Filtered by vendor Nvidia
Subscribe
Total
670 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-23304 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2025-09-24 | N/A | 7.8 HIGH |
| NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and data tampering. | |||||
| CVE-2025-23303 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2025-09-23 | N/A | 7.8 HIGH |
| NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering. | |||||
| CVE-2025-23360 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2025-09-23 | N/A | 7.1 HIGH |
| NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this vulnerability may lead to code execution and data tampering. | |||||
| CVE-2024-53880 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Triton Inference Server | 2025-09-22 | N/A | 4.9 MEDIUM |
| NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could cause an integer overflow or wraparound error by loading a model with an extra-large file size that overflows an internal variable. A successful exploit of this vulnerability might lead to denial of service. | |||||
| CVE-2025-23305 | 1 Nvidia | 1 Megatron-lm | 2025-09-19 | N/A | 7.8 HIGH |
| NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | |||||
| CVE-2025-23306 | 1 Nvidia | 1 Megatron-lm | 2025-09-19 | N/A | 7.8 HIGH |
| NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/ arguments.py component where an attacker could cause a code injection issue by providing a malicious input. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | |||||
| CVE-2024-0087 | 2 Linux, Nvidia | 2 Linux Kernel, Triton Inference Server | 2025-09-19 | N/A | 9.0 CRITICAL |
| NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitrary file. If this file exists, logs are appended to the file. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | |||||
| CVE-2024-0088 | 2 Linux, Nvidia | 2 Linux Kernel, Triton Inference Server | 2025-09-19 | N/A | 5.5 MEDIUM |
| NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering. | |||||
| CVE-2024-0100 | 2 Linux, Nvidia | 2 Linux Kernel, Triton Inference Server | 2025-09-19 | N/A | 6.5 MEDIUM |
| NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a user can corrupt system files. A successful exploit of this vulnerability might lead to denial of service and data tampering. | |||||
| CVE-2025-23344 | 1 Nvidia | 1 Nvdebug | 2025-09-18 | N/A | 7.3 HIGH |
| The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to run code on the platform host as a non-privileged user. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure and data tampering. | |||||
| CVE-2025-23343 | 1 Nvidia | 1 Nvdebug | 2025-09-18 | N/A | 7.6 HIGH |
| The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of this vulnerability may lead to information disclosure, denial of service, and data tampering. | |||||
| CVE-2025-23342 | 1 Nvidia | 1 Nvdebug | 2025-09-18 | N/A | 8.2 HIGH |
| The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a privileged account . A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure and data tampering. | |||||
| CVE-2024-0082 | 2 Microsoft, Nvidia | 2 Windows, Chatrtx | 2025-09-18 | N/A | 8.2 HIGH |
| NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause improper privilege management by sending open file requests to the application. A successful exploit of this vulnerability might lead to local escalation of privileges, information disclosure, and data tampering | |||||
| CVE-2024-0083 | 2 Microsoft, Nvidia | 2 Windows, Chatrtx | 2025-09-18 | N/A | 6.5 MEDIUM |
| NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause a cross-site scripting error by network by running malicious scripts in users' browsers. A successful exploit of this vulnerability might lead to code execution, denial of service, and information disclosure. | |||||
| CVE-2024-0125 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-09-18 | N/A | 3.3 LOW |
| NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service. | |||||
| CVE-2024-0123 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-09-18 | N/A | 3.3 LOW |
| NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service. | |||||
| CVE-2024-0124 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-09-18 | N/A | 3.3 LOW |
| NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service. | |||||
| CVE-2024-0076 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-09-18 | N/A | 3.3 LOW |
| NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. | |||||
| CVE-2024-0072 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-09-18 | N/A | 3.3 LOW |
| NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. | |||||
| CVE-2024-53870 | 1 Nvidia | 1 Cuda Toolkit | 2025-09-18 | N/A | 3.3 LOW |
| NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. | |||||