Mellanox Os Firmware CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-23259	1 Nvidia	2 Mellanox Os, Mellanox Os Firmware	2025-09-05	6.5 Medium
NVIDIA Mellanox DPDK contains a vulnerability in Poll Mode Driver (PMD), where an attacker on a VM in the system might be able to cause information disclosure and denial of service on the network interface.
CVE-2024-0101	1 Nvidia	13 Mellanox Os Firmware, Metro-3 Xc Firmware, Metrox-2 Firmware and 10 more	2024-12-26	7.5 High
NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter, where improper ipfilter definitions could enable an attacker to cause a failure by attacking the switch. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0113	1 Nvidia	12 Mellanox Os Firmware, Metrox-2 Firmware, Metrox-3 Xc Firmware and 9 more	2024-12-26	7.5 High
NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. A successful exploit of this vulnerability might lead to escalation of privileges and information disclosure.

Page 1 of 1.