cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-0139,https://securityvulnerability.io/vulnerability/CVE-2024-0139,NVIDIA Temporary File Vulnerability Leads to Denial of Service,"NVIDIA Base Command Manager and Bright Cluster Manager for Linux are affected by an insecure temporary file vulnerability that could be exploited to create unauthorized access to sensitive areas of the system. An attacker leveraging this vulnerability may cause significant disruptions, resulting in a denial of service to legitimate users. This security concern highlights the need for immediate review and potential remediation to safeguard affected systems and maintain operational integrity.",NVIDIA,,,,0.0004299999854993075,false,false,false,false,,false,false,2024-12-06T20:15:00.000Z,0
CVE-2024-0130,https://securityvulnerability.io/vulnerability/CVE-2024-0130,NVIDIA UFM Enterprise Vulnerability Could Lead to Escalation of Privileges and Data Tampering,"A vulnerability exists in NVIDIA's UFM Enterprise, UFM Appliance, and UFM CyberAI products that allows an attacker to exploit improper authentication. This issue arises when a malformed request is sent through the Ethernet management interface, potentially resulting in various security threats, including privilege escalation, data tampering, denial of service, and unauthorized information disclosure.",Nvidia,"Ufm Enterprise Ga,Ufm Enterprise Lts23,Ufm Enterprise Appliance Ga,Ufm Enterprise Appliance Lts23,Ufm Sdn Appliance Ga,Ufm Sdn Appliance Lts23,Ufm Cyberai Ga,Ufm Cyberai Lts23",8.8,HIGH,0.0004299999854993075,false,true,false,false,,false,false,2024-12-06T20:15:00.000Z,0
CVE-2024-43702,https://securityvulnerability.io/vulnerability/CVE-2024-43702,GPU System Calls Vulnerability Allows Unprivileged Access to Arbitrary Memory,"A vulnerability in the GPU drivers from Imagination Technologies allows software running as a non-privileged user to perform improper system calls. This flaw can lead to unprivileged access to arbitrary physical memory pages, posing a potential risk for data exposure and exploitation. Users running affected driver versions are advised to assess their environments and implement any available updates to mitigate this risk.",NVIDIA,,,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-30T03:15:00.000Z,0
CVE-2024-43703,https://securityvulnerability.io/vulnerability/CVE-2024-43703,Unauthorized Memory Access Through GPU System Calls,Software installed and run as a non-privileged user may conduct improper GPU system calls to achieve unauthorised reads and writes of physical memory from the GPU HW.,NVIDIA,,,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-30T03:15:00.000Z,0
CVE-2024-0138,https://securityvulnerability.io/vulnerability/CVE-2024-0138,Authentication Bypass Vulnerability in NVIDIA Base Command Manager,"NVIDIA Base Command Manager is susceptible to a vulnerability that allows unauthorized access and exploitation in its CMDaemon component. This flaw could enable an attacker to execute arbitrary code, disrupt services, escalate privileges, disclose sensitive information, or tamper with data, posing significant risks to system integrity and confidentiality.",NVIDIA,NVIDIA Base Command Manager,,,0.0004299999854993075,false,true,false,false,,false,false,2024-11-23T00:15:00.000Z,0
CVE-2024-0122,https://securityvulnerability.io/vulnerability/CVE-2024-0122,Unauthorized Action in NVIDIA Delegated Licensing Service,"The NVIDIA Delegated Licensing Service for appliance platforms presents a security risk where attackers could invoke unauthorized actions. If exploited, this vulnerability may result in a partial denial of service alongside potential exposure of confidential information, compromising the overall security and integrity of the affected systems.",NVIDIA,Delegated Licensing Service,,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-23T00:15:00.000Z,0
CVE-2024-0134,https://securityvulnerability.io/vulnerability/CVE-2024-0134,Unauthorized Files Creation Vulnerability Affects NVIDIA Container Toolkit and GPU Operator for Linux,NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.,Nvidia,"Nvidia Container Toolkit,Nvidia Gpu Operator",4.1,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-11-05T18:37:31.699Z,0
CVE-2024-38423,https://securityvulnerability.io/vulnerability/CVE-2024-38423,Nvidia GeForce GPU Vulnerable to Memory Corruption During Page Table Switch,"The vulnerability involves memory corruption that occurs during the processing of GPU page table switches within Qualcomm's graphics processing units. This issue can potentially lead to unauthorized access and manipulation of sensitive data, affecting the overall integrity and security posture of systems equipped with affected Adreno GPUs. Users of these products are recommended to apply necessary security measures to mitigate potential risks stemming from this vulnerability.",Nvidia,Wsa8835 Firmware,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-11-04T10:15:00.000Z,0
CVE-2024-38421,https://securityvulnerability.io/vulnerability/CVE-2024-38421,GPU Memory Corruption Vulnerability Discovered,This vulnerability involves memory corruption issues that can arise during the processing of GPU commands in Qualcomm products. Exploitation of this flaw could lead to unauthorized access to sensitive information or execution of arbitrary code in affected systems. It is crucial for users and organizations utilizing Qualcomm GPUs to apply the latest security updates to mitigate the risks associated with this vulnerability.,NVIDIA,Wsa8845h Firmware,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-11-04T10:15:00.000Z,0
CVE-2024-0106,https://securityvulnerability.io/vulnerability/CVE-2024-0106,"NVIDIA BlueField DPU Vulnerability Could Lead to Denial of Service, Data Tampering, and Limited Information Disclosure","The NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability related to improper privilege handling. This issue could allow attackers to exploit the system, resulting in disruptions such as denial of service, potential data tampering, and limited information disclosure. Addressing this security risk is crucial for maintaining the integrity and availability of systems utilizing NVIDIA technology.",Nvidia,"Bluefield 1,Bluefield Ga,Bluefield Lts22,Bluefield Lts23",8.7,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-11-01T05:53:31.345Z,0
CVE-2024-0105,https://securityvulnerability.io/vulnerability/CVE-2024-0105,NVIDIA ConnectX Firmware Vulnerability Could Lead to Denial of Service and Data Tampering,"The NVIDIA ConnectX Firmware has a vulnerability that occurs due to improper handling of insufficient privileges. This security flaw can potentially be exploited by malicious actors, leading to severe consequences such as denial of service, the ability to tamper with data, and the risk of limited information disclosure. Organizations utilizing vulnerable versions of ConnectX products should prioritize update and mitigation strategies to safeguard their systems.",Nvidia,"Connectx4,Connectx4 Lx,Connectx Ga,Connectx Lts22,Connectx Lts23,Bluefield 1,Bluefield Ga,Bluefield Lts22,Bluefield Lts23",8.9,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-11-01T05:36:06.601Z,0
CVE-2024-0128,https://securityvulnerability.io/vulnerability/CVE-2024-0128,NVIDIA vGPU Software Vulnerability Could Lead to Information Disclosure and Escalation of Privileges,"The NVIDIA vGPU software features a vulnerability within the Virtual GPU Manager that enables users of the guest operating system to gain access to global resources. This weakness potentially leads to unauthorized information disclosure, enables data tampering, and may facilitate escalation of user privileges, posing significant risks to system integrity and confidentiality.",Nvidia,Vgpu And Cloud Gaming,7.1,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-10-26T08:14:20.726Z,0
CVE-2024-0127,https://securityvulnerability.io/vulnerability/CVE-2024-0127,"NVIDIA vGPU Software Vulnerability Could Lead to Code Execution, Privilege Escalation, and More","NVIDIA vGPU software is vulnerable due to improper input validation in its GPU kernel driver associated with the vGPU Manager across all supported hypervisors. This flaw provides an opportunity for users operating within the guest operating system to compromise the guest OS kernel. If successfully exploited, this vulnerability can lead to serious consequences such as unauthorized code execution, elevation of user privileges, data manipulation, service interruptions, and potential information leaks. This highlights the importance of updating to the latest security patches to mitigate risks associated with this vulnerability.",Nvidia,Vgpu And Cloud Gaming,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-10-26T08:10:56.367Z,0
CVE-2024-0121,https://securityvulnerability.io/vulnerability/CVE-2024-0121,"NVIDIA GPU Display Driver Vulnerability Could Lead to Code Execution, Data Tampering","The NVIDIA GPU Display Driver for Windows contains a vulnerability within its user mode layer, enabling an unprivileged user to perform an out-of-bounds read operation. When exploited, this vulnerability can facilitate unauthorized code execution, disrupt service availability, elevate user privileges, disclose sensitive information, and cause data modifications. Ensuring timely updates and patches for the NVIDIA GPU Display Driver is crucial to mitigate these risks.",Nvidia,"Gpu, Vgpu, And Cloud Gaming",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-10-26T08:07:50.366Z,0
CVE-2024-0120,https://securityvulnerability.io/vulnerability/CVE-2024-0120,NVIDIA GPU Display Driver Vulnerability Allows for Code Execution and Other Threats,"The NVIDIA GPU Display Driver for Windows contains a vulnerability in its user mode layer that allows unprivileged users to exploit an out-of-bounds read. This flaw poses significant security risks including the possibility of unauthorized code execution, potential denial of service, and escalation of privileges. Furthermore, it potentially enables information disclosure and data tampering, which can severely compromise system integrity and user data.",Nvidia,"Gpu, Vgpu, And Cloud Gaming",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-10-26T08:06:52.882Z,0
CVE-2024-0119,https://securityvulnerability.io/vulnerability/CVE-2024-0119,"NVIDIA GPU Display Driver Vulnerability Could Lead to Code Execution, Data Tampering","The NVIDIA GPU Display Driver for Windows features a vulnerability in its user mode layer, allowing an unprivileged regular user to trigger an out-of-bounds read. Such exploitation may result in a range of consequences including unauthorized code execution, denial of service conditions, potential privilege escalation, information leakage, and data integrity issues. This vulnerability poses significant risks in environments where the GPU driver is utilized, emphasizing the need for timely updates and robust security practices.",Nvidia,"Gpu, Vgpu, And Cloud Gaming",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-10-26T08:06:34.252Z,0
CVE-2024-0118,https://securityvulnerability.io/vulnerability/CVE-2024-0118,NVIDIA GPU Display Driver Vulnerability Affects Windows Users,"The NVIDIA GPU Display Driver for Windows contains a vulnerability within its user mode layer that allows unprivileged regular users to exploit an out-of-bounds read condition. This exploitation can lead to various adverse outcomes including code execution, which may allow unauthorized access to system functions. Additionally, the vulnerability poses risks of denial of service, privilege escalation, information disclosure, and potential data tampering, affecting the integrity and availability of the system resources.",Nvidia,"Gpu, Vgpu, And Cloud Gaming",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-10-26T08:06:27.506Z,0
CVE-2024-0117,https://securityvulnerability.io/vulnerability/CVE-2024-0117,"NVIDIA GPU Display Driver Vulnerability Could Lead to Code Execution, Data Tampering","A vulnerability exists in the NVIDIA GPU Display Driver for Windows, specifically within the user mode layer. This issue allows an unprivileged regular user to trigger an out-of-bounds read, which can potentially be exploited to execute arbitrary code. The implications of this vulnerability include denial of service, escalation of privileges, and risks of information disclosure and data tampering. Organizations using affected versions are advised to update their drivers to mitigate these risks. Detailed information can be found in NVIDIA support resources.",Nvidia,"Gpu, Vgpu, And Cloud Gaming",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-10-26T08:06:19.001Z,0
CVE-2024-0126,https://securityvulnerability.io/vulnerability/CVE-2024-0126,NVIDIA GPU Display Driver Vulnerability Could Lead to Privilege Escalation,"The NVIDIA GPU Display Driver for both Windows and Linux is subject to a vulnerability that allows an attacker with privileged access to escalate permissions. This exploit could lead to severe consequences such as unauthorized code execution, potential denial of service, escalation of user privileges, and the risk of sensitive data exposure and tampering. Affected users should take immediate precautions to mitigate risk.",Nvidia,"Gpu, Vgpu, And Cloud Gaming",8.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-10-26T08:01:44.000Z,0
CVE-2024-0129,https://securityvulnerability.io/vulnerability/CVE-2024-0129,NVIDIA NeMo Vulnerability Could Lead to Code Execution and Data Tampering,"The vulnerability in NVIDIA NeMo's SaveRestoreConnector component arises from improper handling of .tar file extractions, leading to potential path traversal. If exploited, attackers may manipulate file paths to access restricted areas of the file system, potentially allowing them to execute arbitrary code and tamper with sensitive data. This vulnerability underscores the importance of secure file handling practices in software development. Users and administrators of NVIDIA NeMo are urged to apply the necessary updates to mitigate the risk associated with unsafe file operations.",Nvidia,Nemo,7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-10-15T05:39:01.225Z,0
CVE-2024-0125,https://securityvulnerability.io/vulnerability/CVE-2024-0125,NVIDIA CUDA Toolkit Vulnerability Could Lead to Limited Denial of Service,"A vulnerability exists in the NVIDIA CUDA Toolkit affecting the nvdisasm command line tool. This issue arises when a user attempts to process a malformed ELF file, leading to a NULL pointer dereference. If successfully exploited, this vulnerability may result in a limited denial of service, thereby disrupting normal operations of the toolkit. Users are advised to exercise caution and implement safeguards against potentially malformed inputs.",Nvidia,Cuda Toolkit,3.3,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-10-03T16:46:19.800Z,0
CVE-2024-0124,https://securityvulnerability.io/vulnerability/CVE-2024-0124,CUDA Toolkit Vulnerability Could Lead to Limited Denial of Service,"NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.",Nvidia,Cuda Toolkit,3.3,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-10-03T16:45:49.552Z,0
CVE-2024-0123,https://securityvulnerability.io/vulnerability/CVE-2024-0123,NVIDIA CUDA Toolkit Vulnerability Could Lead to Denial of Service,NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.,Nvidia,Cuda Toolkit,3.3,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-10-03T16:45:15.279Z,0
CVE-2024-0116,https://securityvulnerability.io/vulnerability/CVE-2024-0116,NVIDIA Triton Inference Server Out-of-Bounds Read Vulnerability,NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. A successful exploit of this vulnerability may lead to denial of service.,Nvidia,Triton Inference Server,4.9,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-10-01T04:46:22.405Z,0
CVE-2024-0133,https://securityvulnerability.io/vulnerability/CVE-2024-0133,NVIDIA Container Toolkit Vulnerability Could Lead to Data Tampering,NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering.,Nvidia,"Container Toolkit,Gpu Operator",3.4,LOW,0.0004600000102072954,false,false,false,false,,false,false,2024-09-26T05:21:33.599Z,0