2025 Bulletins
Search CVEs in this year by count, description, or CWE
Bulletins: 11
CVEs: 49
Search by bulletin count, CVE count, CVE description, or CWE.
Matching CVEs: 49
No matching CVEs found.
| Date | Scope | CVE / Details |
|---|---|---|
| 2025-12-16 | CWE-362 NVIDIA Resiliency Extension for Linux contains a vulnerability in the checkpointing core, where an attacker may cause a race condition. A successful exploit of this vulnerability might lead to information disclosure, data tampering, denial of service, or escalation of privileges. Security Bulletin: NVIDIA Resiliency Extension - December 2025 NVIDIA has released a software update for NVIDIA® Resiliency Extension. <br><div>To protect your system, clone or update this software to version 0.5.0 or later from <a href="https://github.com/NVIDIA/nvidia-resiliency-ext">NVIDIA Resiliency Extension on GitHub</a>.<br><br></div> | |
| 2025-11-25 | CWE-476 NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a NULL pointer dereference. A successful exploit of this vulnerability might lead to denial of service. Security Bulletin: NVIDIA DGX Spark - November 2025 NVIDIA has released a software update for NVIDIA DGX Spark.<div>To protect your system, download and install the latest version of NVIDIA DGX OS from the <a href="https://www.nvidia.com/en-us/products/workstations/dgx-spark/">NVIDIA DGX</a> site.</div> | |
| 2025-11-17 | CWE-121 NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large payloads. A successful exploit of this vulnerability might lead to denial of service. Security Bulletin: NVIDIA Triton Inference Server - November 2025 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2025-10-09 | CWE-824 NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Security Bulletin: NVIDIA GPU Display Driver - October 2025 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2025-10-09 | CWE-125 NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service. Security Bulletin: NVIDIA GPU Display Driver - October 2025 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2025-10-09 | CWE-476 NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service. Security Bulletin: NVIDIA GPU Display Driver - October 2025 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2025-10-09 | CWE-476 NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to trigger a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service. Security Bulletin: NVIDIA GPU Display Driver - October 2025 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2025-10-09 | CWE-476 NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a specific memory resource. A successful exploit of this vulnerability might lead to denial of service. Security Bulletin: NVIDIA GPU Display Driver - October 2025 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2025-10-09 | CWE-415 NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. Security Bulletin: NVIDIA GPU Display Driver - October 2025 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2025-09-23 | CWE-476 NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a limited denial of service. Security Bulletin: NVIDIA CUDA Toolkit - September 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. <div>To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page.</div> | |
| 2025-09-23 | CWE-125 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. Security Bulletin: NVIDIA CUDA Toolkit - September 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. <div>To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page.</div> | |
| 2025-09-23 | CWE-121 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may cause a stack-based buffer overflow by getting the user to run cuobjdump on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running <br/>cuobjdump. Security Bulletin: NVIDIA CUDA Toolkit - September 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. <div>To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page.</div> | |
| 2025-09-23 | CWE-129 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service. Security Bulletin: NVIDIA CUDA Toolkit - September 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. <div>To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page.</div> | |
| 2025-09-23 | CWE-122 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cause a heap-based buffer overflow by getting the user to run nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running nvdisasm. Security Bulletin: NVIDIA CUDA Toolkit - September 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. <div>To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page.</div> | |
| 2025-09-23 | CWE-787 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information disclosure. Security Bulletin: NVIDIA CUDA Toolkit - September 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. <div>To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page.</div> | |
| 2025-09-23 | CWE-125 NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted input image with dimensions that cause integer overflows in array index calculations. A successful exploit of this vulnerability may lead to denial of service. Security Bulletin: NVIDIA CUDA Toolkit - September 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. <div>To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page.</div> | |
| 2025-09-23 | CWE-125 NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service. Security Bulletin: NVIDIA CUDA Toolkit - September 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. <div>To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page.</div> | |
| 2025-09-23 | CWE-125 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. Security Bulletin: NVIDIA CUDA Toolkit - September 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. <div>To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page.</div> | |
| 2025-09-23 | CWE-125 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user may cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability may lead to a partial denial of service. Security Bulletin: NVIDIA CUDA Toolkit - September 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. <div>To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page.</div> | |
| 2025-09-23 | CWE-125 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. Security Bulletin: NVIDIA CUDA Toolkit - September 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. <div>To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page.</div> | |
| 2025-09-16 | CWE-284 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause memory corruption by identifying and accessing the shared memory region used by the Python backend. A successful exploit of this vulnerability might lead to denial of service. Security Bulletin: NVIDIA Triton Inference Server - September 2025 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2025-09-16 | CWE-787 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service. Security Bulletin: NVIDIA Triton Inference Server - September 2025 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2025-08-04 | CWE-125 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by sending a request. A successful exploit of this vulnerability might lead to information disclosure. Security Bulletin: NVIDIA Triton Inference Server - August 2025 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2025-08-04 | CWE-125 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by manipulating shared memory data. A successful exploit of this vulnerability might lead to information disclosure. Security Bulletin: NVIDIA Triton Inference Server - August 2025 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2025-08-04 | CWE-789 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a memory allocation with excessive size value, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service. Security Bulletin: NVIDIA Triton Inference Server - August 2025 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2025-08-04 | CWE-190 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service. Security Bulletin: NVIDIA Triton Inference Server - August 2025 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2025-08-04 | CWE-190 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service. Security Bulletin: NVIDIA Triton Inference Server - August 2025 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2025-08-04 | CWE-805 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure. Security Bulletin: NVIDIA Triton Inference Server - August 2025 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2025-08-04 | CWE-805 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure. Security Bulletin: NVIDIA Triton Inference Server - August 2025 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2025-08-04 | CWE-121 NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack overflow through specially crafted HTTP requests. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, or data tampering. Security Bulletin: NVIDIA Triton Inference Server - August 2025 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2025-08-04 | CWE-121 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data tampering. Security Bulletin: NVIDIA Triton Inference Server - August 2025 NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the <a href="https://github.com/triton-inference-server/server/releases">Triton Inference Server Releases</a> page on GitHub, and view the <a href="https://github.com/triton-inference-server/server/blob/main/docs/customization_guide/deploy.md">Secure Deployment Considerations Guide</a>. | |
| 2025-07-24 | CWE-121 NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause a stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering. Security Bulletin: GPU Display Driver - July 2025 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2025-07-24 | CWE-121 NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. Security Bulletin: GPU Display Driver - July 2025 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2025-07-24 | CWE-416 NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker with local unprivileged access that can win a race condition might be able to trigger a use-after-free error. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. Security Bulletin: GPU Display Driver - July 2025 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2025-07-24 | CWE-367 NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, denial of service, or data tampering. Security Bulletin: GPU Display Driver - July 2025 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2025-02-18 | CWE-476 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause a NULL pointer exception by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service. Security Bulletin: NVIDIA CUDA Toolkit - January 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page. | |
| 2025-02-18 | CWE-125 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service. Security Bulletin: NVIDIA CUDA Toolkit - January 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page. | |
| 2025-02-18 | CWE-125 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. Security Bulletin: NVIDIA CUDA Toolkit - January 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page. | |
| 2025-02-18 | CWE-125 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. Security Bulletin: NVIDIA CUDA Toolkit - January 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page. | |
| 2025-02-18 | CWE-125 NVIDIA CUDA toolkit for Windows contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. Security Bulletin: NVIDIA CUDA Toolkit - January 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page. | |
| 2025-02-18 | CWE-125 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. Security Bulletin: NVIDIA CUDA Toolkit - January 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page. | |
| 2025-02-18 | CWE-125 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service. Security Bulletin: NVIDIA CUDA Toolkit - January 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page. | |
| 2025-02-18 | CWE-125 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. Security Bulletin: NVIDIA CUDA Toolkit - January 2025 NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. To protect your system, download and install this software update from the <a href="https://developer.nvidia.com/cuda-toolkit">CUDA Toolkit Downloads</a> page. | |
| 2025-02-11 | CWE-122 NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a heap-based buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering. Security Bulletin: NVIDIA nvJPEG2000 - February 2025 NVIDIA has released a software update for NVIDIA® nvJPEG2000 to address the issues listed below.<br> To protect your system, download and install this software update from <a href="https://developer.nvidia.com/nvjpeg2000-downloads">nvJPEG2000 Downloads</a> page. | |
| 2025-02-11 | CWE-120 NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a buffer overflow issue by means of a specially crafted JPEG 2000 file. A successful exploit of this vulnerability might lead to data tampering. Security Bulletin: NVIDIA nvJPEG2000 - February 2025 NVIDIA has released a software update for NVIDIA® nvJPEG2000 to address the issues listed below.<br> To protect your system, download and install this software update from <a href="https://developer.nvidia.com/nvjpeg2000-downloads">nvJPEG2000 Downloads</a> page. | |
| 2025-02-11 | CWE-787 NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause an out-of-bounds write issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering. Security Bulletin: NVIDIA nvJPEG2000 - February 2025 NVIDIA has released a software update for NVIDIA® nvJPEG2000 to address the issues listed below.<br> To protect your system, download and install this software update from <a href="https://developer.nvidia.com/nvjpeg2000-downloads">nvJPEG2000 Downloads</a> page. | |
| 2025-02-11 | CWE-787 NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause an out-of-bounds write issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering. Security Bulletin: NVIDIA nvJPEG2000 - February 2025 NVIDIA has released a software update for NVIDIA® nvJPEG2000 to address the issues listed below.<br> To protect your system, download and install this software update from <a href="https://developer.nvidia.com/nvjpeg2000-downloads">nvJPEG2000 Downloads</a> page. | |
| 2025-01-30 | CWE-459 NVIDIA Unified Memory driver for Linux contains a vulnerability where an attacker could leak uninitialized memory. A successful exploit of this vulnerability might lead to information disclosure. Security Bulletin: NVIDIA GPU Display Driver - January 2025 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. | |
| 2025-01-30 | CWE-120 NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering. Security Bulletin: NVIDIA GPU Display Driver - January 2025 NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin.<br>To protect your system, download and install this software update through the <a href="https://www.nvidia.com/Download/index.aspx">NVIDIA Driver Downloads</a> page or, for the vGPU software and Cloud Gaming updates, through the <a href="https://www.nvidia.com/content/nvidia/en-us/cloud-gaming/cloud-gaming-downloads.html">NVIDIA Licensing Portal</a>. |