Page 17 of 574 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. A successful exploit of this vulnerability may lead to denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5449 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5449 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0

NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5459 • CWE-1220: Insufficient Granularity of Access Control •

CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0

NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can cause improper handling of exceptional conditions, which may lead to denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5459 • CWE-703: Improper Check or Handling of Exceptional Conditions CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0

NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5459 • CWE-1220: Insufficient Granularity of Access Control •