VYPR

Vendor CVEs

Nvidia

All CVEs

1,011 total · sorted by risk
  • CVE-2025-33199Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. A successful exploit of this vulnerability might lead to data tampering.

  • CVE-2025-33198Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.

  • CVE-2025-33197Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a NULL pointer dereference. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-33196Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure.

  • CVE-2025-33195Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unexpected memory buffer operations. A successful exploit of this vulnerability might lead to data tampering, denial of service, or escalation of privileges.

  • CVE-2025-33194Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service.

  • CVE-2025-33193Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper validation of integrity. A successful exploit of this vulnerability might lead to information disclosure.

  • CVE-2025-33192Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-33191Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause an invalid memory read. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-33190Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or escalation of privileges.

  • CVE-2025-33189Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, information disclosure, or escalation of privileges.

  • CVE-2025-33188Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service.

  • CVE-2025-33187Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to SoC protected areas. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, denial of service, or…

  • CVE-2025-33202Nov 11, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large payloads. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-33178Nov 11, 2025
    risk 0.00cvss epss 0.00

    NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to Code execution, Escalation of privileges, Information…

  • CVE-2025-23361Nov 11, 2025
    risk 0.00cvss epss 0.00

    NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information…

  • CVE-2025-23355Oct 1, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Nsight Graphics for Windows contains a vulnerability in an ngfx component, where an attacker could cause a DLL highjacking attack. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and denial of service.

  • CVE-2025-23354Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensemble_classifer script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information…

  • CVE-2025-23353Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Megatron-LM for all platforms contains a vulnerability in the msdp preprocessing script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information…

  • CVE-2025-23349Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Megatron-LM for all platforms contains a vulnerability in the tasks/orqa/unsupervised/nq.py component, where an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure,…

  • CVE-2025-23348Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretrain_gpt script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information…

  • CVE-2025-23346Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a limited denial of service.

  • CVE-2025-23340Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.

  • CVE-2025-23339Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may cause a stack-based buffer overflow by getting the user to run cuobjdump on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at…

  • CVE-2025-23338Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.

  • CVE-2025-23308Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cause a heap-based buffer overflow by getting the user to run nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the…

  • CVE-2025-23275Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information…

  • CVE-2025-23273Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.

  • CVE-2025-23271Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.

  • CVE-2025-23255Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user may cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability may lead to a partial denial of service.

  • CVE-2025-23248Sep 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.

  • CVE-2023-53383Sep 18, 2025
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4 The T241 platform suffers from the T241-FABRIC-4 erratum which causes unexpected behavior in the GIC when multiple transactions are received…

  • CVE-2025-23268Sep 17, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper input validation issue. A successful exploit of this vulnerability may lead to code execution.

  • CVE-2025-23336Sep 17, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause a denial of service by loading a misconfigured model. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23329Sep 17, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause memory corruption by identifying and accessing the shared memory region used by the Python backend. A successful exploit of this vulnerability might lead to denial of…

  • CVE-2025-23328Sep 17, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23316Sep 17, 2025
    risk 0.00cvss epss 0.01

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code execution by manipulating the model name parameter in the model control APIs. A successful exploit of this vulnerability might lead to…

  • CVE-2025-23344Sep 9, 2025
    risk 0.00cvss epss 0.00

    The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to run code on the platform host as a non-privileged user. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure and data…

  • CVE-2025-23343Sep 9, 2025
    risk 0.00cvss epss 0.01

    The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of this vulnerability may lead to information disclosure, denial of service, and data tampering.

  • CVE-2025-23342Sep 9, 2025
    risk 0.00cvss epss 0.00

    The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a privileged account . A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure and data tampering.

  • CVE-2025-23315Aug 26, 2025
    risk 0.00cvss epss 0.00

    NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,…

  • CVE-2025-23314Aug 26, 2025
    risk 0.00cvss epss 0.00

    NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information…

  • CVE-2025-23313Aug 26, 2025
    risk 0.00cvss epss 0.00

    NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information…

  • CVE-2025-23312Aug 26, 2025
    risk 0.00cvss epss 0.00

    NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,…

  • CVE-2025-23307Aug 26, 2025
    risk 0.00cvss epss 0.00

    NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

  • CVE-2025-23306Aug 13, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/ arguments.py component where an attacker could cause a code injection issue by providing a malicious input. A successful exploit of this vulnerability may lead to code execution, escalation…

  • CVE-2025-23305Aug 13, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.

  • CVE-2025-23304Aug 13, 2025
    risk 0.00cvss epss 0.01

    NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and…

  • CVE-2025-23303Aug 13, 2025
    risk 0.00cvss epss 0.01

    NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.

  • CVE-2025-23335Aug 6, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server for Windows and Linux and the Tensor RT backend contain a vulnerability where an attacker could cause an underflow by a specific model configuration and a specific input. A successful exploit of this vulnerability might lead to denial of service.

Page 10 of 21