本页列出影响 nvidia cuda_toolkit 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2025-33231 | NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service and information disclosure. | [email protected] | 6.7 | 0.01% | 2026-01-20 | 2026-02-02 |
| CVE-2025-33230 | NVIDIA Nsight Systems for Linux contains a vulnerability in the .run installer, where an attacker could cause an OS command injection by supplying a malicious string to the installation path. A successful exploit of this vulnerability might lead to escalation of privileges, code execution, data tampering, denial of service, and information disclosure. | [email protected] | 7.3 | 0.03% | 2026-01-20 | 2026-02-02 |
| CVE-2025-33229 | NVIDIA Nsight Visual Studio for Windows contains a vulnerability in Nsight Monitor where an attacker can execute arbitrary code with the same privileges as the NVIDIA Nsight Visual Studio Edition Monitor application. A successful exploit of this vulnerability may lead to escalation of privileges, code execution, data tampering, denial of service, and information disclosure. | [email protected] | 7.3 | 0.01% | 2026-01-20 | 2026-02-02 |
| CVE-2025-33228 | NVIDIA Nsight Systems contains a vulnerability in the gfx_hotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the process_nsys_rep_cli.py script if the script is invoked manually. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. | [email protected] | 7.3 | 0.03% | 2026-01-20 | 2026-02-02 |
| CVE-2025-23346 | NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a limited denial of service. | [email protected] | 3.3 | 0.01% | 2025-09-24 | 2025-10-06 |
| CVE-2025-23340 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. | [email protected] | 3.3 | 0.01% | 2025-09-24 | 2025-11-03 |
| CVE-2025-23339 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may cause a stack-based buffer overflow by getting the user to run cuobjdump on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running cuobjdump. | [email protected] | 3.3 | 0.01% | 2025-09-24 | 2025-11-03 |
| CVE-2025-23338 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service. | [email protected] | 3.3 | 0.01% | 2025-09-24 | 2025-11-03 |
| CVE-2025-23308 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cause a heap-based buffer overflow by getting the user to run nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running nvdisasm. | [email protected] | 3.3 | 0.01% | 2025-09-24 | 2025-11-03 |
| CVE-2025-23275 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information disclosure. | [email protected] | 4.2 | 0.01% | 2025-09-24 | 2025-10-06 |
| CVE-2025-23273 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service. | [email protected] | 2.5 | 0.01% | 2025-09-24 | 2025-10-06 |
| CVE-2025-23271 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. | [email protected] | 3.3 | 0.01% | 2025-09-24 | 2025-11-03 |
| CVE-2025-23255 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user may cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability may lead to a partial denial of service. | [email protected] | 3.3 | 0.01% | 2025-09-24 | 2025-10-06 |
| CVE-2025-23248 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. | [email protected] | 3.3 | 0.01% | 2025-09-24 | 2025-10-06 |
| CVE-2025-23247 | NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution. | [email protected] | 4.4 | 0.07% | 2025-05-27 | 2025-10-03 |
| CVE-2024-53879 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. | [email protected] | 2.8 | 0.03% | 2025-02-25 | 2025-09-18 |
| CVE-2024-53878 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. | [email protected] | 2.8 | 0.03% | 2025-02-25 | 2025-09-18 |
| CVE-2024-53877 | NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause a NULL pointer exception by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service. | [email protected] | 3.3 | 0.03% | 2025-02-25 | 2025-09-18 |
| CVE-2024-53876 | NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service. | [email protected] | 3.3 | 0.03% | 2025-02-25 | 2025-09-18 |
| CVE-2024-53875 | NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. | [email protected] | 3.3 | 0.03% | 2025-02-25 | 2025-09-18 |