Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nvidia bmc vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-42278
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can read and write to arbitrary locations within the memory context of the IPMI server process, which may lead to code execution, denial of service, information disclosure and data tampering.
Nvidia Bmc
7.8
CVSSv3
CVE-2023-25505
NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to denial of service, information disclosure, or arbitrary code execution.
Nvidia Bmc
8.8
CVSSv3
CVE-2023-25507
NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, and data tampering.
Nvidia Bmc
7.2
CVSSv3
CVE-2023-31037
NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root user may cause code injection by a network call. A successful exploit of this vulnerability may lead to code execution on the OS.
Nvidia Bluefield Bmc 2.8.2-46
Nvidia Bluefield Bmc 23.04
Nvidia Bluefield Bmc 23.07
Nvidia Bluefield Bmc 23.09
5.3
CVSSv3
CVE-2022-42288
NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure.
Nvidia Dgx A100 Firmware
8.1
CVSSv3
CVE-2023-25529
NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability ma...
Nvidia Dgx H100 Firmware
8.8
CVSSv3
CVE-2022-42273
NVIDIA BMC contains a vulnerability in libwebsocket, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution.
Nvidia Dgx A100 Firmware
7.8
CVSSv3
CVE-2022-42271
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution
Nvidia Dgx A100 Firmware
7.5
CVSSv3
CVE-2023-31025
NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. A successful exploit of this vulnerability may lead to information disclosure.
Nvidia Dgx A100 Firmware
7.5
CVSSv3
CVE-2023-25532
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to information disclosure.
Nvidia Dgx H100 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »