Search Results (363303 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-25534 1 Nvidia 2 Dgx H100, Dgx H100 Firmware 2024-11-21 5.7 Medium
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2023-25533 1 Nvidia 3 Dgx H100, Dgx H100 Bmc, Dgx H100 Firmware 2024-11-21 8.3 High
NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to information disclosure, code execution, and escalation of privileges.
CVE-2023-25532 1 Nvidia 2 Dgx H100, Dgx H100 Firmware 2024-11-21 6.5 Medium
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to information disclosure.
CVE-2023-25531 1 Nvidia 3 Dgx H100, Dgx H100 Bmc, Dgx H100 Firmware 2024-11-21 7.6 High
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and escalation of privileges.
CVE-2023-25530 1 Nvidia 3 Dgx H100, Dgx H100 Bmc, Dgx H100 Firmware 2024-11-21 8 High
NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure.
CVE-2023-25529 1 Nvidia 2 Dgx H100, Dgx H100 Firmware 2024-11-21 8 High
NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information disclosure, escalation of privileges, and data tampering.
CVE-2023-25528 1 Nvidia 3 Dgx H100, Dgx H100 Bmc, Dgx H100 Firmware 2024-11-21 8.8 High
NVIDIA DGX H100 baseboard management controller (BMC) contains a vulnerability in a web server plugin, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering.
CVE-2023-25527 1 Nvidia 3 Dgx H100, Dgx H100 Bmc, Dgx H100 Firmware 2024-11-21 7.8 High
NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2023-25526 1 Nvidia 1 Cumulus Linux 2024-11-21 6.5 Medium
NVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanager where an attacker on an adjacent network may cause an uncaught exception by injecting a crafted packet. A successful exploit may lead to denial of service.
CVE-2023-25525 1 Nvidia 1 Cumulus Linux 2024-11-21 7.5 High
NVIDIA Cumulus Linux contains a vulnerability in forwarding where a VxLAN-encapsulated IPv6 packet received on an SVI interface with DMAC/DIPv6 set to the link-local address of the SVI interface may be incorrectly forwarded. A successful exploit may lead to information disclosure.
CVE-2023-25524 1 Nvidia 1 Omniverse Launcher 2024-11-21 4 Medium
NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. An attacker could use this token to impersonate the user to access launcher resources. A successful exploit of this vulnerability may lead to information disclosure.
CVE-2023-25523 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2024-11-21 3.3 Low
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2023-25520 1 Nvidia 5 Jetson Agx Xavier, Jetson Linux, Jetson Tx2 and 2 more 2024-11-21 4.4 Medium
NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.
CVE-2023-25519 1 Nvidia 8 Bluefield 1, Bluefield 1 Firmware, Bluefield 2 Ga and 5 more 2024-11-21 7.8 High
NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges. 
CVE-2023-25516 1 Nvidia 1 Gpu Display Driver 2024-11-21 7.1 High
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of service.
CVE-2023-25491 1 Jch Optimize Project 1 Jch Optimize 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Samuel Marshall JCH Optimize plugin <= 3.2.2 versions.
CVE-2023-25489 1 Iwebss 1 Update Theme And Plugins From Zip File 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Update Theme and Plugins from Zip File plugin <= 2.0.0 versions.
CVE-2023-25487 1 Pixelgrade 1 Pixtypes 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade PixTypes plugin <= 1.4.14 versions.
CVE-2023-25483 1 Easycomingsoon 1 Easy Coming Soon 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ankit Agarwal, Priyanshu Mittal Easy Coming Soon plugin <= 2.3 versions.
CVE-2023-25482 1 Keetrax 1 Wp Tiles 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Mike Martel WP Tiles plugin <= 1.1.2 versions.