Vulnerabilities in NVIDIA
742 resultsVexday analysis
O portfólio de vulnerabilidades da NVIDIA reúne 693 CVEs catalogadas, com 18 classificadas como críticas e 58 surgidas nos últimos 90 dias, indicando um fluxo contínuo de descobertas que exige monitoramento ativo. Nenhuma vulnerabilidade consta atualmente no catálogo KEV da CISA, taxa que fica abaixo da média geral do catálogo, sugerindo menor pressão imediata de exploração em campo — mas não ausência de risco. A CVE mais perigosa no momento é CVE-2024-0132, com EPSS de 0,3646, o valor mais elevado observado no conjunto, o que a posiciona como prioridade de remediação. A falha mais recorrente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a afetar componentes de baixo nível como drivers e firmware, onde a superfície de ataque costuma ser ampla e o impacto potencial elevado.
CVE-2026-24158HIGHNVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint where an attacker may cause a denial of service by providing a EPSS 0.4%CVE-2020-5973—NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privilegEPSS 0.4%CVE-2022-34667MEDIUMNVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploEPSS 0.4%CVE-2019-5679—NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader contains a vulnerability in nvtboot where the Trusted OS image is impropeEPSS 0.4%CVE-2026-24222HIGHNVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper aEPSS 0.4%CVE-2020-5971—NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads from a buffer by using buffer access mecEPSS 0.4%CVE-2023-0204MEDIUMNVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can cause improper hEPSS 0.4%CVE-2021-1053—NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for EPSS 0.4%CVE-2022-21819HIGHNVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker wiEPSS 0.4%CVE-2019-5675—NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlEPSS 0.4%CVE-2024-0071HIGHCVEEPSS 0.4%CVE-2021-1067—NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the implementation of the RPMB command status, in which an attackEPSS 0.4%CVE-2025-33202MEDIUMNVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extrEPSS 0.4%CVE-2026-24142MEDIUMNVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerEPSS 0.4%CVE-2019-5702—NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with localEPSS 0.4%CVE-2021-1063—NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input offset is not validated, which may lead to a buffer overrEPSS 0.4%CVE-2022-31606HIGHNVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a faEPSS 0.4%CVE-2026-24188HIGHNVIDIA TensorRT contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability miEPSS 0.4%CVE-2021-1059—NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overfloEPSS 0.4%CVE-2020-5980—NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in multiple components in which a securely loaded system DLL will EPSS 0.4%