23 matches found
Security Bulletin: NVIDIA DGX Spark - May 2026
NVIDIA has released a software update for NVIDIA® DGX Spark. To protect your system, download and install the latest version of NVIDIA DGX OS from the NVIDIA DGX site. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update...
CVE-2025-33200
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure...
CVE-2025-33195
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unexpected memory buffer operations. A successful exploit of this vulnerability might lead to data tampering, denial of service, or escalation of privileges...
CVE-2025-33194
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service...
CVE-2025-33195
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unexpected memory buffer operations. A successful exploit of this vulnerability might lead to data tampering, denial of service, or escalation of privileges...
CVE-2025-33187
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to SoC protected areas. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, denial of service, or escalation of...
CVE-2025-33199
CVE-2025-33199 affects NVIDIA DGX Spark GB10 with a vulnerability in the SROOT firmware that could lead to incorrect control flow and data tampering. Affected component: SROOT firmware on DGX Spark GB10. Root cause: firmware-level control-flow issue (details not fully disclosed in the provided do...
CVE-2025-33197
CVE-2025-33197 affects NVIDIA DGX Spark GB10 via a NULL pointer dereference in the SROOT firmware, with potential denial of service. The Red Hat and NVD/NVIDIA entries describe the same vulnerability scoped to DGX Spark GB10 devices; no exploitation details are provided in the documents. Affected...
CVE-2025-33192
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploit of this vulnerability might lead to denial of service...
CVE-2025-33191
NVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause an invalid memory read. A successful exploit of this vulnerability might lead to denial of service...
CVE-2025-33190
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or escalation of privileges...
CVE-2025-33189
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, information disclosure, or escalation of privileges...
CVE-2025-33188
CVE-2025-33188 affects NVIDIA DGX Spark GB10. The issue is described as a vulnerability in hardware resources allowing an attacker to tamper with hardware controls. Impact includes information disclosure, data tampering, and denial of service. Exploitation appears local (attacker needs local acce...
NVIDIA DGX Spark 安全漏洞
The NVIDIA DGX Spark is a personal AI computer from NVIDIA Corporation. A security vulnerability exists in NVIDIA DGX Spark GB10 that stems from improper handling of input data in the SROOT firmware, which could lead to information disclosure or denial of service...
NVIDIA DGX Spark 输入验证错误漏洞
The NVIDIA DGX Spark is a personal AI computer from NVIDIA. An input validation error vulnerability exists in NVIDIA DGX Spark GB10, which stems from an invalid memory read in the OSROOT firmware and could lead to a denial of service...
NVIDIA DGX Spark 缓冲区错误漏洞
The NVIDIA DGX Spark is a personal AI computer from NVIDIA. A buffer error vulnerability exists in NVIDIA DGX Spark GB10, which stems from an out-of-bounds write in the SROOT firmware that could lead to code execution, data tampering, denial of service, or elevation of privilege...
NVIDIA DGX Spark 缓冲区错误漏洞
The NVIDIA DGX Spark is a personal AI computer from NVIDIA. A buffer error vulnerability exists in NVIDIA DGX Spark GB10, which stems from an out-of-bounds write in the SROOT firmware that could lead to code execution, data tampering, denial of service, information disclosure, or elevation of...
NVIDIA DGX Spark 安全漏洞
The NVIDIA DGX Spark is a personal AI computer from NVIDIA Corporation. A security vulnerability exists in NVIDIA DGX Spark GB10, which originates from privileged access to an accessible SoC protected area in SROOT, and could result in code execution, information disclosure, data tampering, denia...
NVIDIA DGX Spark 安全漏洞
NVIDIA DGX Spark is a personal AI computer from NVIDIA Corporation. A security vulnerability exists in NVIDIA DGX Spark GB10, which originates from hardware resources that can be tampered with, potentially resulting in information disclosure, data manipulation, or denial of service...
PT-2025-48060
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. A successful exploit of this vulnerability might lead to data tampering...