Lucene search
+L

156 matches found

Nvidia
Nvidia
added 2023/06/30 12:0 a.m.50 views

Security Bulletin: NVIDIA DGX A100 and DGX A800 - June 2023

NVIDIA has released a firmware security update for the NVIDIA DGX™ A100 system and the NVIDIA DGX A800 system. This update addresses issues that may lead to code execution, denial of service, data tampering, escalation of privileges, and information disclosure. To protect your system, download an...

9.8CVSS8.2AI score0.0171EPSS
Exploits0Affected Software1
NVD
NVD
added 2023/04/22 3:15 a.m.26 views

CVE-2023-25506

NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of t...

8.2CVSS7.8AI score0.00175EPSS
Exploits0References1
NVD
NVD
added 2023/04/22 3:15 a.m.21 views

CVE-2023-25509

NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges...

7.8CVSS6.7AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2023/04/22 3:15 a.m.20 views

CVE-2023-0202

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

7.8CVSS7.7AI score0.00163EPSS
Exploits0References1
OSV
OSV
added 2023/04/22 3:15 a.m.5 views

CVE-2023-0202

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

7.8CVSS7.2AI score0.00163EPSS
Exploits0References1
OSV
OSV
added 2023/04/22 3:15 a.m.4 views

CVE-2023-0207

NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. A successful exploit of this vulnerability may lead to denial of service...

4.4CVSS5.8AI score0.0015EPSS
Exploits0References1
NVD
NVD
added 2023/04/22 3:15 a.m.25 views

CVE-2023-0201

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure...

6.7CVSS6.5AI score0.00204EPSS
Exploits0References1
OSV
OSV
added 2023/04/22 3:15 a.m.6 views

CVE-2023-0206

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

7.8CVSS7.2AI score0.00163EPSS
Exploits0References1
NVD
NVD
added 2023/04/22 3:15 a.m.27 views

CVE-2023-0207

NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. A successful exploit of this vulnerability may lead to denial of service...

7.5CVSS7.3AI score0.0015EPSS
Exploits0References1
NVD
NVD
added 2023/04/22 3:15 a.m.25 views

CVE-2023-0206

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

7.8CVSS7.7AI score0.00163EPSS
Exploits0References1
NVD
NVD
added 2023/04/22 3:15 a.m.32 views

CVE-2023-0209

NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware...

8.2CVSS8.6AI score0.002EPSS
Exploits0References1
Prion
Prion
added 2023/04/22 3:15 a.m.22 views

Input validation

NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of t...

4CVSS8.1AI score0.00175EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/22 3:15 a.m.20 views

Design/Logic Flaw

NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. A successful exploit of this vulnerability may lead to denial of service...

1.4CVSS4.6AI score0.0015EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/22 3:15 a.m.21 views

Information disclosure

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

4.3CVSS7.6AI score0.00163EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/22 3:15 a.m.22 views

Design/Logic Flaw

NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges...

4.3CVSS8AI score0.00192EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/22 3:15 a.m.21 views

Information disclosure

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

4.3CVSS7.6AI score0.00163EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/22 3:15 a.m.19 views

Information disclosure

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure...

4CVSS6.9AI score0.00204EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/22 3:15 a.m.24 views

Design/Logic Flaw

NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware...

4.3CVSS8.2AI score0.002EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/22 2:32 a.m.31 views

CVE-2023-25509

NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges...

6CVSS8.3AI score0.00192EPSS
Exploits0References1
CVE
CVE
added 2023/04/22 2:32 a.m.58 views

CVE-2023-25509

CVE-2023-25509 affects NVIDIA DGX-1 SBIOS in the Bds component. The Red Hat and NVIDIA bulletins describe a vulnerability that may permit code execution, denial of service, and privilege escalation. Remediation is via firmware updates: SBIOS versions prior to S2W_3A13 are addressed by updating to...

7.8CVSS8AI score0.00192EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder