CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0122
https://notcve.org/view.php?id=CVE-2024-0122
22 Nov 2024 — NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker may cause an unauthorized action. A successful exploit of this vulnerability may lead to partial denial of service and confidential information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5570 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0138
https://notcve.org/view.php?id=CVE-2024-0138
22 Nov 2024 — NVIDIA Base Command Manager contains a missing authentication vulnerability in the CMDaemon component. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5595 • CWE-862: Missing Authorization •
CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0134
https://notcve.org/view.php?id=CVE-2024-0134
05 Nov 2024 — NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering. NVIDIA Container Toolkit y NVIDIA GPU Operator para Linux contienen una vulnerabilidad de UNIX en la que una imagen de contenedor especialmente manipulada puede provocar la crea... • https://nvidia.custhelp.com/app/answers/detail/a_id/5585 • CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0106
https://notcve.org/view.php?id=CVE-2024-0106
01 Nov 2024 — NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5562 • CWE-274: Improper Handling of Insufficient Privileges •
CVSS: 8.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-0105
https://notcve.org/view.php?id=CVE-2024-0105
01 Nov 2024 — NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5562 • CWE-274: Improper Handling of Insufficient Privileges •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0128
https://notcve.org/view.php?id=CVE-2024-0128
26 Oct 2024 — NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager that allows a user of the guest OS to access global resources. A successful exploit of this vulnerability might lead to information disclosure, data tampering, and escalation of privileges. • https://nvidia.custhelp.com/app/answers/detail/a_id/5586 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0127
https://notcve.org/view.php?id=CVE-2024-0127
26 Oct 2024 — NVIDIA vGPU software contains a vulnerability in the GPU kernel driver of the vGPU Manager for all supported hypervisors, where a user of the guest OS can cause an improper input validation by compromising the guest OS kernel. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5586 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-0121
https://notcve.org/view.php?id=CVE-2024-0121
26 Oct 2024 — NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5586 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-0120
https://notcve.org/view.php?id=CVE-2024-0120
26 Oct 2024 — NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5586 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-0119
https://notcve.org/view.php?id=CVE-2024-0119
26 Oct 2024 — NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5586 • CWE-125: Out-of-bounds Read •