Nvidia
Nvidia Corporation is an American technology company headquartered in Santa Clara, California. The company develops graphics processing units (GPUs), systems on chips (SoCs), and application programming interfaces (APIs) for data science, high-performance computing, video games, and mobile and automotive applications. Founded in 1993 by Jensen Huang, Chris Malachowsky, and Curtis Priem, Nvidia has been widely described as a Big Tech company.
Products
223- 163 CVEs
- 144 CVEs
- 68 CVEs
- 64 CVEs
- 49 CVEs
- 46 CVEs
- 40 CVEs
- 40 CVEs
- 34 CVEs
- 33 CVEs
- 32 CVEs
- 30 CVEs
- 26 CVEs
- 25 CVEs
- 20 CVEs
- 19 CVEs
- 19 CVEs
- 17 CVEs
- 16 CVEs
- 15 CVEs
- 14 CVEs
- 14 CVEs
- 13 CVEs
- 13 CVEs
- 11 CVEs
- 11 CVEs
- 10 CVEs
- 10 CVEs
- 9 CVEs
- 8 CVEs
- View all 223 products →
Recent CVEs
1,011| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14491 | Cri | 0.73 | 9.8 | 0.85 | Oct 4, 2017 | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. | ||
| CVE-2026-24207 | Cri | 0.64 | 9.8 | 0.01 | May 20, 2026 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. | ||
| CVE-2024-0138 | Cri | 0.64 | 9.8 | 0.01 | Nov 23, 2024 | NVIDIA Base Command Manager contains a missing authentication vulnerability in the CMDaemon component. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||
| CVE-2016-8812 | Hig | 0.60 | 8.8 | 0.02 | Nov 8, 2016 | For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted… | ||
| CVE-2025-23266 | Cri | 0.59 | 9.0 | 0.03 | Jul 17, 2025 | NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data… | ||
| CVE-2024-0105 | Hig | 0.58 | 8.9 | 0.00 | Nov 1, 2024 | NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure. | ||
| CVE-2026-24187 | Hig | 0.57 | 8.8 | 0.00 | May 26, 2026 | NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. | ||
| CVE-2026-24217 | Hig | 0.57 | 8.8 | 0.01 | May 20, 2026 | NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||
| CVE-2026-24178 | Cri | 0.57 | 9.8 | 0.01 | Apr 28, 2026 | NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to privilege escalation, data… | ||
| CVE-2026-24164 | Hig | 0.57 | 8.8 | 0.00 | Mar 31, 2026 | NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||
| CVE-2025-33214 | Hig | 0.57 | 8.8 | 0.01 | Dec 9, 2025 | NVIDIA NVTabular for Linux contains a vulnerability in the Workflow component, where a user could cause a deserialization issue. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||
| CVE-2025-33213 | Hig | 0.57 | 8.8 | 0.01 | Dec 9, 2025 | NVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in the Trainer component, where a user could cause a deserialization issue. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||
| CVE-2025-33186 | Hig | 0.57 | 8.8 | 0.00 | Nov 11, 2025 | NVIDIA AIStore contains a vulnerability in AuthN. A successful exploit of this vulnerability might lead to escalation of privileges, information disclosure, and data tampering. | ||
| CVE-2025-23293 | Hig | 0.57 | 8.7 | 0.00 | Sep 30, 2025 | NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an User/Attacker may cause an authorized action. A successful exploit of this vulnerability may lead to information disclosure. | ||
| CVE-2025-23256 | Hig | 0.57 | 8.7 | 0.00 | Sep 4, 2025 | NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorization to modify the configuration. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges,… | ||
| CVE-2025-23254 | Hig | 0.57 | 8.8 | 0.00 | May 1, 2025 | NVIDIA TensorRT-LLM for any platform contains a vulnerability in python executor where an attacker may cause a data validation issue by local access to the TRTLLM server. A successful exploit of this vulnerability may lead to code execution, information disclosure and data… | ||
| CVE-2024-0130 | Hig | 0.57 | 8.8 | 0.00 | Dec 6, 2024 | NVIDIA UFM Enterprise, UFM Appliance, and UFM CyberAI contain a vulnerability where an attacker can cause an improper authentication issue by sending a malformed request through the Ethernet management interface. A successful exploit of this vulnerability might lead to… | ||
| CVE-2024-0106 | Hig | 0.57 | 8.7 | 0.00 | Nov 1, 2024 | NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and… | ||
| CVE-2018-6250 | Hig | 0.57 | 8.8 | 0.00 | Apr 2, 2018 | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference occurs which may lead to denial of service or possible escalation of privileges. | ||
| CVE-2018-6249 | Hig | 0.57 | 8.8 | 0.00 | Apr 2, 2018 | NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges. |
- risk 0.73cvss 9.8epss 0.85
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
- risk 0.64cvss 9.8epss 0.01
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.
- risk 0.64cvss 9.8epss 0.01
NVIDIA Base Command Manager contains a missing authentication vulnerability in the CMDaemon component. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
- risk 0.60cvss 8.8epss 0.02
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted…
- risk 0.59cvss 9.0epss 0.03
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data…
- risk 0.58cvss 8.9epss 0.00
NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.
- risk 0.57cvss 8.8epss 0.00
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
- risk 0.57cvss 8.8epss 0.01
NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
- risk 0.57cvss 9.8epss 0.01
NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to privilege escalation, data…
- risk 0.57cvss 8.8epss 0.00
NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
- risk 0.57cvss 8.8epss 0.01
NVIDIA NVTabular for Linux contains a vulnerability in the Workflow component, where a user could cause a deserialization issue. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
- risk 0.57cvss 8.8epss 0.01
NVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in the Trainer component, where a user could cause a deserialization issue. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
- risk 0.57cvss 8.8epss 0.00
NVIDIA AIStore contains a vulnerability in AuthN. A successful exploit of this vulnerability might lead to escalation of privileges, information disclosure, and data tampering.
- risk 0.57cvss 8.7epss 0.00
NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an User/Attacker may cause an authorized action. A successful exploit of this vulnerability may lead to information disclosure.
- risk 0.57cvss 8.7epss 0.00
NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorization to modify the configuration. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges,…
- risk 0.57cvss 8.8epss 0.00
NVIDIA TensorRT-LLM for any platform contains a vulnerability in python executor where an attacker may cause a data validation issue by local access to the TRTLLM server. A successful exploit of this vulnerability may lead to code execution, information disclosure and data…
- risk 0.57cvss 8.8epss 0.00
NVIDIA UFM Enterprise, UFM Appliance, and UFM CyberAI contain a vulnerability where an attacker can cause an improper authentication issue by sending a malformed request through the Ethernet management interface. A successful exploit of this vulnerability might lead to…
- risk 0.57cvss 8.7epss 0.00
NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and…
- risk 0.57cvss 8.8epss 0.00
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference occurs which may lead to denial of service or possible escalation of privileges.
- risk 0.57cvss 8.8epss 0.00
NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges.