Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dgx_a100_firmware
(Nvidia)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 28 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-01-12 | CVE-2023-31031 | NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and data tampering. | Dgx_a100_firmware | 7.8 | ||
2024-01-12 | CVE-2023-31032 | NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access. A successful exploit of this vulnerability may lead to denial of service. | Dgx_a100_firmware | 5.5 | ||
2024-01-12 | CVE-2023-31033 | NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication issue for a critical function by an adjacent network . A successful exploit of this vulnerability may lead to escalation of privileges, code execution, denial of service, information disclosure, and data tampering. | Dgx_a100_firmware | 8.0 | ||
2024-01-12 | CVE-2023-31034 | NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering. | Dgx_a100_firmware | 7.8 | ||
2024-01-12 | CVE-2023-31035 | NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure. | Dgx_a100_firmware | 7.8 | ||
2024-01-12 | CVE-2023-31024 | NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | Dgx_a100_firmware | 9.8 | ||
2024-01-12 | CVE-2023-31025 | NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. A successful exploit of this vulnerability may lead to information disclosure. | Dgx_a100_firmware | 7.5 | ||
2024-01-12 | CVE-2023-31029 | NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | Dgx_a100_firmware | 9.8 | ||
2024-01-12 | CVE-2023-31030 | NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | Dgx_a100_firmware | 9.8 | ||
2023-07-04 | CVE-2023-25521 | NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering. | Dgx_a100_firmware, Dgx_a800_firmware | 7.8 |