Vulnerabilidades en NVIDIA
742 resultadosAnálisis Vexday
O portfólio de vulnerabilidades da NVIDIA reúne 693 CVEs catalogadas, com 18 classificadas como críticas e 58 surgidas nos últimos 90 dias, indicando um fluxo contínuo de descobertas que exige monitoramento ativo. Nenhuma vulnerabilidade consta atualmente no catálogo KEV da CISA, taxa que fica abaixo da média geral do catálogo, sugerindo menor pressão imediata de exploração em campo — mas não ausência de risco. A CVE mais perigosa no momento é CVE-2024-0132, com EPSS de 0,3646, o valor mais elevado observado no conjunto, o que a posiciona como prioridade de remediação. A falha mais recorrente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a afetar componentes de baixo nível como drivers e firmware, onde a superfície de ataque costuma ser ampla e o impacto potencial elevado.
CVE-2021-1069—NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVHost function, which may lead to abnormal reboot due to a nEPSS 0.3%CVE-2020-5979—NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presentedEPSS 0.3%CVE-2025-33254HIGHNVIDIA Triton Inference Server contains a vulnerability where an attacker may cause internal state corruption. A successful exploit of this EPSS 0.3%CVE-2020-5987—NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest afterEPSS 0.3%CVE-2025-33238HIGHNVIDIA Triton Inference Server Sagemaker HTTP server contains a vulnerability where an attacker may cause an exception. A successful exploitEPSS 0.3%CVE-2022-28183HIGHNVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can caEPSS 0.3%CVE-2025-33247HIGHNVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful expEPSS 0.3%CVE-2025-23336MEDIUMNVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause a denial of service by loading aEPSS 0.3%CVE-2020-5983—NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to wEPSS 0.3%CVE-2026-24189HIGHNVIDIA CUDA-Q contains a vulnerability in an endpoint, where an unauthenticated attacker could cause an out-of-bounds read by sending a maliEPSS 0.3%CVE-2020-5957—NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with loEPSS 0.3%CVE-2019-5698—NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin, in which an input index value is incorrectly validateEPSS 0.3%CVE-2020-5978—NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontaEPSS 0.3%CVE-2024-0137MEDIUMNVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted codeEPSS 0.3%CVE-2023-25524MEDIUM
NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access tokeEPSS 0.3%CVE-2021-1102MEDIUMNVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can lead to floating point exceptions, whicEPSS 0.3%CVE-2022-21818MEDIUMNVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual appliance, where a user on a network after siEPSS 0.3%CVE-2020-5970—NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampEPSS 0.3%CVE-2020-5972—NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freeEPSS 0.3%CVE-2019-5677—NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlEPSS 0.3%