VYPR

Vendor CVEs

Nvidia

All CVEs

1,011 total · sorted by risk
  • CVE-2016-6746MedNov 25, 2016
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without…

  • CVE-2016-4961MedNov 8, 2016
    risk 0.36cvss 5.5epss 0.00

    For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVStreamKMS.sys API layer caused a denial of service vulnerability (blue screen crash) within the NVIDIA Windows graphics drivers.

  • CVE-2016-6688MedOct 10, 2016
    risk 0.36cvss 5.5epss 0.00

    The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30593080.

  • CVE-2016-6687MedOct 10, 2016
    risk 0.36cvss 5.5epss 0.00

    The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30162222.

  • CVE-2016-6686MedOct 10, 2016
    risk 0.36cvss 5.5epss 0.00

    The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30163101.

  • CVE-2016-6677MedOct 10, 2016
    risk 0.36cvss 5.5epss 0.00

    The NVIDIA GPU driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30259955.

  • CVE-2016-3815MedJul 11, 2016
    risk 0.36cvss 5.5epss 0.00

    The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28522274.

  • CVE-2016-3814MedJul 11, 2016
    risk 0.36cvss 5.5epss 0.00

    The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28193342.

  • CVE-2026-24204MedApr 28, 2026
    risk 0.35cvss 6.5epss 0.00

    NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure.

  • CVE-2026-24208MedMay 20, 2026
    risk 0.34cvss 5.3epss 0.01

    NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2026-24153MedMar 31, 2026
    risk 0.34cvss 5.2epss 0.00

    NVIDIA Jetson Linux has a vulnerability in initrd, where the nvluks trusted application is not disabled. A successful exploit of this vulnerability might lead to information disclosure.

  • CVE-2025-33185MedNov 11, 2025
    risk 0.34cvss 5.3epss 0.01

    NVIDIA AIStore contains a vulnerability in AuthN where an unauthenticated user may cause information disclosure.  A successful exploit of this vulnerability may lead to information disclosure.

  • CVE-2018-6246MedMay 10, 2018
    risk 0.34cvss 5.3epss 0.00

    In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. This issue is rated as…

  • CVE-2017-0744MedApr 5, 2018
    risk 0.34cvss 5.3epss 0.00

    An elevation of privilege vulnerability in the NVIDIA firmware processing code. Product: Android. Versions: Android kernel. Android ID: A-34112726. References: N-CVE-2017-0744.

  • CVE-2025-23332MedOct 23, 2025
    risk 0.33cvss 5.0epss 0.00

    NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2026-24199MedMay 26, 2026
    risk 0.31cvss 4.7epss 0.00

    NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2026-24147MedApr 7, 2026
    risk 0.31cvss 4.8epss 0.00

    NVIDIA Triton Inference Server contains a vulnerability in triton server where an attacker may cause an information disclosure by uploading a model configuration. A successful exploit of this vulnerability may lead to information disclosure or denial of service.

  • CVE-2025-23269MedJul 17, 2025
    risk 0.31cvss 4.7epss 0.00

    NVIDIA Jetson Linux contains a vulnerability in the kernel where an attacker may cause an exposure of sensitive information due to a shared microarchitectural predictor state that influences transient execution. A successful exploit of this vulnerability may lead to information…

  • CVE-2018-6258MedAug 31, 2018
    risk 0.31cvss 4.7epss 0.00

    NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle (MitM) attack to obtain sensitive information.

  • CVE-2017-0354MedMay 9, 2017
    risk 0.31cvss 4.7epss 0.00

    All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgkDdiEscape where a call to certain function requiring lower IRQL can be made under raised IRQL which may lead to a denial of service.

  • CVE-2017-0330MedApr 5, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0328MedApr 5, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-8409MedJan 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…

  • CVE-2016-8408MedJan 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…

  • CVE-2016-8395MedJan 12, 2017
    risk 0.31cvss 4.7epss 0.01

    A denial of service vulnerability in the NVIDIA camera driver could enable an attacker to cause a local permanent denial of service, which may require reflashing the operating system to repair the device. This issue is rated as High due to the possibility of local permanent…

  • CVE-2025-23292MedSep 30, 2025
    risk 0.30cvss 4.6epss 0.00

    NVIDIA Delegated Licensing Service for all appliance platforms contains a SQL injection vulnerability where an User/Attacker may cause an authorized action. A successful exploit of this vulnerability may lead to partial denial of service (UI component).

  • CVE-2025-33221MedMay 26, 2026
    risk 0.29cvss 4.4epss 0.00

    NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service.

  • CVE-2025-23345MedOct 23, 2025
    risk 0.29cvss 4.4epss 0.00

    NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service.

  • CVE-2025-23274MedSep 24, 2025
    risk 0.29cvss 4.5epss 0.00

    NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted input image with dimensions that cause integer overflows in array index calculations. A successful exploit of this vulnerability may lead to…

  • CVE-2025-23286MedAug 2, 2025
    risk 0.29cvss 4.4epss 0.00

    NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful exploit of this vulnerability might lead to information disclosure.

  • CVE-2024-0131MedFeb 2, 2025
    risk 0.29cvss 4.4epss 0.00

    NVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode attacker could read  a buffer with an incorrect length. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2024-0139MedDec 6, 2024
    risk 0.29cvss 4.4epss 0.00

    NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2026-24176MedApr 21, 2026
    risk 0.28cvss 4.3epss 0.00

    NVIDIA KAI Scheduler contains a vulnerability where an attacker could cause improper authorization through cross-namespace pod references. A successful exploit of this vulnerability might lead to data tampering.

  • CVE-2025-23302MedSep 4, 2025
    risk 0.27cvss 4.2epss 0.00

    NVIDIA HGX and DGX contain a vulnerability where a misconfiguration of the LS10 could enable an attacker to set an unsafe debug access level. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23301MedSep 4, 2025
    risk 0.27cvss 4.2epss 0.00

    NVIDIA HGX and DGX contain a vulnerability where a misconfiguration of the VBIOS could enable an attacker to set an unsafe debug access level. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2025-23288LowAug 2, 2025
    risk 0.21cvss 3.3epss 0.00

    NVIDIA GPU Display Driver for Windows contains a vulnerability  where an attacker may cause an exposure of sensitive system information with local unprivileged system access. A successful exploit of this vulnerability may lead to Information disclosure.

  • CVE-2025-23287LowAug 2, 2025
    risk 0.21cvss 3.3epss 0.00

    NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may access sensitive system-level information. A successful exploit of this vulnerability may lead to Information disclosure.

  • CVE-2024-0149LowJan 28, 2025
    risk 0.21cvss 3.3epss 0.00

    NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might lead to limited information disclosure.

  • CVE-2018-6254LowMay 10, 2018
    risk 0.21cvss 3.3epss 0.00

    In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information disclosure. This issue is rated as moderate. Android: A-64340684. Reference:…

  • CVE-2024-0080LowApr 5, 2024
    risk 0.18cvss 2.8epss 0.00

    NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service.

  • CVE-2023-31028LowApr 5, 2024
    risk 0.18cvss 2.8epss 0.00

    NVIDIA nvJPEG2000 Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service.

  • CVE-2025-23291LowSep 30, 2025
    risk 0.16cvss 2.4epss 0.00

    NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an User/Attacker may cause an authorized action. A successful exploit of this vulnerability may lead to information disclosure.

  • CVE-2025-23290LowAug 2, 2025
    risk 0.16cvss 2.5epss 0.00

    NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a guest could get global GPU metrics which may be influenced by work in other VMs. A successful exploit of this vulnerability might lead to information disclosure.

  • CVE-2025-23253LowApr 22, 2025
    risk 0.16cvss 2.5epss 0.00

    NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. A successful exploit of this vulnerability might lead to code execution, denial…

  • CVE-2018-6262LowOct 2, 2018
    risk 0.16cvss 2.5epss 0.00

    NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled where limited sensitive user information may be available to users with system access, which may lead to information disclosure.

  • CVE-2018-6259LowAug 31, 2018
    risk 0.16cvss 2.5epss 0.00

    NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible.

  • CVE-2006-5379Oct 18, 2006
    risk 0.05cvss epss 0.26

    The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be…

  • CVE-2024-0132Sep 26, 2024
    risk 0.03cvss epss 0.36

    NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A…

  • CVE-2015-7865Nov 24, 2015
    risk 0.03cvss epss 0.03

    nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a…

  • CVE-2013-0109Apr 8, 2013
    risk 0.03cvss epss 0.04

    The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or cause a denial of service (memory overwrite) via a crafted application.

Page 8 of 21