CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0202
https://notcve.org/view.php?id=CVE-2023-0202
NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5449 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0201
https://notcve.org/view.php?id=CVE-2023-0201
NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5449 • CWE-118: Incorrect Access of Indexable Resource ('Range Error') CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0200
https://notcve.org/view.php?id=CVE-2023-0200
NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5449 • CWE-787: Out-of-bounds Write CWE-788: Access of Memory Location After End of Buffer •
CVSS: 6.1EPSS: 0%CPEs: 23EXPL: 0CVE-2023-0199
https://notcve.org/view.php?id=CVE-2023-0199
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://security.gentoo.org/glsa/202310-02 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-0190
https://notcve.org/view.php?id=CVE-2023-0190
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://security.gentoo.org/glsa/202310-02 • CWE-476: NULL Pointer Dereference •