Nvidia Security Vulnerabilities (CVEs)
Track 124 security vulnerabilities affecting Nvidia products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
CVE-2025-23360 is a relative path traversal vulnerability in NVIDIA Nemo Framework that allows authenticated users to write arbitrary files to uninten...
Mar 11, 2025CVE-2025-23359 is a Time-of-Check Time-of-Use (TOCTOU) vulnerability in NVIDIA Container Toolkit for Linux that allows a malicious container image to ...
Feb 12, 2025NVIDIA Container Toolkit has an improper isolation vulnerability where malicious container images can modify host binaries. This affects systems using...
Jan 28, 2025NVIDIA Container Toolkit has an improper isolation vulnerability where specially crafted container images could allow untrusted code to access host de...
Jan 28, 2025NVIDIA Container Toolkit has an improper isolation vulnerability where specially crafted container images could allow untrusted code to run in the hos...
Jan 28, 2025NVIDIA Triton Inference Server has an out-of-bounds read vulnerability where users can release shared memory regions while they're in use. This could ...
Oct 1, 2024A TOCTOU vulnerability in NVIDIA Container Toolkit 1.16.1 or earlier allows specially crafted container images to access the host file system when usi...
Sep 26, 2024The NVIDIA CUDA Toolkit's cuobjdump utility contains an out-of-bounds write vulnerability when processing malformed ELF files. This could allow attack...
Aug 31, 2024This vulnerability allows attackers to perform path traversal attacks via specially crafted URIs in NVIDIA networking products' web interfaces. Succes...
Aug 12, 2024This vulnerability in NVIDIA GPU Display Driver for Windows allows an unprivileged user to trigger an out-of-bounds read in the user mode layer. Succe...
Aug 8, 2024This vulnerability in NVIDIA networking products allows attackers to cause denial of service through improper ipfilter definitions. Attackers can expl...
Aug 8, 2024CVE-2024-0095 is a log injection vulnerability in NVIDIA Triton Inference Server that allows attackers to inject forged logs and executable commands b...
Jun 13, 2024NVIDIA Triton Inference Server for Linux has a vulnerability where improper resource initialization during network operations can lead to information ...
Jun 13, 2024This vulnerability in NVIDIA GPU Display Drivers allows users to cause untrusted pointer dereference through driver API execution. Successful exploita...
Jun 13, 2024This vulnerability in NVIDIA GPU software for Linux allows unauthorized actors to access sensitive information through the GPU driver. It affects Linu...
Jun 13, 2024This vulnerability in NVIDIA vGPU software allows unprivileged users on Windows or Linux systems to execute privileged operations on the host, potenti...
Jun 13, 2024This vulnerability in NVIDIA GPU Display Driver for Windows allows information disclosure between processes, potentially exposing sensitive data from ...
Jun 13, 2024NVIDIA ChatRTX for Windows transmits sensitive information in clear text, allowing attackers on the same network to sniff data. This affects all ChatR...
May 14, 2024NVIDIA ChatRTX for Windows has a privilege management vulnerability where attackers can manipulate execution flow through user inputs. This could allo...
May 14, 2024This vulnerability in NVIDIA Triton Inference Server allows attackers to set the logging location to arbitrary files, enabling log injection attacks. ...
May 14, 2024NVIDIA ChatRTX for Windows has a privilege management vulnerability where attackers can send open file requests to escalate privileges locally. This c...
Apr 8, 2024This vulnerability in NVIDIA's NeMo framework allows attackers to cause unlimited resource allocation in the ASR web application component, leading to...
Apr 5, 2024This vulnerability allows root users on NVIDIA Bluefield DPU BMC systems to inject and execute arbitrary code through ipmitool network calls. It affec...
Jan 24, 2024This vulnerability in NVIDIA DGX A100 SBIOS allows attackers to trigger SMI callouts that could execute arbitrary code at the System Management Mode (...
Jan 12, 2024This vulnerability in NVIDIA DGX A100 SBIOS allows local users to trigger dynamic variable evaluation, potentially causing denial of service. It affec...
Jan 12, 2024This vulnerability in NVIDIA DGX A100 BMC's host KVM daemon allows unauthenticated attackers to cause stack memory corruption via specially crafted ne...
Jan 12, 2024This vulnerability allows an unauthenticated attacker to exploit a stack overflow in the NVIDIA DGX A100 BMC's host KVM daemon via a specially crafted...
Jan 12, 2024NVIDIA Triton Inference Server has a path traversal vulnerability when launched with the --model-control explicit option. Attackers can exploit this v...
Jan 12, 2024This vulnerability in NVIDIA GPU Display Driver for Windows allows attackers to write arbitrary data to privileged locations using reparse points. Suc...
Nov 2, 2023This vulnerability in NVIDIA GPU Display Driver for Windows allows attackers to impersonate clients through named pipe access issues in wksServicePlug...
Nov 2, 2023This vulnerability in NVIDIA GPU Display Driver for Windows allows low-privileged users to escalate privileges when an administrator updates GPU drive...
Nov 2, 2023This vulnerability in NVIDIA DGX H100 BMC's IPMI interface allows attackers to execute arbitrary code, cause denial of service, escalate privileges, o...
Sep 20, 2023This vulnerability in NVIDIA DGX H100 BMC's IPMI allows attackers to exploit insufficient credential protection, potentially leading to code execution...
Sep 20, 2023This vulnerability in NVIDIA DGX H100 BMC's web UI allows improper input validation, potentially enabling attackers to execute arbitrary code, escalat...
Sep 20, 2023This vulnerability in NVIDIA DGX H100 and A100 BMC's host KVM daemon allows unauthenticated attackers to steal session tokens via timing side-channel ...
Sep 20, 2023This vulnerability in NVIDIA DGX H100 BMC's host KVM daemon allows authenticated local attackers to corrupt kernel memory, potentially leading to arbi...
Sep 20, 2023NVIDIA Cumulus Linux has a VxLAN forwarding vulnerability where specially crafted IPv6 packets may be incorrectly forwarded, potentially exposing netw...
Sep 20, 2023This vulnerability in NVIDIA vGPU software allows guest operating systems to access and manipulate resources they shouldn't have authorization for. Th...
Jul 4, 2023This vulnerability in NVIDIA DGX A100/A800 systems allows attackers to exploit improper input validation in the SBIOS by providing configuration infor...
Jul 4, 2023This vulnerability in NVIDIA GPU display drivers allows attackers to execute arbitrary code, escalate privileges, or cause denial of service by sendin...
Jun 23, 2023This vulnerability in NVIDIA DGX-1 systems allows attackers with elevated privileges to exploit a heap preconditioning issue in the AMI SBIOS Ofbd com...
Apr 22, 2023This vulnerability in NVIDIA DGX-2 systems allows authenticated users with high privileges to exploit a heap-based buffer overflow in the OFBD compone...
Apr 22, 2023This vulnerability in NVIDIA DGX A100 SBIOS allows attackers to modify arbitrary memory in SMRAM (System Management RAM) by exploiting SMM (System Man...
Apr 22, 2023This vulnerability in NVIDIA DGX A100 SBIOS allows attackers to modify SMRAM memory through the NVME SMM API. Successful exploitation could lead to de...
Apr 22, 2023This vulnerability in NVIDIA DGX-1 SBIOS allows attackers to execute arbitrary code or bypass security features like SecureBoot due to missing authent...
Apr 22, 2023This vulnerability in NVIDIA GPU Display Driver for Linux allows attackers to exploit a kernel mode layer handler flaw, potentially leading to code ex...
Apr 1, 2023This vulnerability in NVIDIA GPU Display Driver for Linux allows attackers to exploit a kernel mode layer handler, potentially causing denial of servi...
Apr 1, 2023This vulnerability in NVIDIA GPU Display Driver for Windows allows attackers to write data beyond allocated memory boundaries in the kernel mode layer...
Apr 1, 2023NVIDIA GeForce Experience installer contains a vulnerability where users installing the software from a compromised directory may inadvertently delete...
Feb 7, 2023This vulnerability in NVIDIA GPU Display Driver for Windows allows attackers to execute arbitrary code through specially crafted shaders, potentially ...
May 17, 2022Why Monitor Nvidia Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 124+ known vulnerabilities affecting Nvidia products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Nvidia packages in under 60 seconds. No agents required - completely agentless scanning that works across Nvidia deployments.
Free vulnerability database: Access detailed information about every Nvidia CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Nvidia CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
