Page 3 of 28 results (0.009 seconds)

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5461 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5449 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5449 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering. NVIDIA BMC contiene una vulnerabilidad en SPX REST API, donde un atacante autorizado puede inyectar comandos de shell arbitrarios, lo que puede provocar la ejecución de código, denegación de servicio, divulgación de información y manipulación de datos. • https://nvidia.custhelp.com/app/answers/detail/a_id/5435 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure and data tampering. NVIDIA BMC contiene una vulnerabilidad en SPX REST API, donde un atacante autorizado puede inyectar comandos de shell arbitrarios, lo que puede provocar la ejecución de código, denegación de servicio, divulgación de información y manipulación de datos. • https://nvidia.custhelp.com/app/answers/detail/a_id/5435 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •