cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-0114,https://securityvulnerability.io/vulnerability/CVE-2024-0114,NVIDIA Hopper HGX Management Controller Security Flaw,"The NVIDIA Hopper HGX for 8-GPU harbors a vulnerability within the HGX Management Controller (HMC). This flaw may grant a malicious actor with administrative access on the Baseboard Management Controller (BMC) the ability to access the HMC with elevated permissions. Exploitation of this vulnerability could facilitate various malicious activities, including unauthorized code execution, denial of service attacks, privilege escalation, information disclosure, and potential tampering of sensitive data.",Nvidia,Nvidia Hopper Hgx 8-gpu,8.1,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-03-05T01:34:16.941Z,108
CVE-2024-0141,https://securityvulnerability.io/vulnerability/CVE-2024-0141,GPU vBIOS Vulnerability in NVIDIA Hopper HGX for 8-GPU,"A vulnerability in the vBIOS of the NVIDIA Hopper HGX for 8-GPU could allow attackers with tenant-level GPU access to modify an unsupported registry. This may lead to potential service disruptions, causing denial of service for affected systems.",Nvidia,Nvidia Hopper Hgx 8-gpu,6.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-03-05T01:33:55.125Z,0
CVE-2024-53879,https://securityvulnerability.io/vulnerability/CVE-2024-53879,Denial of Service Vulnerability in NVIDIA CUDA Toolkit for Linux and Windows,"The NVIDIA CUDA toolkit for both Linux and Windows contains a vulnerability in the cuobjdump binary that allows an attacker to cause the application to crash by supplying a malformed ELF file. This issue could potentially lead to a situation where users experience a partial denial of service, affecting the availability of the application.",Nvidia,Cuda Toolkit,2.8,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-25T20:41:11.826Z,0
CVE-2024-53878,https://securityvulnerability.io/vulnerability/CVE-2024-53878,Denial of Service Risk in NVIDIA CUDA Toolkit due to Malformed ELF Files,"The NVIDIA CUDA Toolkit for both Linux and Windows contains a vulnerability within the cuobjdump binary. This issue arises when a user supplies a malformed ELF file to cuobjdump, which can lead to a crash. If exploited, this vulnerability could result in a partial denial of service, impacting system performance and availability.",Nvidia,Cuda Toolkit,2.8,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-25T20:38:59.240Z,0
CVE-2024-53877,https://securityvulnerability.io/vulnerability/CVE-2024-53877,NULL Pointer Exception in NVIDIA CUDA Toolkit's nvdisasm Binary,"A vulnerability exists in the NVIDIA CUDA toolkit's nvdisasm binary, where improper handling of malformed ELF files can lead to a NULL pointer exception. This flaw may allow an attacker to execute a specially crafted file that triggers a partial denial of service, impacting system availability. Organizations using the affected software should review their configurations and apply necessary measures to mitigate this issue.",Nvidia,Cuda Toolkit,3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-25T20:30:45.086Z,0
CVE-2024-53876,https://securityvulnerability.io/vulnerability/CVE-2024-53876,Out-of-bounds Read in NVIDIA CUDA Toolkit's nvdisasm Binary,"A vulnerability exists in the NVIDIA CUDA toolkit, specifically in the nvdisasm binary. By providing a malformed ELF file to nvdisasm, a user can trigger an out-of-bounds read, potentially leading to unpredictable behavior and a partial denial of service. Users utilizing the affected CUDA Toolkit versions should be aware of this risk and take necessary precautions to mitigate any potential exploitation.",Nvidia,Cuda Toolkit,3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-25T20:30:02.695Z,0
CVE-2024-53875,https://securityvulnerability.io/vulnerability/CVE-2024-53875,Out-of-bounds Read Vulnerability in NVIDIA CUDA Toolkit's cuobjdump,"The NVIDIA CUDA Toolkit for all platforms contains an out-of-bounds read vulnerability in the cuobjdump binary. This vulnerability arises when a user provides a malformed ELF file to cuobjdump, which could result in unintended memory access. Exploiting this flaw may lead to partial denial of service, impacting CUDA applications and their ability to perform efficiently. Users are advised to implement the available patches to mitigate any potential risks associated with this vulnerability.",Nvidia,Cuda Toolkit,3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-25T20:29:45.526Z,0
CVE-2024-53874,https://securityvulnerability.io/vulnerability/CVE-2024-53874,Out-of-bounds Read Vulnerability in NVIDIA CUDA Toolkit cuobjdump Binary,"The NVIDIA CUDA toolkit across all platforms is vulnerable due to an issue in the cuobjdump binary. This vulnerability allows an attacker to exploit the software by submitting a malformed ELF (Executable and Linkable Format) file which may lead to an out-of-bounds read. If successfully exploited, this can result in a partial denial of service, compromising system stability and user experience.",Nvidia,Cuda Toolkit,3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-25T20:28:57.798Z,0
CVE-2024-53873,https://securityvulnerability.io/vulnerability/CVE-2024-53873,Out-of-Bounds Read Vulnerability in NVIDIA CUDA Toolkit for Windows,"A vulnerability exists in the NVIDIA CUDA toolkit for Windows, specifically in the cuobjdump binary. This flaw enables an attacker to trigger an out-of-bounds read by supplying a malformed ELF file to the cuobjdump utility. The implications of exploiting this vulnerability may include a partial denial of service, impacting the availability of associated services and functionalities. Organizations utilizing the CUDA Toolkit should take immediate steps to evaluate their security posture and implement necessary updates to safeguard against potential exploitation.",Nvidia,Cuda Toolkit,3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-25T20:28:37.201Z,0
CVE-2024-53872,https://securityvulnerability.io/vulnerability/CVE-2024-53872,Out-of-bounds Read Vulnerability in NVIDIA CUDA Toolkit Affecting cuobjdump,"The NVIDIA CUDA Toolkit has a vulnerability within the cuobjdump binary that allows an unauthorized user to trigger an out-of-bounds read. This can occur when a malformed ELF file is provided as input to cuobjdump, resulting in a potential denial of service. It’s crucial for users to ensure they are using secure ELF files with cuobjdump to prevent exploitation.",Nvidia,Cuda Toolkit,3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-25T20:28:21.988Z,0
CVE-2024-53871,https://securityvulnerability.io/vulnerability/CVE-2024-53871,Out-of-Bounds Read Vulnerability in NVIDIA CUDA Toolkit,"The NVIDIA CUDA Toolkit across multiple platforms is vulnerable due to the nvdisasm binary, which does not properly handle malformed ELF files. This oversight allows an attacker to exploit the system by causing an out-of-bounds read, potentially leading to a partial denial of service. Users are advised to verify their configurations and implement necessary updates to mitigate the risk.",Nvidia,Cuda Toolkit,3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-25T20:28:03.753Z,0
CVE-2024-53870,https://securityvulnerability.io/vulnerability/CVE-2024-53870,Out-of-Bounds Read Vulnerability in NVIDIA CUDA Toolkit,"The NVIDIA CUDA toolkit contains a vulnerability within the cuobjdump binary that allows a user to trigger an out-of-bounds read by providing a malformed ELF file. Exploitation of this vulnerability can result in potential service disruptions, impacting system stability and availability.",Nvidia,Cuda Toolkit,3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-25T20:27:43.547Z,0
CVE-2024-0148,https://securityvulnerability.io/vulnerability/CVE-2024-0148,Code Execution Vulnerability in NVIDIA Jetson Linux and IGX OS,"NVIDIA Jetson Linux and IGX OS contain a vulnerability in the UEFI firmware during the RCM boot mode. This issue allows an unprivileged attacker with physical access to the device to load untrusted code, which can result in multiple severe impacts, including unauthorized code execution, privilege escalation, data tampering, and potential denial of service or information disclosure. The consequences may also extend to other system components, making it imperative to address this vulnerability promptly.",Nvidia,"Igx Orin,Jetson Agx Orin Series",7.6,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-25T20:11:21.328Z,0
CVE-2025-23359,https://securityvulnerability.io/vulnerability/CVE-2025-23359,Time-of-Check Time-of-Use Vulnerability in NVIDIA Container Toolkit for Linux,"The NVIDIA Container Toolkit for Linux is susceptible to a Time-of-Check Time-of-Use (TOCTOU) vulnerability, especially when operated under its default configuration. This flaw allows maliciously crafted container images to potentially access the host file system. Successful exploitation could result in various security issues, including unauthorized code execution, denial of service, elevated user privileges, and even sensitive data exposure or manipulation.",Nvidia,"Container Toolkit,Gpu Operator",8.3,HIGH,0.0004299999854993075,false,,true,false,true,2025-02-12T14:04:29.000Z,false,false,false,,2025-02-12T00:52:43.646Z,919
CVE-2024-53880,https://securityvulnerability.io/vulnerability/CVE-2024-53880,Integer Overflow Vulnerability in NVIDIA Triton Inference Server,"The NVIDIA Triton Inference Server has a vulnerability in its model loading API that allows for integer overflow or wraparound errors. This occurs when an attacker loads a model file with an excessively large size, which can exceed the limits of an internal variable. If successfully exploited, this vulnerability may result in denial of service, impacting the availability of the server for legitimate users. Organizations utilizing this server should implement measures to secure their applications against such file size exploits.",Nvidia,Triton Inference Server,4.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-12T00:39:32.321Z,0
CVE-2024-0112,https://securityvulnerability.io/vulnerability/CVE-2024-0112,Improper Input Validation in NVIDIA Jetson AGX Orin and IGX Orin Software,"NVIDIA Jetson AGX Orin and NVIDIA IGX Orin software are susceptible to a vulnerability that arises from improper input validation. Attackers may exploit this flaw to escalate permissions to a limited extent, leading to potential consequences such as unauthorized code execution, service interruptions, data corruption, and unauthorized data access. Organizations utilizing these systems should remain vigilant and implement appropriate security measures to mitigate risks associated with this vulnerability.",Nvidia,"Jetson Agx Orin Series (including Jetson Orin Nx Series, Jetson Orin Nano Series),Igx Orin",7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-12T00:15:00.000Z,0
CVE-2024-0145,https://securityvulnerability.io/vulnerability/CVE-2024-0145,Heap-Based Buffer Overflow in NVIDIA nvJPEG2000 Library,"The NVIDIA nvJPEG2000 library has a critical vulnerability that allows attackers to exploit a heap-based buffer overflow. By sending specially crafted JPEG2000 files, an attacker can achieve unauthorized code execution and potentially manipulate data within affected systems. This vulnerability poses a significant security risk, emphasizing the need for prompt patching and mitigative strategies to protect data integrity and system functionality.",Nvidia,Nvjpeg2000,6.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-12T00:12:33.361Z,0
CVE-2024-0144,https://securityvulnerability.io/vulnerability/CVE-2024-0144,Buffer Overflow Vulnerability in NVIDIA nvJPEG2000 Library,"The NVIDIA nvJPEG2000 library is susceptible to a buffer overflow vulnerability that can be triggered by specially crafted JPEG2000 files. Malicious actors can exploit this flaw to perform unauthorized data manipulation, potentially leading to further security issues. It is crucial for users reliant on NVIDIA products to ensure that they are using updated versions to mitigate risks associated with this vulnerability.",Nvidia,Nvjpeg2000,6.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-12T00:11:14.053Z,0
CVE-2024-0143,https://securityvulnerability.io/vulnerability/CVE-2024-0143,Out-of-Bounds Write Vulnerability in NVIDIA nvJPEG2000 Library,"The NVIDIA nvJPEG2000 library is susceptible to an out-of-bounds write vulnerability. This issue arises when an attacker manipulates a specially crafted JPEG2000 file, potentially leading to unauthorized code execution and data manipulation. Proper validation of input data is crucial to mitigating such vulnerabilities and ensuring application security.",Nvidia,Nvjpeg2000,6.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-12T00:10:35.133Z,101
CVE-2024-0142,https://securityvulnerability.io/vulnerability/CVE-2024-0142,Out-of-Bounds Write Vulnerability in NVIDIA nvJPEG2000 Library,"The NVIDIA nvJPEG2000 library has a security flaw that allows an attacker to perform an out-of-bounds write operation via a specially crafted JPEG2000 file. If successfully exploited, this vulnerability may enable attackers to execute arbitrary code and manipulate data, potentially compromising the integrity and security of the system.",Nvidia,Nvjpeg2000,6.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-12T00:09:53.430Z,0
CVE-2024-0131,https://securityvulnerability.io/vulnerability/CVE-2024-0131,Buffer Overflow Vulnerability in NVIDIA GPU Kernel Driver for Windows and Linux,"The NVIDIA GPU kernel driver for both Windows and Linux contains a vulnerability that allows a potential user-mode attacker to exploit a buffer with an incorrect length. This could lead to unintended information disclosure and may result in denial of service conditions, impacting system stability and performance.",Nvidia,"Nvidia Gpu Display Driver, Vgpu Software",4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-02-02T01:15:00.000Z,0
CVE-2024-53881,https://securityvulnerability.io/vulnerability/CVE-2024-53881,Denial of Service Vulnerability in NVIDIA vGPU Host Driver,"A vulnerability has been identified in NVIDIA vGPU software that affects the host driver functionality. This issue may allow a guest virtual machine to generate an interrupt storm that could overwhelm the host system, resulting in a denial of service. Proper mitigation strategies and updates are essential to safeguard system performance and stability.",Nvidia,Nvidia Vgpu Software,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T04:11:29.908Z,0
CVE-2024-0146,https://securityvulnerability.io/vulnerability/CVE-2024-0146,Memory Corruption Vulnerability in NVIDIA Virtual GPU Manager,"NVIDIA vGPU software features a vulnerability in the Virtual GPU Manager that can be exploited by a malicious guest. This security flaw enables potential attackers to corrupt memory, possibly leading to unauthorized code execution, denial of service attacks, information disclosure, or alteration of data. It is crucial for users and system administrators relying on NVIDIA's virtual GPU technology to stay informed about this vulnerability and apply necessary mitigations.",Nvidia,Nvidia Vgpu Software,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T04:09:24.737Z,0
CVE-2024-53869,https://securityvulnerability.io/vulnerability/CVE-2024-53869,Information Disclosure Vulnerability in NVIDIA Unified Memory Driver for Linux,"The NVIDIA Unified Memory driver for Linux has a vulnerability that allows attackers to leak uninitialized memory contents. This flaw can lead to unintended information disclosure, potentially exposing sensitive data. Attackers may exploit this weakness to retrieve confidential memory data that should not be accessible. Users of the affected versions should take steps to mitigate this risk and update their drivers to the latest version.",Nvidia,"Nvidia Gpu Display Driver, Vgpu Software",5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T04:07:47.554Z,0
CVE-2024-0149,https://securityvulnerability.io/vulnerability/CVE-2024-0149,Unauthorized File Access in NVIDIA GPU Display Driver for Linux,"A vulnerability in the NVIDIA GPU Display Driver for Linux grants potential unauthorized access to sensitive files. If exploited, this flaw can lead to limited information disclosure, raising serious security concerns for users operating vulnerable versions of the driver. Maintaining updated software and applying security patches promptly is essential to mitigate risks associated with this vulnerability.",Nvidia,"Nvidia Gpu Display Driver, Vgpu Software",3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T04:04:19.542Z,0