本ページは nvidia dgx_os に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-24218 | NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or attacker-in-the-middle attacks. A successful exploit of this vulnerability might lead to code execution, data tampering, escalation of privileges, information disclosure, and denial of service. | [email protected] | 8.1 | 0.59% | 2026-05-20 | 2026-06-17 |
| CVE-2025-33200 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure. | [email protected] | 2.3 | 0.11% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33199 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. A successful exploit of this vulnerability might lead to data tampering. | [email protected] | 3.2 | 0.12% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33198 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure. | [email protected] | 3.3 | 0.11% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33197 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a NULL pointer dereference. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 4.3 | 0.14% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33196 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. A successful exploit of this vulnerability might lead to information disclosure. | [email protected] | 4.4 | 0.12% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33195 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause unexpected memory buffer operations. A successful exploit of this vulnerability might lead to data tampering, denial of service, or escalation of privileges. | [email protected] | 4.4 | 0.12% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33194 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper processing of input data. A successful exploit of this vulnerability might lead to information disclosure or denial of service. | [email protected] | 5.7 | 0.12% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33193 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause improper validation of integrity. A successful exploit of this vulnerability might lead to information disclosure. | [email protected] | 5.7 | 0.09% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33192 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 5.7 | 0.12% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33191 | NVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause an invalid memory read. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 5.7 | 0.14% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33190 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or escalation of privileges. | [email protected] | 6.7 | 0.13% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33189 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an out-of-bound write. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, information disclosure, or escalation of privileges. | [email protected] | 7.8 | 0.15% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33188 | NVIDIA DGX Spark GB10 contains a vulnerability in hardware resources where an attacker could tamper with hardware controls. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service. | [email protected] | 8.0 | 0.13% | 2025-11-25 | 2026-06-17 |
| CVE-2025-33187 | NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged access to gain access to SoC protected areas. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, denial of service, or escalation of privileges. | [email protected] | 9.3 | 0.15% | 2025-11-25 | 2026-06-17 |