Vulnerabilidades em NVIDIA
742 resultadosAnálise Vexday
O portfólio de vulnerabilidades da NVIDIA reúne 693 CVEs catalogadas, com 18 classificadas como críticas e 58 surgidas nos últimos 90 dias, indicando um fluxo contínuo de descobertas que exige monitoramento ativo. Nenhuma vulnerabilidade consta atualmente no catálogo KEV da CISA, taxa que fica abaixo da média geral do catálogo, sugerindo menor pressão imediata de exploração em campo — mas não ausência de risco. A CVE mais perigosa no momento é CVE-2024-0132, com EPSS de 0,3646, o valor mais elevado observado no conjunto, o que a posiciona como prioridade de remediação. A falha mais recorrente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a afetar componentes de baixo nível como drivers e firmware, onde a superfície de ataque costuma ser ampla e o impacto potencial elevado.
CVE-2021-34401HIGHNVIDIA Linux kernel distributions contain a vulnerability in nvmap NVGPU_IOCTL_CHANNEL_SET_ERROR_NOTIFIER, where improper access control mayEPSS 0.3%CVE-2019-5686—NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape EPSS 0.3%CVE-2025-23342HIGHThe NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a privileged account . A successful exploit of thEPSS 0.3%CVE-2022-28185MEDIUMNVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the ECC layer, where an unprivileged regular user can cause an oEPSS 0.3%CVE-2021-1103MEDIUMNVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lEPSS 0.3%CVE-2023-25526MEDIUMNVIDIA Cumulus Linux contains a vulnerability in neighmgrd and nlmanager where an attacker on an adjacent network may cause an uncaught exceEPSS 0.3%CVE-2020-5989—NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denialEPSS 0.3%CVE-2019-5687—NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape EPSS 0.3%CVE-2026-24216HIGHNVIDIA BioNemo for Linux contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of thisEPSS 0.3%CVE-2022-28184HIGHNVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, EPSS 0.3%CVE-2025-23307HIGHNVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A sEPSS 0.3%CVE-2021-1101MEDIUMNVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lEPSS 0.3%CVE-2021-34402MEDIUMNVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVDEC, where a user with high privileges might be able to read from or write tEPSS 0.3%CVE-2022-34677MEDIUMNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause EPSS 0.3%CVE-2021-1089HIGHNVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled DLL loading path may lead to arbitrary coEPSS 0.3%CVE-2024-0148HIGHNVIDIA Jetson Linux and IGX OS image contains a vulnerability in the UEFI firmware RCM boot mode, where an unprivileged attacker with physicEPSS 0.3%CVE-2020-5974—NVIDIA JetPack SDK, version 4.2 and 4.3, contains a vulnerability in its installation scripts in which permissions are incorrectly set on ceEPSS 0.3%CVE-2022-28189MEDIUMNVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a NUEPSS 0.3%CVE-2021-1107HIGHNVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code eEPSS 0.3%CVE-2020-5982—NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) scheduler, in which the soEPSS 0.3%