VYPR

Vendor CVEs

Nvidia

All CVEs

1,011 total · sorted by risk
  • CVE-2025-23257HigSep 4, 2025
    risk 0.47cvss 7.3epss 0.00

    NVIDIA DOCA contains a vulnerability in the collectx-clxapidev Debian package that could allow an actor with low privileges to escalate privileges. A successful exploit of this vulnerability might lead to escalation of privileges.

  • CVE-2025-23277HigAug 2, 2025
    risk 0.47cvss 7.3epss 0.00

    NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outside bounds permitted under normal use cases. A successful exploit of this vulnerability might lead to denial of service, data tampering, or…

  • CVE-2016-4960HigNov 8, 2016
    risk 0.47cvss 7.3epss 0.00

    For the NVIDIA Quadro, NVS, and GeForce products, the NVIDIA NVStreamKMS.sys service component is improperly validating user-supplied data through its API entry points causing an elevation of privilege.

  • CVE-2026-24200HigMay 26, 2026
    risk 0.46cvss 7.0epss 0.00

    NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause a use-after-free for stack memory. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data…

  • CVE-2026-24196HigMay 26, 2026
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure.

  • CVE-2026-24195HigMay 26, 2026
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23282HigOct 10, 2025
    risk 0.46cvss 7.0epss 0.00

    NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and…

  • CVE-2025-23280HigOct 10, 2025
    risk 0.46cvss 7.0epss 0.00

    NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.

  • CVE-2025-23281HigAug 2, 2025
    risk 0.46cvss 7.0epss 0.00

    NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker with local unprivileged access that can win a race condition might be able to trigger a use-after-free error. A successful exploit of this vulnerability might lead to code execution, escalation of…

  • CVE-2025-23279HigAug 2, 2025
    risk 0.46cvss 7.0epss 0.00

    NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, denial of service,…

  • CVE-2025-23278HigAug 2, 2025
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might cause an improper index validation by issuing a call with crafted parameters. A successful exploit of this vulnerability might lead to data tampering  or denial of service.

  • CVE-2025-23270HigJul 17, 2025
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Jetson Linux contains a vulnerability in UEFI Management mode, where an unprivileged local attacker may cause exposure of sensitive information via a side channel vulnerability. A successful exploit of this vulnerability might lead to code execution, data tampering,…

  • CVE-2024-0150HigJan 28, 2025
    risk 0.46cvss 7.1epss 0.00

    NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A successful exploit of this vulnerability might lead to information disclosure, denial of service, or data tampering.

  • CVE-2024-0128HigOct 26, 2024
    risk 0.46cvss 7.1epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager that allows a user of the guest OS to access global resources. A successful exploit of this vulnerability might lead to information disclosure, data tampering, and escalation of privileges.

  • CVE-2024-0074HigMar 27, 2024
    risk 0.46cvss 7.1epss 0.00

    NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering.

  • CVE-2018-6261HigOct 2, 2018
    risk 0.46cvss 7.0epss 0.00

    NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access.

  • CVE-2018-6257HigAug 31, 2018
    risk 0.46cvss 7.0epss 0.00

    NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both.

  • CVE-2017-6296HigMar 6, 2018
    risk 0.46cvss 7.0epss 0.00

    NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate.

  • CVE-2017-6262HigDec 6, 2017
    risk 0.46cvss 7.0epss 0.00

    NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to a race condition which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A.…

  • CVE-2017-6249HigJul 13, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product:…

  • CVE-2017-6248HigJul 6, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product:…

  • CVE-2017-0343HigMay 9, 2017
    risk 0.46cvss 7.0epss 0.00

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) where user can trigger a race condition due to lack of synchronization in two functions leading to a denial of service or potential escalation of privileges.

  • CVE-2017-0339HigApr 5, 2017
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0332HigApr 5, 2017
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0329HigApr 5, 2017
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability in the NVIDIA boot and power management processor driver could enable a local malicious application to execute arbitrary code within the context of the boot and power management processor. This issue is rated as High because it first…

  • CVE-2017-0327HigApr 5, 2017
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0325HigApr 5, 2017
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability in the NVIDIA I2C HID driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-8449HigJan 12, 2017
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-8435HigJan 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-3848HigAug 5, 2016
    risk 0.46cvss 7.0epss 0.00

    The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28919417.

  • CVE-2016-2446HigMay 9, 2016
    risk 0.46cvss 7.0epss 0.00

    The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.

  • CVE-2016-2444HigMay 9, 2016
    risk 0.46cvss 7.0epss 0.00

    The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.

  • CVE-2025-23299MedOct 22, 2025
    risk 0.44cvss 6.7epss 0.00

    NVIDIA Bluefield and ConnectX contain a vulnerability in the management interface that could allow a malicious actor with high privilege access to execute arbitrary code.

  • CVE-2024-0141MedMar 5, 2025
    risk 0.44cvss 6.8epss 0.01

    NVIDIA Hopper HGX for 8-GPU contains a vulnerability in the GPU vBIOS that may allow a malicious actor with tenant level GPU access to write to an unsupported registry causing a bad state. A successful exploit of this vulnerability may lead to denial of service.

  • CVE-2024-0145MedFeb 12, 2025
    risk 0.44cvss 6.8epss 0.01

    NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a heap-based buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering.

  • CVE-2024-0144MedFeb 12, 2025
    risk 0.44cvss 6.8epss 0.01

    NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to data tampering.

  • CVE-2024-0143MedFeb 12, 2025
    risk 0.44cvss 6.8epss 0.01

    NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause an out-of-bounds write issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering.

  • CVE-2024-0142MedFeb 12, 2025
    risk 0.44cvss 6.8epss 0.01

    NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause an out-of-bounds write issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering.

  • CVE-2024-0140MedJan 28, 2025
    risk 0.44cvss 6.8epss 0.00

    NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user could cause a deserialization of untrusted data issue. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure.

  • CVE-2018-3639MedMay 22, 2018
    risk 0.44cvss 5.5epss 0.61

    Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis,…

  • CVE-2018-6242MedMay 1, 2018
    risk 0.44cvss 6.8epss 0.03

    Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM). An attacker with physical access to the device's USB and the ability to force the device to reboot into RCM could exploit the vulnerability to…

  • CVE-2016-8827MedDec 16, 2016
    risk 0.43cvss 6.5epss 0.05

    NVIDIA GeForce Experience 3.x before GFE 3.1.0.52 contains a vulnerability in NVIDIA Web Helper.exe where a local web API endpoint, /VisualOPS/v.1.0./, lacks proper access control and parameter validation, allowing for information disclosure via a directory traversal attack.

  • CVE-2016-5025MedNov 8, 2016
    risk 0.43cvss 6.6epss 0.00

    For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.

  • CVE-2026-24197MedMay 26, 2026
    risk 0.42cvss 6.5epss 0.00

    NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful…

  • CVE-2026-24182MedMay 26, 2026
    risk 0.42cvss 6.5epss 0.00

    NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23259MedSep 4, 2025
    risk 0.42cvss 6.5epss 0.00

    NVIDIA Mellanox DPDK contains a vulnerability in Poll Mode Driver (PMD), where an attacker on a VM in the system might be able to cause information disclosure and denial of service on the network interface.

  • CVE-2024-0079MedMar 27, 2024
    risk 0.42cvss 6.5epss 0.00

    NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest VM can cause a NULL-pointer dereference in the host. A successful exploit of this vulnerability may lead to denial of service.

  • CVE-2024-0078MedMar 27, 2024
    risk 0.42cvss 6.5epss 0.00

    NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial of service.

  • CVE-2017-6260MedJul 28, 2017
    risk 0.42cvss 6.5epss 0.00

    NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer helper function where an incorrect calculation of string length may lead to denial of service.

  • CVE-2017-0310MedFeb 15, 2017
    risk 0.42cvss 6.5epss 0.00

    All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper access controls allowing unprivileged user to cause a denial of service.

Page 6 of 21