Vulnerabilities (CVE)

Filtered by vendor Nvidia Subscribe
Filtered by product Sbios
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-25509 1 Nvidia 2 Dgx-1, Sbios 2024-11-21 N/A 6.0 MEDIUM
NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges.
CVE-2023-25506 1 Nvidia 2 Dgx-1, Sbios 2024-11-21 N/A 7.5 HIGH
NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components.
CVE-2023-0209 1 Nvidia 2 Dgx-1, Sbios 2024-11-21 N/A 8.2 HIGH
NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the code executed by SSA is missing, which may lead to arbitrary code execution, denial of service, escalation of privileges assisted by a firmware implant, information disclosure assisted by a firmware implant, data tampering, and SecureBoot bypass.
CVE-2023-0207 1 Nvidia 2 Dgx-2, Sbios 2024-11-21 N/A 7.5 HIGH
NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. A successful exploit of this vulnerability may lead to denial of service.
CVE-2022-42286 1 Nvidia 2 Dgx A100, Sbios 2024-11-21 N/A 6.0 MEDIUM
DGX A100 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, or escalation of privileges.
CVE-2022-42285 1 Nvidia 2 Dgx A100, Sbios 2024-11-21 N/A 6.0 MEDIUM
DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering.