VYPR

Vendor CVEs

Nvidia

All CVEs

1,011 total · sorted by risk
  • CVE-2016-6673HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.00

    The NVIDIA camera driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 30204201.

  • CVE-2016-3930HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.00

    The NVIDIA MMC test driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28760138.

  • CVE-2016-3873HigSep 11, 2016
    risk 0.51cvss 7.8epss 0.01

    The NVIDIA kernel in Android before 2016-09-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 29518457.

  • CVE-2016-3847HigAug 5, 2016
    risk 0.51cvss 7.8epss 0.00

    The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28871433.

  • CVE-2016-3842HigAug 5, 2016
    risk 0.51cvss 7.8epss 0.00

    The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28377352 and Qualcomm internal bug CR1002974.

  • CVE-2016-3806HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The MediaTek display driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28402341 and MediaTek internal bug ALPS02715341.

  • CVE-2016-3800HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The MediaTek video driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28175027 and MediaTek internal bug ALPS02693739.

  • CVE-2016-3769HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The NVIDIA video driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28376656.

  • CVE-2016-2491HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.00

    The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27556408.

  • CVE-2016-2490HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.00

    The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27533373.

  • CVE-2016-2465HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.01

    The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407865.

  • CVE-2016-2437HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.01

    The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822.

  • CVE-2016-2436HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.

  • CVE-2016-2435HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.01

    The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.

  • CVE-2016-2434HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.01

    The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.

  • CVE-2016-2556HigApr 12, 2016
    risk 0.51cvss 7.8epss 0.00

    The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows improperly allows access to restricted functionality, which allows local users to gain privileges via unspecified vectors.

  • CVE-2026-24186HigApr 28, 2026
    risk 0.50cvss 8.8epss 0.00

    NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution.

  • CVE-2026-24177HigApr 21, 2026
    risk 0.50cvss 7.7epss 0.00

    NVIDIA KAI Scheduler contains a vulnerability where an attacker could access API endpoints without authorization. A successful exploit of this vulnerability might lead to information disclosure.

  • CVE-2026-24212HigMay 26, 2026
    risk 0.49cvss 7.5epss 0.01

    NVIDIA Isaac Launchable for Linux contains a vulnerability where sensitive information is transmitted in clear text. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

  • CVE-2026-24210HigMay 20, 2026
    risk 0.49cvss 7.5epss 0.01

    NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2026-24209HigMay 20, 2026
    risk 0.49cvss 7.5epss 0.01

    NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2026-24163HigMay 20, 2026
    risk 0.49cvss 7.5epss 0.01

    NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure.

  • CVE-2025-33255HigMay 20, 2026
    risk 0.49cvss 7.5epss 0.01

    NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure.

  • CVE-2026-24175HigApr 7, 2026
    risk 0.49cvss 7.5epss 0.00

    NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request header to the server. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2026-24174HigApr 7, 2026
    risk 0.49cvss 7.5epss 0.01

    NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2026-24173HigApr 7, 2026
    risk 0.49cvss 7.5epss 0.01

    NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2026-24146HigApr 7, 2026
    risk 0.49cvss 7.5epss 0.01

    NVIDIA Triton Inference Server contains a vulnerability where insufficient input validation and a large number of outputs could cause a server crash. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2026-24154HigMar 31, 2026
    risk 0.49cvss 7.6epss 0.00

    NVIDIA Jetson Linux has vulnerability in initrd, where an unprivileged attacker with physical access coul inject incorrect command line arguments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, data…

  • CVE-2025-33203HigNov 25, 2025
    risk 0.49cvss 7.6epss 0.00

    NVIDIA NeMo Agent Toolkit UI for Web contains a vulnerability in the chat API endpoint where an attacker may cause a Server-Side Request Forgery. A successful exploit of this vulnerability may lead to information disclosure and denial of service.

  • CVE-2025-33182HigOct 14, 2025
    risk 0.49cvss 7.6epss 0.00

    NVIDIA Jetson Linux contains a vulnerability in UEFI, where improper authentication may allow a privileged user to cause corruption of the Linux Device Tree. A successful exploitation of this vulnerability might lead to data tampering, denial of service.

  • CVE-2025-23263HigJul 17, 2025
    risk 0.49cvss 7.6epss 0.00

    NVIDIA DOCA-Host and Mellanox OFED contain a vulnerability in the VGT+ feature, where an attacker on a VM might cause escalation of privileges and denial of service on the VLAN.

  • CVE-2024-0148HigFeb 25, 2025
    risk 0.49cvss 7.6epss 0.00

    NVIDIA Jetson Linux and IGX OS image contains a vulnerability in the UEFI firmware RCM boot mode, where an unprivileged attacker with physical access to the device could load untrusted code. A successful exploit might lead to code execution, escalation of privileges, data…

  • CVE-2024-0112HigFeb 12, 2025
    risk 0.49cvss 7.5epss 0.00

    NVIDIA Jetson AGX Orin™ and NVIDIA IGX Orin software contain a vulnerability where an attacker can cause an improper input validation issue by escalating certain permissions to a limited degree. A successful exploit of this vulnerability might lead to code execution, denial of…

  • CVE-2024-0122HigNov 23, 2024
    risk 0.49cvss 7.6epss 0.00

    NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker may cause an unauthorized action. A successful exploit of this vulnerability may lead to partial denial of service and confidential information disclosure.

  • CVE-2017-6280HigMar 6, 2018
    risk 0.49cvss 7.5epss 0.00

    NVIDIA driver contains a possible out-of-bounds read vulnerability due to a leak which may lead to information disclosure. This issue is rated as moderate. Android: A-63851980.

  • CVE-2017-13175HigDec 6, 2017
    risk 0.49cvss 7.5epss 0.00

    An information disclosure vulnerability in the NVIDIA libwilhelm. Product: Android. Versions: Android kernel. Android ID A-64339309. References: N-CVE-2017-13175.

  • CVE-2017-5927HigFeb 27, 2017
    risk 0.49cvss 7.5epss 0.02

    Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking…

  • CVE-2017-5926HigFeb 27, 2017
    risk 0.49cvss 7.5epss 0.02

    Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking…

  • CVE-2017-5925HigFeb 27, 2017
    risk 0.49cvss 7.5epss 0.02

    Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript,…

  • CVE-2017-0317HigFeb 15, 2017
    risk 0.49cvss 7.5epss 0.00

    All versions of NVIDIA GPU and GeForce Experience installer contain a vulnerability where it fails to set proper permissions on the package extraction path thus allowing a non-privileged user to tamper with the extracted files, potentially leading to escalation of privileges via…

  • CVE-2016-4959HigNov 8, 2016
    risk 0.49cvss 7.5epss 0.03

    For the NVIDIA Quadro, NVS, and GeForce products, there is a Remote Desktop denial of service. A successful exploit of a vulnerable system will result in a kernel null pointer dereference, causing a blue screen crash.

  • CVE-2016-6733HigNov 25, 2016
    risk 0.48cvss 7.3epss 0.01

    An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device…

  • CVE-2016-6732HigNov 25, 2016
    risk 0.48cvss 7.3epss 0.01

    An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device…

  • CVE-2016-6731HigNov 25, 2016
    risk 0.48cvss 7.3epss 0.01

    An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device…

  • CVE-2016-6730HigNov 25, 2016
    risk 0.48cvss 7.3epss 0.01

    An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device…

  • CVE-2026-24181HigJun 9, 2026
    risk 0.47cvss 7.3epss 0.00

    NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure.

  • CVE-2026-24180HigJun 9, 2026
    risk 0.47cvss 7.3epss 0.00

    NVIDIA DALI contains a vulnerability in a component where an attacker could cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure.

  • CVE-2026-24206HigMay 20, 2026
    risk 0.47cvss 7.3epss 0.01

    NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation of privileges, denial of service, or information disclosure.

  • CVE-2026-24156HigApr 7, 2026
    risk 0.47cvss 7.3epss 0.00

    NVIDIA DALI contains a vulnerability where an attacker could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to arbitrary code execution.

  • CVE-2025-23258HigSep 4, 2025
    risk 0.47cvss 7.3epss 0.00

    NVIDIA DOCA contains a vulnerability in the collectx-dpeserver Debian package for arm64 that could allow an attacker with low privileges to escalate privileges. A successful exploit of this vulnerability might lead to escalation of privileges.

Page 5 of 21