NVIDIA takes security concerns seriously and works to quickly evaluate and address them. Once a security concern is reported, NVIDIA commits the appropriate resources to analyze, validate and provide corrective actions to address the issue.
NVIDIA takes security concerns seriously and works to quickly evaluate and address them. Once a security concern is reported, NVIDIA commits the appropriate resources to analyze, validate and provide corrective actions to address the issue.
NVIDIA encourages Coordinated Vulnerability Disclosure of security vulnerabilities through the Security Vulnerability Submission Form.
NVIDIA thanks the following individuals and organizations for their contribution towards making our products more secure.
For details on CVE IDs, go to NVIDIA Security Bulletin page.
Acknowledgment | CVE IDs | |
---|---|---|
Andres Riancho, Ronen Shustin and Shir Tamari-Wiz Research as well as Lei Wang | CVE-2025-23359 | |
7resp4ss and Guang Gong - 360 Vulnerability Research Institute | CVE-2024‑53880 | |
Dimitrios Tatsis - Cisco Talos | CVE-2024-0142, CVE-2024-0143, CVE-2024-0144, CVE-2024-0145 | |
Maxim Mints and Austin Herring | CVE-2024‑0112 | |
cyfra07 | CVE-2024‑0140 | |
Xiaochen Zou | CVE-2024-0131 | |
Wolfgang Frisch | CVE-2024-0149 | |
Andres Riancho, Ronen Shustin, and Shir Tamari – Wiz Research | CVE-2024-0135, CVE-2024-0136, CVE-2024-0137 | |
NVIDIA also thanks the following individuals for their contribution towards making our products more secure El Hatimi Mohamed Amine Abu Bakkar Siddique Yulia Smith |
Acknowledgment | CVE IDs | |
---|---|---|
Abian Blome, Jan Kästle – Siemens Energy | CVE-2024-0139 | |
CSF LABS - Energisa Group | CVE-2024‑0122 | |
Andres Riancho, Ronen Shustin, and Shir Tamari - Wiz Research | CVE-2024-0134 | |
Piotr Bania - Cisco Talos | CVE-2024-0117, CVE-2024-0118, CVE-2024-0119, CVE-2024-0120, CVE-2024-0121 | |
Maxim Mints and Austin Herring | CVE-2024-0126 | |
Ryan Tracey - HiddenLayer | CVE-2024‑0129 | |
nEINEI - Tencent-zhuquelab | CVE-2024-0123, CVE-2024-0124, CVE-2024-0125 | |
r3pwnx | CVE-2024‑0116 | |
Andres Riancho, Ronen Shustin and Shir Tamari - Wiz Research | CVE-2024‑0132, CVE-2024-0133 | |
r3pwnx | CVE-2024-0109, CVE-2024-0110 | |
r3pwnx, nEINEI - Tencent-zhuquelab | CVE-2024-0111 | |
ByteDance | CVE-2024‑0115 | |
Cyrille CHATRAS - Orange Group | CVE-2024‑0113 | |
Matteo Marini and Daniele Cono D'Elia | CVE-2024‑0102 | |
Piotr Bania - Cisco Talos | CVE-2024‑0107 | |
CYS DET PEN - Siemens | CVE-2024-0089 | |
Jisoo Jang, Joonkyo Jung, Yongwan Jo, and Dokyung Song - Yonsei University | CVE-2024-0090 | |
Frederik Pustelnik | CVE-2024-0093 | |
pinkdraconian | CVE-2024-0095 | |
Andrew Innes, Will Williams, Jamie Dougherty, Markus Hennerbichler | CVE-2024-0103 | |
pinkdraconian, lawliet & Zhiniang Peng (@edwardzpeng) - Sangfor | CVE-2024-0087 | |
lawliet & Zhiniang Peng (@edwardzpeng) - Sangfor | CVE-2024-0088 | |
Matteo Marini and Daniele Cono D'Elia | CVE-2024‑0072, CVE-2024-0076 | |
hjy79425575 | CVE‑2023-31028, CVE-2024-0080 | |
l1k3beef - tencent-zhuquelab | CVE-2024-0082 | |
Ozgun Kultekin | CVE-2024-0083 | |
ALJI Mohamed (sim4n6) | CVE-2024-0081 | |
Piotr Bania - Cisco Talos | CVE-2024-0071 | |
HaoKun Yang | CVE-2023-31037 | |
NVIDIA also thanks the following individuals for their contribution towards making our products more secure Sakil Hasan Saikat Jonas Rudloff, Tethys Svensson, Kristoffer Søholm Zhenkai Zhang - Clemson University Yanan Guo, Zhenkai Zhang, and Jun Yang Pietro `suidpit` Tirenna Shubham Deshmukh Pranav Jayabalan - The Cybersecurity Syndicate Nayeem Islam xsstestov François Proulx - BoostSecurity.io Florent Chabaud - Eviden EL HATIMI MOHAMED AMINE YUXIANG LI - Tencent zhuquelab Shivam Dhingra Philip Hellmann Adnan Khan Michał Krassowski Rajnish Kumar Gupta (geekyrajnish) Prathamesh B. Vilayatkar (hackerpratham) Tobias Diehl - Bulletproof Aviv Keller Andreas Klopsch Shay Ben Tikva IncessantQuack Michalk Bharat (mrnoob) |
Acknowledgment | CVE IDs | |
---|---|---|
l1k3beef - tencent-zhuquelab | CVE-2023-31036 | |
Lockheed Martin Red Team | CVE-2023-31017 | |
Patryk Nowakowski | CVE-2023-31027 | |
Marc Dovero | CVE-2023-25525, CVE-2023-25526 | |
Hugo Magalhaes - Oracle | CVE-2023-25519 | |
Oversecured | CVE-2023-31014 | |
NVIDIA Offensive Security Research (OSR) team | CVE-2023-25527, CVE-2023-25528, CVE-2023-25529, CVE-2023-25530, CVE-2023-25531, CVE-2023-25532, CVE-2023-25533, CVE-2023-31008, CVE-2023-31009, CVE-2023-31010, CVE-2023-31011, CVE-2023-31012, CVE-2023-31013 | |
Jifan Xiao | CVE-2023-25523 | |
Worldcoin Security Lab | CVE-2023-25518 | |
Trae Mazza | CVE-2023-25520 | |
zz zr and Zhaozixi105 | CVE-2023-25510, CVE-2023-25511 | |
Luca Di Bartolomeo @ EPFL and Zhaozixi105 | CVE-2023-25512 | |
Luca Di Bartolomeo @ EPFL | CVE-2023-25513 | |
Xinhao Kong, Jingrong Chen, Wei Bai, Yechen Xu, Mahmoud Elhaddad, Shachar Raindel, Jitendra Padhye, Alvin R. Lebeck, and Danyang Zhuo. | CVE-2023-0203, CVE-2023-0204, CVE-2023-0205 | |
Imre Kis | CVE-2023-0194, CVE-2023-0195 | |
r3pwnx (@r3pwnx) - 360AIVul | CVE-2023-0193 | |
hjy79425575 | CVE-2023-0196 | |
Minse Kim of DNSLab, Korea University | CVE-2022-42291, CVE-2022-31611 | |
Shashi Bhushan | CVE-2022-42268 | |
NVIDIA also thanks the following individuals for their contribution towards making our products more secure L1k3beef Durvesh Kolhe Jacob 'kobsoN' Hazak - Zero-Defense Labs Cale Anderson, Iustin Ladunca Iwan Pakochack happytohelp22 (happytohelpw) Abdelrahman Ibrahim Farg Joel Ilagan Dirisipo Abhishek Arnaud Granal Everton (@hydd3n.sec) Rick Ridgley Sofor Malek "Ryuku" Mesdour and Hasan Sheet Meet Narkhede Mahmoud Soliman and Mahmoud Elsharawy Sharique Raza Ademar Nowasky Junior Rushabh Vyas Bhuwan Bhetwal (ya3raj) Kira Sheshank Shekhar Pandey (Mithun.1999) Bhuwan Bhetwal (ya3raj) – Cryptogen Nepal Rajnish Kumar (Dreamer) Ori Levi Akhil Jha Vinit Betkar Mayank Pandey (@mayank_pandey01) Malek "Ryuku" Mesdour Pradip Bhattarai Ryan Petroschka Tim Schiewe Chetanya Sharma @AggressiveUser Bharat (mrnoob) Rifat Al Jubayer Mohit Kumar Pratik Shetty Sameer Ahmad |
Acknowledgment | CVE IDs | |
---|---|---|
NVIDIA Offensive Security Research (OSR) team | CVE-2022-42271, CVE-2022-42272, CVE-2022-42273, CVE-2022-42274, CVE-2022-42275, CVE-2022-42276, CVE-2022-42277, CVE-2022-42278, CVE-2022-42279, CVE-2022-42280, CVE-2022-42281, CVE-2022-42282, CVE-2022-42283, CVE-2022-42284, CVE-2022-42285, CVE-2022-42286, CVE-2022-42287, CVE-2022-42288, CVE-2022-42289, CVE-2022-42290 | |
hjy79425575 | CVE: CVE-2022-34667 | |
Daniel Santos (@bananabr) | CVE-2022-34669 | |
Piotr Bania - Cisco Talos | CVE-2022-34671 | |
Tal Lossos | CVE-2022-34682 | |
Wei Lei and Sergey Kornienko (@b1thvn_) of PixiePoint Security | CVE-2022-34683, CVE-2022-42266 | |
Oliver Sellwood (Nintorac) Elias Hohl |
CVE-2022-34668 | |
Thierry Doré of Quarkslab | CVE‑2022‑31606, CVE‑2022‑31612, CVE‑2022‑31616, CVE‑2022‑31617 | |
Le Wu of Baidu Security | CVE‑2022‑31607 | |
Artem S. Tashkinov | CVE‑2022‑31608 | |
Tal Lossos | CVE‑2022‑31615 | |
NVIDIA Product Security Team | CVE-2022-28200, CVE-2022-31599, CVE-2022-31600, CVE-2022-31601, CVE-2022-31602, CVE-2022-31603 | |
Piortr Bania of Cisco Talos | CVE‑2022‑28181 and CVE-28182. | |
Xavier Danest - Decathlon | CVE‑2022‑28198. | |
Galen Schretlen of Worldcoin | CVE‑2022‑28193, CVE‑2022‑28194, CVE‑2022‑28195, CVE‑2022‑28196, CVE‑2022‑28197. | |
Leonardo Galli | CVE‑2022‑21821 | |
Jeremy Brown | CVE‑2022‑21820 | |
Oliver Sellwood | CVE-2022-21822 | |
Bennie Affleck of The Good Penguin Ltd | CVE‑2022‑21819 | |
Dmitriy Rabotyagov and Magnus Bergman | CVE-2022-21818 | |
Billy Laws | CVE‑2021‑34406 | |
NVIDIA also thanks the following individuals for their contribution towards making our products more secure Corrie Sloot Darshan Kulkarni Ivo Abreu (berjimk) Yash Kushwah Sawrav Chowdhury (@sawravchy) Hariharan S (@Neo_X37) Vinayak Sakhare - AFour Technologies Bibek Sapkota (Sar00n) Salah Eddine Louffidi Rohit Sharma(@r0x5r) Hossam Gamil Torada Qusai Alhaddad - Honeywell Michael Klimenko (mk1337) Arup Ghosh - Institute of Life Sciences Wei Lei and Sergey Kornienko (@b1thvn_) of PixiePoint Security Muhanad Israiwi Kyrillos Reyad (Ryad) Maheta Keyur Maheshbhai Michael Weishaar from INNEO Solutions GmbH Eslam Kamal (Strik3r) Krishna Agarwal Jelle Ursem Mohamed Abdelhady Ruturaj Sharbidre Tamim Hasan Ronald Stephen Curtis Houghton Johan Källström from Ericsson AB Aniket Eknath Kudale Pankaj Kumar Thakur |
Acknowledgment | CVE IDs | |
---|---|---|
David Köhler | CVE‑2021‑23175 | |
Alexander Tereshkin, Alexander Matrosov, and Adam ‘pi3’ Zabrocki of NVIDIA Product Security Team | CVE‑2021‑0144 | |
Fabian Toepfer | CVE‑2021‑1090, CVE‑2021‑1095, CVE‑2021‑1096 | |
Wenxiang Qian of Tencent Blade Team | CVE‑2021‑1099, CVE‑2021‑1100 | |
NVIDIA Product Security Team | CVE‑2021‑1103 | |
Frédéric Perriot of the Apple Media Products RedTeam | CVE-2021-34372, CVE-2021-34373, CVE-2021-34374, CVE-2021-34375, CVE-2021-34376, CVE-2021-34377, CVE-2021-34378, CVE-2021-34379, CVE-2021-34380, CVE-2021-34381, CVE-2021-34382, CVE-2021-34383, CVE-2021-34384, CVE-2021-34385, CVE-2021-34386, CVE-2021-34387, CVE-2021-34388, CVE-2021-34389, CVE-2021-34390, CVE-2021-34391, CVE-2021-34392, CVE-2021-34393, CVE-2021-34394, CVE-2021-34395, CVE-2021-34396, CVE-2021-34397 | |
Wenxiang Qian of Tencent Blade Team | CVE‑2021‑1082, CVE-2021-1084, CVE-2021-1087 | |
NVIDIA Product Security Team | CVE‑2021‑1081, CVE-2021-1083 | |
Matt Batten Paolo Stagno |
CVE‑2021‑1079 | |
Aleksandar Milenkoski (@milenkowski) of ERNW Enno Rey Netzwerke GmbH | CVE‑2021‑1072 | |
Michael de Gans | CVE‑2021‑1070 | |
Billy Laws | CVE‑2021‑1069 | |
Rotem Sela and Brian Mastenbrook of Western Digital | CVE‑2021‑1067 | |
NVIDIA Product Security Team | CVE‑2021‑1068 | |
Billy Laws | CVE‑2021‑1069 | |
Xinyuan Lyu of Intelligent Mobile Systems Group, MOE KLINNS Lab, Xi'an Jiaotong University | CVE‑2021‑1056 | |
NVIDIA Product Security Team | CVE‑2021‑1057, CVE-2021-1058, CVE‑2021‑1059, CVE‑2021‑1062 | |
NVIDIA also thanks the following individuals for their contribution towards making our products more secure Simranjit Singh Naif F Alanazi Gaurang Maheta Dristant Uprety Tencent Force Kent Backman of Dragos, Inc. Idan Noiman Zhuo Zhang of Purdue University Michael Dubell |
Acknowledgment | CVE IDs | |
---|---|---|
Hou JingYi (@hjy79425575) of Qihoo 360 CERT | CVE‑2020‑5992 | |
Weidang Peng of Qihoo 360 AIVUL Team | CVE‑2020‑5991 | |
Sergey Gordeychik | CVE‑2020‑11483, CVE‑2020‑11487, CVE‑2020‑11489 | |
Roman Palkin and Sergey Gordeychik | CVE‑2020‑11484 | |
Maria Samoylova, Denis Kolegov, and Roman Palkin | CVE‑2020‑11485 | |
Denis Kolegov and Sergey Gordeychik | CVE‑2020‑11615, CVE‑2020‑11616 | |
Sergey Gordeychik, Maria Samoylova, Denis Kolegov, and Roman Palkin | CVE‑2020‑11486, CVE-2020-11488 | |
Boris Ryutin | CVE-2020-5977 | |
Xavier DANEST - Decathlon | CVE-2020-5977 | |
Hashim Jawad of ACTIVELabs | CVE-2020-5978, CVE-2020-5990 | |
NVIDIA Product Security Team | CVE-2020-5983, CVE-2020-5986 | |
Jo Hemmerlein of Microsoft | CVE-2020-5979 | |
Andy Gill of Pen Test Partners LLP | CVE-2020-5980 | |
Piotr Bania of Cisco Talos | CVE-2020-5981 | |
Rhet Evans | CVE-2020-5975 | |
Martino Trevisan | CVE-2020-5976 | |
Michael de Gans | CVE-2020-5974 | |
Eviatar Gerzi, CyberArk Labs Nuttakorn Tungpoonsup, Secure D Center Research Team, Secure D Center Co.,Ltd. Ammarit Thongthua, Secure D Center Research Team, Secure D Center Co.,Ltd. Sittikorn Sangrattanapitak, Cybersecurity Researcher |
CVE-2020-5962 | |
Thomas E. Carroll | CVE-2020-5963 | |
Piotr Bania of Cisco Talos | CVE-2020-5965 | |
Zhiniang Peng (@edwardzpeng) of Qihoo 360 Core Security and Xuefeng Li | CVE-2020-5957 | |
NVIDIA also thanks the following individuals for their contribution towards making our products more secure Emmanuel B. Ivan Korolev of Doctor Web, Ltd. Ivashko Yurii Mahmoud Basel Jayyousi Michael de Gans Anurag Vijay Bhoir Deives Jonathan Bill Nickless Thomas Bryan Austin Mackey |
Acknowledgment | CVE IDs |
---|---|
RyotaK | CVE-2019-5702 |
Ryan Grachek | CVE-2019-5700 |
Hashim Jawad of ACTIVELabs | CVE-2019-5701 |
Peleg Hadar of SafeBreach Labs | CVE-2019-5695 |
Siyuan Yi of Chengdu University of Technology | CVE-2019-5689 |
Peleg Hadar of SafeBreach Labs | CVE-2019-5694 CVE-2019-5695 |
Lucas Pinheiro of Microsoft | CVE-2019-5692 |
Jesse Michael and Mickey Shkatov of Eclypsium | CVE-2019-5688 |
Ryan Grachek | CVE-2019-5700 |
Yousra Aafer | CVE-2019-5681 |
Leron Gray (daddycocoaman) | CVE-2019-5682 |
Piotr Bania of Cisco Talos | CVE-2019-5684 CVE-2019-5685 |
Balázs Triszka | CVE-2019-5680 |
David Yesland of Rhino Security Labs | CVE-2019-5678 |
Kushal Arvind Shah of Fortinet's FortiGuard Labs; Łukasz 'zaeek'; Yasin Soliman; Marius Gabriel Mihai; and Stefan Kanthak | CVE-2019-5676 |
Jesse Raffa | CVE-2019-5672 |
David Yesland of Rhino Security Labs | CVE-2019-5674 |
Christoffer Wiman | CVE-2019-5665 |
Pankaj Kumar Thakur Taeyun Jang Jesse Michael and Mickey Shkatov of Eclypsium Rich Mirch Raghavendra Singh Sameer Phad Hamdi Maamri Jonesy |
N/A |
Acknowledgment | CVE IDs |
---|---|
Akshay Jain | CVE-2018-6266 |
Pierre-Alexandre Braeken | CVE-2018-6263 |
Hoda Naghibijouybari, Ajaya Neupane, Zhiyun Qian, and Nael Abu-Ghazaleh | CVE-2018-6260 |
Mark Barnes | CVE-2018-6261 |
Kate Temkin | CVE-2018-6242 |
Piotr Bania of Cisco Talos | CVE-2018-6251 |
Gehan Kaushal, Hassy Vinod | N/A |
Acknowledgment | CVE IDs |
---|---|
Andriy Noble | N/A |
Nathan Crandall, Tesla Motors Product Security Team | CVE-2017-0306 CVE-2016-6915 CVE-2016-6916 CVE-2016-6917 |
Tim Harrison | CVE-2017-0316 |
Enrique Nissim, IOActive | CVE-2017-6269 CVE-2017-6270 CVE-2017-6271 |
Enrique Nissim, IOActive | CVE-2017-6256 |
Andrei Lascu and Alastair Donaldson, Multicore Programming Group at Imperial College London | CVE-2017-6259 |
Oliver Chang, Google Project Zero | CVE-2017-0312 CVE-2017-0313 |
Ryan Whitworth | CVE-2017-0317 |
Kushal Arvind Shah, Fortinet's FortiGuard Labs | N/A |
Tim Harrison | N/A |
Acknowledgment | CVE IDs |
---|---|
Oden Schmit | CVE-2016-8827 |
Oliver Chang, Google Project Zero | CVE-2016-8822 |
Piotr Bania, Cisco Talos | CVE-2016-8823 |
Nathan Crandall, Tesla Motors Product Security Team | CVE-2016-6915 CVE-2016-6916 CVE-2016-6917 |
Nathan Crandall, Tesla Motors Product Security Team | CVE-2016-3847 CVE-2016-3848 |
Peter Pi, Trend Micro | CVE-2016-3793 |
Scott Bauer | CVE-2016-3815 |
Chiachih Wu, CORE Team | CVE-2016-3844 |
Mingjian Zhou, CORE Team | CVE-2016-3844 |
Xuxian Jiang, CORE Team | CVE-2016-3844 |
Sagi Kedmi, IBM Security X-Force Researcher | CVE-2016-3873 |
Jianqiang Zhao | CVE-2016-6688 CVE-2016-6677 CVE-2016-6687 CVE-2016-6686 CVE-2016-3930 |
PJF, IceSword Lab, Qihoo 360 Technology Co. Ltd. | CVE-2016-6688 CVE-2016-6677 CVE-2016-6687 CVE-2016-6686 CVE-2016-3930 |
Mingjian Zhou, CORE Team | CVE-2016-3933 |
Chiachih Wu, CORE Team | CVE-2016-3933 |
Xuxian Jiang, CORE Team | CVE-2016-3933 |
Oliver Chang, Google Project Zero | CVE-2016-8805 CVE-2016-8806 CVE-2016-8807 CVE-2016-8808 CVE-2016-8809 CVE-2016-8810 CVE-2016-8811 CVE-2016-8812 CVE-2016-7391 CVE-2016-7387 CVE-2016-7385 CVE-2016-7390 CVE-2016-7384 CVE-2016-7386 |
Tripwire VERT | CVE-2016-4959 |
Alin Ghica | CVE-2016-3161 CVE-2016-5852 |
Joseph Bialek, Microsoft Vulnerability Research | CVE-2016-4960 CVE-2016-4961 |
Daniel Cornel | CVE-2016-5025 |
Jianqiang Zhao, IceSword Lab, Qihoo 360 Technology Co. Ltd. | CVE-2016-2434 CVE-2016-2435 CVE-2016-2436 CVE-2016-2445 CVE-2016-2446 |
PJF, IceSword Lab, Qihoo 360 Technology Co. Ltd. | CVE-2016-2434 CVE-2016-2435 CVE-2016-2436 CVE-2016-2445 CVE-2016-2446 |
Yuan-Tsung Lo, CORE Team | CVE-2016-2437 |
Lubo Zhang, CORE Team | CVE-2016-2437 |
Chiachih Wu, CORE Team | CVE-2016-2437 |
Xuxian Jiang, CORE Team | CVE-2016-2437 |
Acknowledgment | CVE IDs |
---|---|
Joshua J. Drake, Zimperium | CVE-2015-1538 CVE-2015-1539 CVE-2015-3824 CVE-2015-3826 CVE-2015-3827 CVE-2015-3828 CVE-2015-3829 CVE-2015-3864 |
McAfee/Intel Security in cooperation with NIVIDA | No CVE |
Axel Monroy, Intel, in cooperation with NIVIDA | CVE-2015-7869 |
Nikita Tarakanov, Intel, in cooperation with NVIDIA | CVE-2015-7869 |
Wesley Daniels | CVE-2015-7866 |
Mellanox Technologies in cooperation with NIVIDA | CVE-2015-5053 |
Dario Weisser | CVE-2015-5950 |
James Forshaw, Google Project Zero | CVE-2015-1170 |
Acknowledgment | CVE IDs |
---|---|
Lee Campbell, Google Chrome Security | CVE-2014-5332 |
Adam Jackson | CVE-2014-8093 CVE-2014-8098 |
Alan Coopersmith | CVE-2014-8093 CVE-2014-8098 |
Robert Morell, NVIDIA | CVE-2014-8298 |
Acknowledgment | CVE IDs |
---|---|
Marcin Kościelnicki, X.Org Foundation Nouveau Project | CVE-2013-5987 |