VYPR

vGPU software

by Nvidia

CVEs (49)

  • CVE-2023-25517HigJul 4, 2023
    risk 0.46cvss 7.1epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a guest OS may be able to control resources for which it is not authorized, which may lead to information disclosure and data tampering.

  • CVE-2022-31614HigAug 5, 2022
    risk 0.46cvss 7.0epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it may double-free some resources. An attacker may exploit this vulnerability with other vulnerabilities to cause denial of service, code execution, and information disclosure.

  • CVE-2021-1120HigOct 29, 2021
    risk 0.46cvss 7.0epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a string provided by the guest OS may not be properly null terminated. The guest OS or attacker has no ability to push content to the plugin through this vulnerability, which may lead…

  • CVE-2021-1099HigJul 21, 2021
    risk 0.46cvss 7.0epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. Such an attack may lead to information disclosure, data tampering, or denial of…

  • CVE-2021-1060HigJan 8, 2021
    risk 0.46cvss 7.1epss 0.00

    NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

  • CVE-2020-5988HigOct 2, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

  • CVE-2020-5985HigOct 2, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

  • CVE-2020-5983HigOct 2, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may…

  • CVE-2020-5972HigJun 30, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and…

  • CVE-2020-5970HigJun 30, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).

  • CVE-2024-0085MedJun 13, 2024
    risk 0.41cvss 6.3epss 0.00

    NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service.

  • CVE-2020-5969MedJun 30, 2020
    risk 0.41cvss 6.3epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it validates a shared resource before using it, creating a race condition which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.4), version 9.x…

  • CVE-2021-1100MedJul 21, 2021
    risk 0.40cvss 6.2epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia.ko), in which a pointer to a user-space buffer is not validated before it is dereferenced, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3),…

  • CVE-2023-31026MedNov 2, 2023
    risk 0.39cvss 6.0epss 0.00

    NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a NULL-pointer dereference may lead to denial of service.

  • CVE-2026-24201MedMay 26, 2026
    risk 0.38cvss 5.8epss 0.00

    NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause an out-of-bound access. A successful exploit of this vulnerability might lead to data tampering, denial of service, or information disclosure.

  • CVE-2025-23246MedMay 1, 2025
    risk 0.36cvss 5.5epss 0.00

    NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows a guest to consume uncontrolled resources. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23245MedMay 1, 2025
    risk 0.36cvss 5.5epss 0.00

    NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows a guest to access global resources. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2024-53881MedJan 28, 2025
    risk 0.36cvss 5.5epss 0.00

    NVIDIA vGPU software contains a vulnerability in the host driver, where it can allow a guest to cause an interrupt storm on the host, which may lead to denial of service.

  • CVE-2023-31021MedNov 2, 2023
    risk 0.36cvss 5.5epss 0.00

    NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service.

  • CVE-2023-0197MedApr 1, 2023
    risk 0.36cvss 5.5epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in a guest VM can cause a NULL-pointer dereference, which may lead to denial of service.