2024 Bulletins
Search CVEs in this year by count, description, or CWE
Bulletins: 10
CVEs: 23
Search by bulletin count, CVE count, CVE description, or CWE.
Matching CVEs: 23
No matching CVEs found.
| Date | Scope | CVE / Details |
|---|---|---|
| 2024-12-05 | CWE-125 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Security Bulletin: NVIDIA GPU Display Driver - October 2024 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2024-12-05 | CWE-125 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Security Bulletin: NVIDIA GPU Display Driver - October 2024 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2024-12-05 | CWE-125 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Security Bulletin: NVIDIA GPU Display Driver - October 2024 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2024-12-05 | CWE-125 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Security Bulletin: NVIDIA GPU Display Driver - October 2024 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2024-12-05 | CWE-125 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Security Bulletin: NVIDIA GPU Display Driver - October 2024 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2024-10-02 | CWE-476 NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service. Security Bulletin: NVIDIA CUDA Toolkit - October 2024 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page. | |
| 2024-09-30 | CWE-125 NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. A successful exploit of this vulnerability may lead to denial of service. Security Bulletin: NVIDIA Triton Inference Server - September 2024 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2024-08-29 | CWE-125 NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service. Security Bulletin: NVIDIA CUDA Toolkit - August 2024 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page. | |
| 2024-07-11 | CWE-125 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service. Security Bulletin: NVIDIA CUDA Toolkit - July 2024 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page. | |
| 2024-07-09 | CWE-125 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Security Bulletin: NVIDIA GPU Display Driver - July 2024 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2024-06-06 | CWE-787 NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Security Bulletin: NVIDIA GPU Display Driver - June 2024 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2024-06-06 | CWE-476 NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. A successful exploit of this vulnerability might lead to denial of service and undefined behavior in the vGPU plugin. Security Bulletin: NVIDIA GPU Display Driver - June 2024 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2024-02-28 | CWE-125 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds write. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Security Bulletin: NVIDIA GPU Display Driver - February 2024 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2024-02-08 | CWE-122 NVIDIA DGX Station A100 and DGX Station A800 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and data tampering. Security Bulletin: NVIDIA DGX Station A100 and DGX Station A800 - February 2024 NVIDIA has released a firmware security update for the NVIDIA DGX™ Station A100 and DGX™ Station A800 systems.<br>To protect your system, download and install this firmware update through the <a href="https://nvid.nvidia.com/dashboard/">NVIDIA Enterprise Support Portal</a>. | |
| 2024-02-08 | CWE-120 NVIDIA DGX Station A100 and DGX Station A800 BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to denial of service or code execution. Security Bulletin: NVIDIA DGX Station A100 and DGX Station A800 - February 2024 NVIDIA has released a firmware security update for the NVIDIA DGX™ Station A100 and DGX™ Station A800 systems.<br>To protect your system, download and install this firmware update through the <a href="https://nvid.nvidia.com/dashboard/">NVIDIA Enterprise Support Portal</a>. | |
| 2024-02-08 | CWE-120 NVIDIA DGX Station A100 and DGX Station A800 BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to denial of service or code execution. Security Bulletin: NVIDIA DGX Station A100 and DGX Station A800 - February 2024 NVIDIA has released a firmware security update for the NVIDIA DGX™ Station A100 and DGX™ Station A800 systems.<br>To protect your system, download and install this firmware update through the <a href="https://nvid.nvidia.com/dashboard/">NVIDIA Enterprise Support Portal</a>. | |
| 2024-02-08 | CWE-120 NVIDIA DGX Station A100 and DGX Station A800 BMC contains a vulnerability in libwebsocket, where an attacker with the required privileges can cause a buffer overflow, which may lead to denial of service or code execution. Security Bulletin: NVIDIA DGX Station A100 and DGX Station A800 - February 2024 NVIDIA has released a firmware security update for the NVIDIA DGX™ Station A100 and DGX™ Station A800 systems.<br>To protect your system, download and install this firmware update through the <a href="https://nvid.nvidia.com/dashboard/">NVIDIA Enterprise Support Portal</a>. | |
| 2024-02-08 | CWE-120 NVIDIA DGX Station A100 and DGX Station A800 BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to code execution, denial of service, or escalation of privileges. Security Bulletin: NVIDIA DGX Station A100 and DGX Station A800 - February 2024 NVIDIA has released a firmware security update for the NVIDIA DGX™ Station A100 and DGX™ Station A800 systems.<br>To protect your system, download and install this firmware update through the <a href="https://nvid.nvidia.com/dashboard/">NVIDIA Enterprise Support Portal</a>. | |
| 2024-02-08 | CWE-120 NVIDIA DGX Station A100 and DGX Station A800 baseboard management controller (BMC) contains a vulnerability in the Intelligent Platform Management Interface (IPMI) handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to denial of service or code execution. Security Bulletin: NVIDIA DGX Station A100 and DGX Station A800 - February 2024 NVIDIA has released a firmware security update for the NVIDIA DGX™ Station A100 and DGX™ Station A800 systems.<br>To protect your system, download and install this firmware update through the <a href="https://nvid.nvidia.com/dashboard/">NVIDIA Enterprise Support Portal</a>. | |
| 2024-01-25 | CWE-122 NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and data tampering. Security Bulletin: NVIDIA DGX A100 - January 2024 NVIDIA has released a firmware security update for the NVIDIA DGX™ Station A100 and DGX™ Station A800 systems.<br>To protect your system, download and install this firmware update through the <a href="https://nvid.nvidia.com/dashboard/">NVIDIA Enterprise Support Portal</a>. | |
| 2024-01-25 | CWE-121 NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. Security Bulletin: NVIDIA DGX A100 - January 2024 NVIDIA has released a firmware security update for the NVIDIA DGX™ Station A100 and DGX™ Station A800 systems.<br>To protect your system, download and install this firmware update through the <a href="https://nvid.nvidia.com/dashboard/">NVIDIA Enterprise Support Portal</a>. | |
| 2024-01-25 | CWE-121 NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. Security Bulletin: NVIDIA DGX A100 - January 2024 NVIDIA has released a firmware security update for the NVIDIA DGX™ Station A100 and DGX™ Station A800 systems.<br>To protect your system, download and install this firmware update through the <a href="https://nvid.nvidia.com/dashboard/">NVIDIA Enterprise Support Portal</a>. | |
| 2024-01-25 | CWE-121 NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. Security Bulletin: NVIDIA DGX A100 - January 2024 NVIDIA has released a firmware security update for the NVIDIA DGX™ Station A100 and DGX™ Station A800 systems.<br>To protect your system, download and install this firmware update through the <a href="https://nvid.nvidia.com/dashboard/">NVIDIA Enterprise Support Portal</a>. |