cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-0108,https://securityvulnerability.io/vulnerability/CVE-2024-0108,"NVIDIA Jetson Linux Vulnerability Allows Denial of Service, Code Execution, and Privilege Escalation","The NVIDIA Jetson Linux platform is affected by a vulnerability in the GPU Memory Management Unit (MMU) mapping process, specifically within the NvGPU error handling functions. When a mapping operation fails, the paths intended for error handling inadequately clean up the failed attempt, which could potentially be exploited by an attacker. This flaw may result in a denial of service and provide opportunities for code execution, raising serious concerns around privilege escalation and system integrity.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Tx1, Jetson Nano Series",8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-08T16:18:27.914Z,0
CVE-2021-1114,https://securityvulnerability.io/vulnerability/CVE-2021-1114,Use After Free Vulnerability in NVIDIA Linux Kernel Distributions,"A vulnerability exists in NVIDIA's Linux kernel distributions related to the kernel crypto node, allowing a Use After Free condition. This could potentially enable an attacker to trigger a complete denial of service, disrupting normal operations and affecting system stability. Users are advised to review the provided information and apply necessary patches to mitigate potential risks.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-11T21:33:07.000Z,0
CVE-2021-1111,https://securityvulnerability.io/vulnerability/CVE-2021-1111,Buffer Overflow Vulnerability in NVIDIA Bootloader NV3P Server,"A buffer overflow vulnerability exists in the NV3P server of NVIDIA's Bootloader, allowing an adversary with physical access via USB to exploit an incorrect bounds check. This flaw may enable limited information disclosure, compromise data integrity, and cause a denial of service across multiple system components. Due to its design, the NV3P server is susceptible to unauthorized manipulation if physical access controls are not strictly enforced. Ensuring timely updates and access restrictions is crucial in mitigating potential risks associated with this vulnerability.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",6.7,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2021-08-11T21:33:04.000Z,0
CVE-2021-34384,https://securityvulnerability.io/vulnerability/CVE-2021-34384,Heap Overflow Vulnerability in NVIDIA Bootloader Software,"The NVIDIA bootloader software contains a vulnerability that can lead to a potential heap overflow, resulting in memory corruption. This issue poses risks, as it could be exploited to cause denial of service, allowing an attacker to disrupt normal operations or possibly execute arbitrary code, which could compromise system integrity. For more detailed information, refer to the official NVIDIA support documentation.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",6.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:37.000Z,0
CVE-2021-34383,https://securityvulnerability.io/vulnerability/CVE-2021-34383,Heap Overflow Vulnerability in NVIDIA Bootloader MB2,"NVIDIA MB2 Bootloader has a vulnerability that allows for a potential heap overflow. This could enable an attacker to exploit the system, resulting in a denial of service or the possibility to escalate privileges. It is essential for users of this bootloader to assess their systems and consider applying any available mitigations.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",6.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:36.000Z,0
CVE-2021-34380,https://securityvulnerability.io/vulnerability/CVE-2021-34380,Heap Overflow Vulnerability in NVIDIA Bootloader,"A vulnerability in the NVIDIA bootloader (MB2) allows for a potential heap overflow, which may corrupt the heap metadata. This could enable attackers to execute arbitrary code, disrupt service availability, or disclose sensitive information during the secure boot process.",Nvidia,"Nvidia Jetson Tx1, Tx2 Series, Tx2 Nx, Agx Xavier Series, Xavier Nx, Nano And Nano 2gb",7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:34.000Z,0
CVE-2021-34379,https://securityvulnerability.io/vulnerability/CVE-2021-34379,Memory Corruption Vulnerability in HDCP Service of Trusty by NVIDIA,"Trusty, a product by NVIDIA, has a vulnerability within its HDCP service that stems from inadequate bounds checking in command 10. This oversight allows the manipulation of the length of an I/O buffer parameter, potentially leading to memory corruption. If exploited, this vulnerability could compromise system integrity and security.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:33.000Z,0
CVE-2021-34378,https://securityvulnerability.io/vulnerability/CVE-2021-34378,Memory Buffer Vulnerability in NVIDIA Trusty HDCP Service,"NVIDIA Trusty has a vulnerability in its HDCP service where the lack of bounds checking in command 11 can potentially expose sensitive information. This vulnerability arises from improper restrictions on operations within the memory buffer, which may allow unauthorized access, triggering denial of service conditions, or leading to an escalation of privileges. Organizations using affected versions should apply appropriate security measures to mitigate potential risks.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:32.000Z,0
CVE-2021-34377,https://securityvulnerability.io/vulnerability/CVE-2021-34377,HDCP Service Vulnerability in Trusty by Nvidia,"Trusty by Nvidia is affected by a vulnerability in its HDCP service where a lack of bounds checking in command 9 allows for improper restrictions on operations. This oversight can lead to serious security implications, such as privilege escalation, unauthorized information disclosure, and potential denial of service, posing significant risks to system integrity.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:31.000Z,0
CVE-2021-34376,https://securityvulnerability.io/vulnerability/CVE-2021-34376,Memory Buffer Vulnerability in Trusty's HDCP Service by NVIDIA,"NVIDIA's Trusty HDCP service contains a vulnerability due to the absence of proper bounds checking in command 5. This oversight allows for potential exploitation that could result in denial of service, privilege escalation, and exposure of sensitive information. Cybersecurity practitioners must be vigilant to protect against threats arising from this vulnerability.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:30.000Z,0
CVE-2021-34375,https://securityvulnerability.io/vulnerability/CVE-2021-34375,Buffer Overflow Vulnerability in Trusted Applications by NVIDIA,"A vulnerability exists in NVIDIA Trusted Applications where the stack cookie is not adequately randomized. This flaw could be exploited to perform stack-based buffer overflow attacks, potentially leading to denial of service, privilege escalation, and unauthorized information disclosure.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:29.000Z,0
CVE-2021-34374,https://securityvulnerability.io/vulnerability/CVE-2021-34374,Input Buffer Validation Flaw in Trusty by NVIDIA,"The Trusty environment from NVIDIA includes a vulnerability in its command handlers, where the system fails to adequately verify the lengths of input buffers. This flaw can lead to severe issues including memory corruption, which may subsequently allow unauthorized disclosure of sensitive information, potential escalation of user privileges, and even denial of service. Ensuring proper validation of input lengths is crucial to maintaining the integrity and security of the system.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx",7.7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-30T10:24:28.000Z,0
CVE-2021-34397,https://securityvulnerability.io/vulnerability/CVE-2021-34397,Bootloader Vulnerability in NVIDIA MB2 Affecting NVIDIA Products,"A vulnerability exists in the NVIDIA MB2 bootloader that may lead to improper heap management, potentially resulting in a denial of service condition. This flaw can cause the system to mishandle memory allocation, potentially disrupting normal operations and affecting system stability. Users of impacted NVIDIA products should evaluate their systems and apply any available mitigations as outlined by the vendor.",Nvidia,"Nvidia Jetson Tx2 Series, Tx2 Nx, Agx Xavier Series, Xavier Nx",1.9,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-22T21:25:33.000Z,0
CVE-2021-34396,https://securityvulnerability.io/vulnerability/CVE-2021-34396,Access Control Vulnerability in NVIDIA Bootloader,"The NVIDIA bootloader has a security issue related to access permission settings that could allow unauthorized software to overwrite the MB2 code. This vulnerability could lead to potential disruptions in service, exposing the system to further exploitation.",Nvidia,"Nvidia Jetson Tx2 Series, Tx2 Nx",3,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-22T21:25:32.000Z,0
CVE-2021-34394,https://securityvulnerability.io/vulnerability/CVE-2021-34394,Buffer Overflow Vulnerability in NVIDIA Trusty OTE Protocol,"NVIDIA Trusty contains a vulnerability within the OTE protocol, affecting all Trusted Applications. The flaw results from improper message stream deserialization, which allows an attacker to exploit a malicious Certification Authority (CA) running at the user level. This can lead to a buffer overflow, potentially compromising data integrity and enabling unauthorized access to sensitive information.",Nvidia,"Nvidia Jetson Tx2 Series, Tx2 Nx, Agx Xavier Series, Xavier Nx",4.2,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2021-06-22T21:25:29.000Z,0
CVE-2021-34393,https://securityvulnerability.io/vulnerability/CVE-2021-34393,Deserialization Vulnerability in TSEC TA by NVIDIA,"NVIDIA's TSEC TA is affected by a vulnerability that arises from improper handling of deserialized incoming messages. Although TSEC TA does not expose any commands, the flaw allows attackers to exploit the deserialization process, potentially leading to unauthorized code execution and information disclosure. This interaction poses a significant risk to system integrity and confidentiality, highlighting the importance of securing software components against such vulnerabilities.",Nvidia,"Nvidia Jetson Tx2 Series, Tx2 Nx, Agx Xavier Series, Xavier Nx",4.2,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-22T21:25:27.000Z,0
CVE-2021-34372,https://securityvulnerability.io/vulnerability/CVE-2021-34372,Buffer Overflow Vulnerability in NVIDIA Jetson Devices,"A vulnerability in NVIDIA's Jetson Trusted OS arises from an integer overflow in the OTE protocol message parsing code. This flaw can lead to a buffer overflow on the heap, potentially allowing attackers to exploit the system. The consequences may include information disclosure, unauthorized escalation of privileges, or even a denial of service, impacting the overall security and functionality of affected Jetson devices.",Nvidia,"Nvidia Jetson Tx2 Series, Tx2 Nx, Agx Xavier Series, Xavier Nx",8.2,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2021-06-22T21:25:21.000Z,0
CVE-2021-34389,https://securityvulnerability.io/vulnerability/CVE-2021-34389,Information Disclosure Vulnerability in NVIDIA Trusty for Secure Computing,"NVIDIA Trusty contains a vulnerability resulting from improper parsing of the OTE protocol messages. This flaw allows local users to exploit an incorrect bounds check, potentially gaining access to sensitive heap memory within the TrustZone environment. This unauthorized access can lead to information disclosure and poses a security risk for systems running affected versions of Trusty.",Nvidia,"Nvidia Jetson, Tx2 Series, Tx2 Nx, Agx Xavier Series, Xavier Nx",5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-06-21T21:35:19.000Z,0
CVE-2021-34388,https://securityvulnerability.io/vulnerability/CVE-2021-34388,Heap Overflow Vulnerability in NVIDIA TegraBoot,"NVIDIA TegraBoot contains a vulnerability that could allow an attacker to exploit a heap overflow. This security flaw may enable unauthorized manipulation of memory allocation, potentially leading to control over RAM regions following the affected heap block. As a result, this could facilitate denial of service attacks or unauthorized code execution, posing significant risks to system integrity and security.",Nvidia,"Nvidia Jetson Tx1, Tx2 Series, Tx2 Nx, Agx Xavier Series, Xavier Nx, Nano And Nano 2gb",6.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-06-21T21:35:17.000Z,0
CVE-2021-1070,https://securityvulnerability.io/vulnerability/CVE-2021-1070,Access Control Weakness in NVIDIA Jetson Products,"NVIDIA's Jetson AGX Xavier series and related models have a vulnerability in the apply_binaries.sh script, which allows for improper access control during the installation of NVIDIA components. This flaw can enable unprivileged users to modify critical system device tree files, which may lead to a denial of service. Users should ensure that their systems are updated to L4T version 32.5 or later to mitigate this risk.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Tx1, Tx2, Nano And Nano 2gb",7.1,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-01-26T21:20:14.000Z,0
CVE-2021-1071,https://securityvulnerability.io/vulnerability/CVE-2021-1071,Improper Access Control in NVIDIA Tegra Kernel Affects Jetson Devices,"The NVIDIA Tegra kernel in various Jetson devices has an improper access control vulnerability found in the INA3221 driver. This flaw may allow unauthorized users to access system power usage data, leading to potential information disclosure. This issue affects all L4T versions prior to r32.5, highlighting the need for users to update their systems promptly for security.",Nvidia,"Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Tx1, Tx2, Nano And Nano 2gb",5.6,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-01-26T21:20:14.000Z,0