VYPR

Vendor CVEs

Nvidia

All CVEs

1,011 total · sorted by risk
  • CVE-2025-23334Aug 6, 2025
    risk 0.00cvss epss 0.01

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by sending a request. A successful exploit of this vulnerability might lead to information disclosure.

  • CVE-2025-23333Aug 6, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by manipulating shared memory data. A successful exploit of this vulnerability might lead to information disclosure.

  • CVE-2025-23331Aug 6, 2025
    risk 0.00cvss epss 0.01

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a memory allocation with excessive size value, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial…

  • CVE-2025-23327Aug 6, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through specially crafted inputs. A successful exploit of this vulnerability might lead to denial of service and data tampering.

  • CVE-2025-23326Aug 6, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23325Aug 6, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23324Aug 6, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23323Aug 6, 2025
    risk 0.00cvss epss 0.01

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23322Aug 6, 2025
    risk 0.00cvss epss 0.01

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where multiple requests could cause a double free when a stream is cancelled before it is processed. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23321Aug 6, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a divide by zero issue by issuing an invalid request. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23320Aug 6, 2025
    risk 0.00cvss epss 0.01

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause the shared memory limit to be exceeded by sending a very large request. A successful exploit of this vulnerability might lead to information…

  • CVE-2025-23319Aug 6, 2025
    risk 0.00cvss epss 0.02

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data…

  • CVE-2025-23318Aug 6, 2025
    risk 0.00cvss epss 0.01

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information…

  • CVE-2025-23317Aug 6, 2025
    risk 0.00cvss epss 0.02

    NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data…

  • CVE-2025-23311Aug 6, 2025
    risk 0.00cvss epss 0.02

    NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack overflow through specially crafted HTTP requests. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, or data…

  • CVE-2025-23310Aug 6, 2025
    risk 0.00cvss epss 0.02

    NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information…

  • CVE-2025-23260Jun 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure.

  • CVE-2025-23265Jun 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability may lead to Code Execution, Escalation of Privileges, Information…

  • CVE-2025-23264Jun 24, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability may lead to Code Execution, Escalation of Privileges, Information…

  • CVE-2022-50079Jun 18, 2025
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check correct bounds for stream encoder instances for DCN303 [Why & How] eng_id for DCN303 cannot be more than 1, since we have only two instances of stream encoders. Check the correct…

  • CVE-2025-23252Jun 18, 2025
    risk 0.00cvss epss 0.00

    The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to restricted components. A successful exploit of this vulnerability may lead to information disclosure.

  • CVE-2025-23247May 27, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this…

  • CVE-2025-23251Apr 22, 2025
    risk 0.00cvss epss 0.01

    NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of generation of code by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.

  • CVE-2025-23250Apr 22, 2025
    risk 0.00cvss epss 0.01

    NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper limitation of a pathname to a restricted directory by an arbitrary file write. A successful exploit of this vulnerability might lead to code execution and data tampering.

  • CVE-2025-23249Apr 22, 2025
    risk 0.00cvss epss 0.01

    NVIDIA NeMo Framework contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.

  • CVE-2025-23360Mar 11, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this vulnerability may lead to code execution and data tampering.

  • CVE-2025-23243Mar 11, 2025
    risk 0.00cvss epss 0.02

    NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tampering or denial of service.

  • CVE-2025-23242Mar 11, 2025
    risk 0.00cvss epss 0.02

    NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, denial of service, or information disclosure.

  • CVE-2024-53879Feb 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.

  • CVE-2024-53878Feb 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.

  • CVE-2024-53877Feb 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause a NULL pointer exception by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service.

  • CVE-2024-53876Feb 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service.

  • CVE-2024-53875Feb 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.

  • CVE-2024-53874Feb 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.

  • CVE-2024-53873Feb 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA toolkit for Windows contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.

  • CVE-2024-53872Feb 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.

  • CVE-2024-53871Feb 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service.

  • CVE-2024-53870Feb 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.

  • CVE-2025-23359Feb 12, 2025
    risk 0.00cvss epss 0.03

    NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code…

  • CVE-2024-53880Feb 12, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could cause an integer overflow or wraparound error by loading a model with an extra-large file size that overflows an internal variable. A successful exploit of this vulnerability…

  • CVE-2024-0137Jan 28, 2025
    risk 0.00cvss epss 0.00

    NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a…

  • CVE-2024-0136Jan 28, 2025
    risk 0.00cvss epss 0.01

    NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a…

  • CVE-2024-0135Jan 28, 2025
    risk 0.00cvss epss 0.01

    NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges,…

  • CVE-2024-0134Nov 5, 2024
    risk 0.00cvss epss 0.00

    NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful…

  • CVE-2024-0129Oct 15, 2024
    risk 0.00cvss epss 0.00

    NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. A successful exploit of this vulnerability may lead to code execution and data tampering.

  • CVE-2024-0125Oct 3, 2024
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of…

  • CVE-2024-0124Oct 3, 2024
    risk 0.00cvss epss 0.00

    NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.

  • CVE-2024-0123Oct 3, 2024
    risk 0.00cvss epss 0.00

    NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability…

  • CVE-2024-0116Oct 1, 2024
    risk 0.00cvss epss 0.00

    NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. A successful exploit of this vulnerability may lead to denial of service.

  • CVE-2024-0133Sep 26, 2024
    risk 0.00cvss epss 0.00

    NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this…

Page 11 of 21