Nvidia Nvidia Dgx Servers
40 CVEs affecting Nvidia Nvidia Dgx Servers. Latest disclosed: 2023-04-22. Critical: 0, High: 20.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-42271 | High | 8.4 | 2023-01-11 | NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execut… |
CVE-2023-0209 | High | 8.2 | 2023-04-22 | NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary… |
CVE-2022-42273 | High | 8.1 | 2023-01-12 | NVIDIA BMC contains a vulnerability in libwebsocket, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execut… |
CVE-2022-42272 | High | 8.1 | 2023-01-12 | NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow, which may lead to code execution, denial of serv… |
CVE-2023-25505 | High | 7.8 | 2023-04-22 | NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause… |
CVE-2022-42274 | High | 7.8 | 2023-01-13 | NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execut… |
CVE-2022-42275 | High | 7.7 | 2023-01-13 | NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and… |
CVE-2023-25506 | High | 7.5 | 2023-04-22 | NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the… |
CVE-2023-0207 | High | 7.5 | 2023-04-22 | NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. A successful e… |
CVE-2023-0206 | High | 7.5 | 2023-04-22 | NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of t… |
CVE-2023-0202 | High | 7.5 | 2023-04-22 | NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs… |
CVE-2023-0200 | High | 7.5 | 2023-04-22 | NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may… |
CVE-2022-42277 | High | 7.5 | 2023-01-13 | NVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may le… |
CVE-2022-42276 | High | 7.5 | 2023-01-13 | NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead… |
CVE-2023-25507 | High | 7.2 | 2023-04-22 | NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell command… |
CVE-2022-42290 | High | 7.2 | 2023-01-13 | NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial… |
CVE-2022-42289 | High | 7.2 | 2023-01-13 | NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial… |
CVE-2022-42279 | High | 7.2 | 2023-01-13 | NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial… |
CVE-2022-42278 | High | 7.2 | 2023-01-13 | NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can read and write to arbitrary locations within the memory context of the IP… |
CVE-2022-42280 | High | 7.1 | 2023-01-13 | NVIDIA BMC contains a vulnerability in SPX REST auth handler, where an un-authorized attacker can exploit a path traversal, which may lead to authentication by… |