CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42272
https://notcve.org/view.php?id=CVE-2022-42272
12 Jan 2023 — NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow, which may lead to code execution, denial of service or escalation of privileges. NVIDIA BMC contiene una vulnerabilidad en el controlador IPMI, donde un atacante autorizado puede provocar un desbordamiento del búfer, lo que puede provocar la ejecución de código, denegación de servicio o escalada de privilegios. • https://nvidia.custhelp.com/app/answers/detail/a_id/5435 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42271
https://notcve.org/view.php?id=CVE-2022-42271
11 Jan 2023 — NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution NVIDIA BMC contiene una vulnerabilidad en el controlador IPMI, donde un atacante autorizado puede provocar un desbordamiento del búfer y provocar una denegación de servicio u obtener la ejecución de código. • https://nvidia.custhelp.com/app/answers/detail/a_id/5435 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2022-31603
https://notcve.org/view.php?id=CVE-2022-31603
04 Jul 2022 — NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause code execution, which may lead to denial of service, data integrity impact, and information disclosure. NVIDIA DGX A100 contiene una vulnerabilidad en SBIOS en el IpSecDxe, donde un usuario con altos privilegios y datos globales precondicionados del IpSecDxe puede explotar una comprobación incorrecta de un índi... • https://nvidia.custhelp.com/app/answers/detail/a_id/5367 • CWE-129: Improper Validation of Array Index •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2022-31602
https://notcve.org/view.php?id=CVE-2022-31602
04 Jul 2022 — NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to code execution, denial of service, data integrity impact, and information disclosure. NVIDIA DGX A100 contiene una vulnerabilidad en SBIOS en el IpSecDxe, donde un usuario con altos privilegios y una pila precondicionada puede explotar una vulnerabilidad de escritura fuera de límites, que puede conllevar a una e... • https://nvidia.custhelp.com/app/answers/detail/a_id/5367 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2022-31601
https://notcve.org/view.php?id=CVE-2022-31601
04 Jul 2022 — NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure. NVIDIA DGX A100 contiene una vulnerabilidad en SBIOS en el SmbiosPei, que puede permitir a un atacante local con muchos privilegios causar una escritura fuera de límites, lo que puede conllevar a una ejecución de código, denegación de servicio, el impacto ... • https://nvidia.custhelp.com/app/answers/detail/a_id/5367 • CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-31600
https://notcve.org/view.php?id=CVE-2022-31600
04 Jul 2022 — NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, causing an integer overflow, possibly leading to code execution, escalation of privileges, denial of service, compromised integrity, and information disclosure. The scope of impact can extend to other components. NVIDIA DGX A100 contiene una vulnerabilidad en SBIOS en el SmmCore, donde un usuario con altos privilegios puede encadenar otra vulnerabilidad a... • https://nvidia.custhelp.com/app/answers/detail/a_id/5367 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-31599
https://notcve.org/view.php?id=CVE-2022-31599
04 Jul 2022 — NVIDIA DGX A100 contains a vulnerability in SBIOS in the Ofbd, where a local user with elevated privileges can cause access to an uninitialized pointer, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components. NVIDIA DGX A100 contiene una vulnerabilidad en SBIOS en el Ofbd, donde un usuario local con altos privilegios puede causar el acceso a un puntero no inicializado, lo que puede conllevar a una ejecució... • https://nvidia.custhelp.com/app/answers/detail/a_id/5367 • CWE-824: Access of Uninitialized Pointer •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28200
https://notcve.org/view.php?id=CVE-2022-28200
02 Jul 2022 — NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components. NVIDIA DGX A100 contiene una vulnerabilidad en SBIOS en la BiosCfgTool, donde un usuario local con altos privilegios puede leer y escribir más allá de los límites previstos en la SMRAM, l... • https://nvidia.custhelp.com/app/answers/detail/a_id/5367 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •