Vulnerability in Trusted Applications by NVIDIA,"A vulnerability exists in NVIDIA Trusted Applications where the stack cookie is not adequately randomized. This flaw could be exploited to perform stack-based buffer overflow attacks, potentially leading to denial of service, privilege escalation, and unauthorized information disclosure.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:29.000Z,0
CVE-2021-34374,https://securityvulnerability.io/vulnerability/CVE-2021-34374,Input Buffer Validation Flaw in Trusty by NVIDIA,"The Trusty environment from NVIDIA includes a vulnerability in its command handlers, where the system fails to adequately verify the lengths of input buffers. This flaw can lead to severe issues including memory corruption, which may subsequently allow unauthorized disclosure of sensitive information, potential escalation of user privileges, and even denial of service. Ensuring proper validation of input lengths is crucial to maintaining the integrity and security of the system.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:28.000Z,0
CVE-2021-34397,https://securityvulnerability.io/vulnerability/CVE-2021-34397,Bootloader Vulnerability in NVIDIA MB2 Affecting NVIDIA Products,"A vulnerability exists in the NVIDIA MB2 bootloader that may lead to improper heap management, potentially resulting in a denial of service condition. This flaw can cause the system to mishandle memory allocation, potentially disrupting normal operations and affecting system stability. Users of impacted NVIDIA products should evaluate their systems and apply any available mitigations as outlined by the vendor.",Nvidia,"Nvidia Jetson Tx2 Series, Tx2 Nx, Agx Xavier Series, Xavier Nx",1.9,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-22T21:25:33.000Z,0
CVE-2021-34396,https://securityvulnerability.io/vulnerability/CVE-2021-34396,Access Control Vulnerability in NVIDIA Bootloader,"The NVIDIA bootloader has a security issue related to access permission settings that could allow unauthorized software to overwrite the MB2 code. This vulnerability could lead to potential disruptions in service, exposing the system to further exploitation.",Nvidia,"Nvidia Jetson Tx2 Series, Tx2 Nx",3,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-22T21:25:32.000Z,0
CVE-2021-34394,https://securityvulnerability.io/vulnerability/CVE-2021-34394,Buffer Overflow Vulnerability in NVIDIA Trusty OTE Protocol,"NVIDIA Trusty contains a vulnerability within the OTE protocol, affecting all Trusted Applications. The flaw results from improper message stream deserialization, which allows an attacker to exploit a malicious Certification Authority (CA) running at the user level. This can lead to a buffer overflow, potentially compromising data integrity and enabling unauthorized access to sensitive information.",Nvidia,"Nvidia Jetson Tx2 Series, Tx2 Nx, Agx Xavier Series, Xavier Nx",4.2,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2021-06-22T21:25:29.000Z,0
CVE-2021-34393,https://securityvulnerability.io/vulnerability/CVE-2021-34393,Deserialization Vulnerability in TSEC TA by NVIDIA,"NVIDIA's TSEC TA is affected by a vulnerability that arises from improper handling of deserialized incoming messages. Although TSEC TA does not expose any commands, the flaw allows attackers to exploit the deserialization process, potentially leading to unauthorized code execution and information disclosure. This interaction poses a significant risk to system integrity and confidentiality, highlighting the importance of securing software components against such vulnerabilities.",Nvidia,"Nvidia Jetson Tx2 Series, Tx2 Nx, Agx Xavier Series, Xavier Nx",4.2,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-22T21:25:27.000Z,0