CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0208
https://notcve.org/view.php?id=CVE-2023-0208
NVIDIA DCGM for Linux contains a vulnerability in HostEngine (server component) where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5453 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0196
https://notcve.org/view.php?id=CVE-2023-0196
NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer dereference, which may result in a limited denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5446 • CWE-476: NULL Pointer Dereference •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0193
https://notcve.org/view.php?id=CVE-2023-0193
NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a local user running the tool against a malicious binary may cause an out-of-bounds read, which may result in a limited denial of service and limited information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5446 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42292
https://notcve.org/view.php?id=CVE-2022-42292
NVIDIA GeForce Experience contains a vulnerability in the NVContainer component, where a user without administrator privileges can create a symbolic link to a file that requires elevated privileges to write to or modify, which may lead to denial of service, escalation of privilege or limited data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5384 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-31611
https://notcve.org/view.php?id=CVE-2022-31611
NVIDIA GeForce Experience contains an uncontrolled search path vulnerability in all its client installers, where an attacker with user level privileges may cause the installer to load an arbitrary DLL when the installer is launched. A successful exploit of this vulnerability could lead to escalation of privileges and code execution. • https://nvidia.custhelp.com/app/answers/detail/a_id/5384 • CWE-427: Uncontrolled Search Path Element •