VYPR

Virtual GPU Manager

by Nvidia

CVEs (53)

  • CVE-2022-42262HigDec 30, 2022
    risk 0.46cvss 7.1epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.

  • CVE-2022-31614HigAug 5, 2022
    risk 0.46cvss 7.0epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it may double-free some resources. An attacker may exploit this vulnerability with other vulnerabilities to cause denial of service, code execution, and information disclosure.

  • CVE-2021-1120HigOct 29, 2021
    risk 0.46cvss 7.0epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a string provided by the guest OS may not be properly null terminated. The guest OS or attacker has no ability to push content to the plugin through this vulnerability, which may lead…

  • CVE-2021-1119HigOct 29, 2021
    risk 0.46cvss 7.1epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can double-free a pointer, which may lead to denial of service. This flaw may result in a write-what-where condition, allowing an attacker to execute arbitrary code impacting…

  • CVE-2021-1099HigJul 21, 2021
    risk 0.46cvss 7.0epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. Such an attack may lead to information disclosure, data tampering, or denial of…

  • CVE-2021-1086HigApr 29, 2021
    risk 0.46cvss 7.1epss 0.00

    NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin) where it allows guests to control unauthorized resources, which may lead to integrity and confidentiality loss or information disclosure. This affects vGPU version 12.x (prior to 12.2), version…

  • CVE-2021-1065HigJan 8, 2021
    risk 0.46cvss 7.1epss 0.00

    NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

  • CVE-2021-1064HigJan 8, 2021
    risk 0.46cvss 7.1epss 0.00

    NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which it obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer, which may lead to information disclosure or denial of service. This affects vGPU…

  • CVE-2021-1062HigJan 8, 2021
    risk 0.46cvss 7.1epss 0.00

    NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).

  • CVE-2020-5988HigOct 2, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

  • CVE-2020-5985HigOct 2, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.

  • CVE-2020-5983HigOct 2, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may…

  • CVE-2020-5972HigJun 30, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and…

  • CVE-2020-5970HigJun 30, 2020
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).

  • CVE-2019-5697HigNov 9, 2019
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which it may grant a guest access to memory that it does not own, which may lead to information disclosure or denial of service.

  • CVE-2021-1061MedJan 8, 2021
    risk 0.41cvss 6.3epss 0.00

    NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which a race condition may cause the vGPU plugin to continue using a previously validated resource that has since changed, which may lead to denial of service or information disclosure. This affects vGPU version…

  • CVE-2020-5969MedJun 30, 2020
    risk 0.41cvss 6.3epss 0.00

    NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it validates a shared resource before using it, creating a race condition which may lead to denial of service or information disclosure. This affects vGPU version 8.x (prior to 8.4), version 9.x…

  • CVE-2023-0197MedApr 1, 2023
    risk 0.36cvss 5.5epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in a guest VM can cause a NULL-pointer dereference, which may lead to denial of service.

  • CVE-2022-31618MedAug 5, 2022
    risk 0.36cvss 5.5epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a null pointer, which may lead to denial of service.

  • CVE-2021-1123MedOct 29, 2021
    risk 0.36cvss 5.5epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can deadlock, which may lead to denial of service.