Vendor CVEs
Nvidia
All CVEs
1,011 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-33199 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. A successful exploit of this vulnerability might lead to data tampering. | |||
| CVE-2025-33198 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure. | |||
| CVE-2025-33197 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a NULL pointer dereference. A successful exploit of this vulnerability might lead to denial of service. | |||
| CVE-2025-33196 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure. | |||
| CVE-2025-33195 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unexpected memory buffer operations. A successful exploit of this vulnerability might lead to data tampering, denial of service, or escalation of privileges. | |||
| CVE-2025-33194 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service. | |||
| CVE-2025-33193 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper validation of integrity. A successful exploit of this vulnerability might lead to information disclosure. | |||
| CVE-2025-33192 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploit of this vulnerability might lead to denial of service. | |||
| CVE-2025-33191 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause an invalid memory read. A successful exploit of this vulnerability might lead to denial of service. | |||
| CVE-2025-33190 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or escalation of privileges. | |||
| CVE-2025-33189 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, information disclosure, or escalation of privileges. | |||
| CVE-2025-33188 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service. | |||
| CVE-2025-33187 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to SoC protected areas. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, denial of service, or… | |||
| CVE-2025-33202 | 0.00 | — | 0.00 | Nov 11, 2025 | NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large payloads. A successful exploit of this vulnerability might lead to denial of service. | |||
| CVE-2025-33178 | 0.00 | — | 0.00 | Nov 11, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to Code execution, Escalation of privileges, Information… | |||
| CVE-2025-23361 | 0.00 | — | 0.00 | Nov 11, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information… | |||
| CVE-2025-23355 | 0.00 | — | 0.00 | Oct 1, 2025 | NVIDIA Nsight Graphics for Windows contains a vulnerability in an ngfx component, where an attacker could cause a DLL highjacking attack. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and denial of service. | |||
| CVE-2025-23354 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensemble_classifer script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information… | |||
| CVE-2025-23353 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA Megatron-LM for all platforms contains a vulnerability in the msdp preprocessing script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information… | |||
| CVE-2025-23349 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA Megatron-LM for all platforms contains a vulnerability in the tasks/orqa/unsupervised/nq.py component, where an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure,… | |||
| CVE-2025-23348 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretrain_gpt script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information… | |||
| CVE-2025-23346 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a limited denial of service. | |||
| CVE-2025-23340 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. | |||
| CVE-2025-23339 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may cause a stack-based buffer overflow by getting the user to run cuobjdump on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at… | |||
| CVE-2025-23338 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service. | |||
| CVE-2025-23308 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cause a heap-based buffer overflow by getting the user to run nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the… | |||
| CVE-2025-23275 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information… | |||
| CVE-2025-23273 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service. | |||
| CVE-2025-23271 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. | |||
| CVE-2025-23255 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user may cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability may lead to a partial denial of service. | |||
| CVE-2025-23248 | 0.00 | — | 0.00 | Sep 24, 2025 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. | |||
| CVE-2023-53383 | 0.00 | — | 0.00 | Sep 18, 2025 | In the Linux kernel, the following vulnerability has been resolved: irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4 The T241 platform suffers from the T241-FABRIC-4 erratum which causes unexpected behavior in the GIC when multiple transactions are received… | |||
| CVE-2025-23268 | 0.00 | — | 0.00 | Sep 17, 2025 | NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper input validation issue. A successful exploit of this vulnerability may lead to code execution. | |||
| CVE-2025-23336 | 0.00 | — | 0.00 | Sep 17, 2025 | NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause a denial of service by loading a misconfigured model. A successful exploit of this vulnerability might lead to denial of service. | |||
| CVE-2025-23329 | 0.00 | — | 0.00 | Sep 17, 2025 | NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause memory corruption by identifying and accessing the shared memory region used by the Python backend. A successful exploit of this vulnerability might lead to denial of… | |||
| CVE-2025-23328 | 0.00 | — | 0.00 | Sep 17, 2025 | NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service. | |||
| CVE-2025-23316 | 0.00 | — | 0.01 | Sep 17, 2025 | NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code execution by manipulating the model name parameter in the model control APIs. A successful exploit of this vulnerability might lead to… | |||
| CVE-2025-23344 | 0.00 | — | 0.00 | Sep 9, 2025 | The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to run code on the platform host as a non-privileged user. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure and data… | |||
| CVE-2025-23343 | 0.00 | — | 0.01 | Sep 9, 2025 | The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of this vulnerability may lead to information disclosure, denial of service, and data tampering. | |||
| CVE-2025-23342 | 0.00 | — | 0.00 | Sep 9, 2025 | The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a privileged account . A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure and data tampering. | |||
| CVE-2025-23315 | 0.00 | — | 0.00 | Aug 26, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,… | |||
| CVE-2025-23314 | 0.00 | — | 0.00 | Aug 26, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information… | |||
| CVE-2025-23313 | 0.00 | — | 0.00 | Aug 26, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information… | |||
| CVE-2025-23312 | 0.00 | — | 0.00 | Aug 26, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,… | |||
| CVE-2025-23307 | 0.00 | — | 0.00 | Aug 26, 2025 | NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | |||
| CVE-2025-23306 | 0.00 | — | 0.00 | Aug 13, 2025 | NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/ arguments.py component where an attacker could cause a code injection issue by providing a malicious input. A successful exploit of this vulnerability may lead to code execution, escalation… | |||
| CVE-2025-23305 | 0.00 | — | 0.00 | Aug 13, 2025 | NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | |||
| CVE-2025-23304 | 0.00 | — | 0.01 | Aug 13, 2025 | NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and… | |||
| CVE-2025-23303 | 0.00 | — | 0.01 | Aug 13, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering. | |||
| CVE-2025-23335 | 0.00 | — | 0.00 | Aug 6, 2025 | NVIDIA Triton Inference Server for Windows and Linux and the Tensor RT backend contain a vulnerability where an attacker could cause an underflow by a specific model configuration and a specific input. A successful exploit of this vulnerability might lead to denial of service. |
- CVE-2025-33199Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. A successful exploit of this vulnerability might lead to data tampering.
- CVE-2025-33198Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.
- CVE-2025-33197Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a NULL pointer dereference. A successful exploit of this vulnerability might lead to denial of service.
- CVE-2025-33196Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.
- CVE-2025-33195Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unexpected memory buffer operations. A successful exploit of this vulnerability might lead to data tampering, denial of service, or escalation of privileges.
- CVE-2025-33194Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service.
- CVE-2025-33193Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper validation of integrity. A successful exploit of this vulnerability might lead to information disclosure.
- CVE-2025-33192Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploit of this vulnerability might lead to denial of service.
- CVE-2025-33191Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause an invalid memory read. A successful exploit of this vulnerability might lead to denial of service.
- CVE-2025-33190Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or escalation of privileges.
- CVE-2025-33189Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, information disclosure, or escalation of privileges.
- CVE-2025-33188Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service.
- CVE-2025-33187Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to SoC protected areas. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, denial of service, or…
- CVE-2025-33202Nov 11, 2025risk 0.00cvss —epss 0.00
NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large payloads. A successful exploit of this vulnerability might lead to denial of service.
- CVE-2025-33178Nov 11, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to Code execution, Escalation of privileges, Information…
- CVE-2025-23361Nov 11, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information…
- CVE-2025-23355Oct 1, 2025risk 0.00cvss —epss 0.00
NVIDIA Nsight Graphics for Windows contains a vulnerability in an ngfx component, where an attacker could cause a DLL highjacking attack. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and denial of service.
- CVE-2025-23354Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensemble_classifer script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information…
- CVE-2025-23353Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA Megatron-LM for all platforms contains a vulnerability in the msdp preprocessing script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information…
- CVE-2025-23349Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA Megatron-LM for all platforms contains a vulnerability in the tasks/orqa/unsupervised/nq.py component, where an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure,…
- CVE-2025-23348Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretrain_gpt script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information…
- CVE-2025-23346Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a limited denial of service.
- CVE-2025-23340Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.
- CVE-2025-23339Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may cause a stack-based buffer overflow by getting the user to run cuobjdump on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at…
- CVE-2025-23338Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
- CVE-2025-23308Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cause a heap-based buffer overflow by getting the user to run nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the…
- CVE-2025-23275Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information…
- CVE-2025-23273Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.
- CVE-2025-23271Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.
- CVE-2025-23255Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user may cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability may lead to a partial denial of service.
- CVE-2025-23248Sep 24, 2025risk 0.00cvss —epss 0.00
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.
- CVE-2023-53383Sep 18, 2025risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4 The T241 platform suffers from the T241-FABRIC-4 erratum which causes unexpected behavior in the GIC when multiple transactions are received…
- CVE-2025-23268Sep 17, 2025risk 0.00cvss —epss 0.00
NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper input validation issue. A successful exploit of this vulnerability may lead to code execution.
- CVE-2025-23336Sep 17, 2025risk 0.00cvss —epss 0.00
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause a denial of service by loading a misconfigured model. A successful exploit of this vulnerability might lead to denial of service.
- CVE-2025-23329Sep 17, 2025risk 0.00cvss —epss 0.00
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause memory corruption by identifying and accessing the shared memory region used by the Python backend. A successful exploit of this vulnerability might lead to denial of…
- CVE-2025-23328Sep 17, 2025risk 0.00cvss —epss 0.00
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service.
- CVE-2025-23316Sep 17, 2025risk 0.00cvss —epss 0.01
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code execution by manipulating the model name parameter in the model control APIs. A successful exploit of this vulnerability might lead to…
- CVE-2025-23344Sep 9, 2025risk 0.00cvss —epss 0.00
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to run code on the platform host as a non-privileged user. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure and data…
- CVE-2025-23343Sep 9, 2025risk 0.00cvss —epss 0.01
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of this vulnerability may lead to information disclosure, denial of service, and data tampering.
- CVE-2025-23342Sep 9, 2025risk 0.00cvss —epss 0.00
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a privileged account . A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure and data tampering.
- CVE-2025-23315Aug 26, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,…
- CVE-2025-23314Aug 26, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information…
- CVE-2025-23313Aug 26, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information…
- CVE-2025-23312Aug 26, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,…
- CVE-2025-23307Aug 26, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
- CVE-2025-23306Aug 13, 2025risk 0.00cvss —epss 0.00
NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/ arguments.py component where an attacker could cause a code injection issue by providing a malicious input. A successful exploit of this vulnerability may lead to code execution, escalation…
- CVE-2025-23305Aug 13, 2025risk 0.00cvss —epss 0.00
NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
- CVE-2025-23304Aug 13, 2025risk 0.00cvss —epss 0.01
NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and…
- CVE-2025-23303Aug 13, 2025risk 0.00cvss —epss 0.01
NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.
- CVE-2025-23335Aug 6, 2025risk 0.00cvss —epss 0.00
NVIDIA Triton Inference Server for Windows and Linux and the Tensor RT backend contain a vulnerability where an attacker could cause an underflow by a specific model configuration and a specific input. A successful exploit of this vulnerability might lead to denial of service.
Page 10 of 21