NVIDIA takes security concerns seriously and works to quickly evaluate and address them. Once a security concern is reported, NVIDIA commits the appropriate resources to analyze, validate and provide corrective actions to address the issue.
NVIDIA takes security concerns seriously and works to quickly evaluate and address them. Once a security concern is reported, NVIDIA commits the appropriate resources to analyze, validate and provide corrective actions to address the issue.
NVIDIA encourages Coordinated Vulnerability Disclosure of security vulnerabilities through the Security Vulnerability Submission Form.
NVIDIA thanks the following individuals and organizations for their contribution towards making our products more secure.
For details on CVE IDs, go to NVIDIA Security Bulletin page.
Agradecimientos | ID de CVE | |
---|---|---|
cyfra07 | CVE-2024‑0140 | |
Xiaochen Zou | CVE-2024-0131 | |
Wolfgang Frisch | CVE-2024-0149 | |
Andres Riancho, Ronen Shustin, and Shir Tamari – Wiz Research | CVE-2024-0135, CVE-2024-0136, CVE-2024-0137 | |
NVIDIA agradece a las siguientes personas por su contribución a la seguridad de nuestros productos El Hatimi Mohamed Amine Abu Bakkar Siddique Yulia Smith |
Acknowledgment | CVE IDs | |
---|---|---|
Abian Blome, Jan Kästle – Siemens Energy | CVE-2024-0139 | |
CSF LABS - Energisa Group | CVE-2024‑0122 | |
Andres Riancho, Ronen Shustin, and Shir Tamari - Wiz Research | CVE-2024-0134 | |
Piotr Bania - Cisco Talos | CVE-2024-0117, CVE-2024-0118, CVE-2024-0119, CVE-2024-0120, CVE-2024-0121 | |
Maxim Mints and Austin Herring | CVE-2024-0126 | |
Ryan Tracey - HiddenLayer | CVE-2024‑0129 | |
nEINEI - Tencent-zhuquelab | CVE-2024-0123, CVE-2024-0124, CVE-2024-0125 | |
r3pwnx | CVE-2024‑0116 | |
Andres Riancho, Ronen Shustin and Shir Tamari - Wiz Research | CVE-2024‑0132, CVE-2024-0133 | |
r3pwnx | CVE-2024-0109, CVE-2024-0110 | |
r3pwnx, nEINEI - Tencent-zhuquelab | CVE-2024-0111 | |
ByteDance | CVE-2024‑0115 | |
Cyrille CHATRAS - Orange Group | CVE-2024‑0113 | |
Matteo Marini and Daniele Cono D'Elia | CVE-2024‑0102 | |
Piotr Bania - Cisco Talos | CVE-2024‑0107 | |
CYS DET PEN - Siemens | CVE-2024-0089 | |
Jisoo Jang, Joonkyo Jung, Yongwan Jo, and Dokyung Song - Yonsei University | CVE-2024-0090 | |
Frederik Pustelnik | CVE-2024-0093 | |
pinkdraconian | CVE-2024-0095 | |
Andrew Innes, Will Williams, Jamie Dougherty, Markus Hennerbichler | CVE-2024-0103 | |
pinkdraconian, lawliet & Zhiniang Peng (@edwardzpeng) - Sangfor | CVE-2024-0087 | |
lawliet & Zhiniang Peng (@edwardzpeng) - Sangfor | CVE-2024-0088 | |
Matteo Marini and Daniele Cono D'Elia | CVE-2024‑0072, CVE-2024-0076 | |
hjy79425575 | CVE‑2023-31028, CVE-2024-0080 | |
l1k3beef - tencent-zhuquelab | CVE-2024-0082 | |
Ozgun Kultekin | CVE-2024-0083 | |
ALJI Mohamed (sim4n6) | CVE-2024-0081 | |
Piotr Bania - Cisco Talos | CVE-2024-0071 | |
HaoKun Yang | CVE-2023-31037 | |
NVIDIA also thanks the following individuals for their contribution towards making our products more secure Sakil Hasan Saikat Jonas Rudloff, Tethys Svensson, Kristoffer Søholm Zhenkai Zhang - Clemson University Yanan Guo, Zhenkai Zhang, and Jun Yang Pietro `suidpit` Tirenna Shubham Deshmukh Pranav Jayabalan - The Cybersecurity Syndicate Nayeem Islam xsstestov François Proulx - BoostSecurity.io Florent Chabaud - Eviden EL HATIMI MOHAMED AMINE YUXIANG LI - Tencent zhuquelab Shivam Dhingra Philip Hellmann Adnan Khan Michał Krassowski Rajnish Kumar Gupta (geekyrajnish) Prathamesh B. Vilayatkar (hackerpratham) Tobias Diehl - Bulletproof Aviv Keller Andreas Klopsch Shay Ben Tikva IncessantQuack Michalk Bharat (mrnoob) |
Acknowledgment | CVE IDs | |
---|---|---|
l1k3beef - tencent-zhuquelab | CVE-2023-31036 | |
Lockheed Martin Red Team | CVE-2023-31017 | |
Patryk Nowakowski | CVE-2023-31027 | |
Marc Dovero | CVE-2023-25525, CVE-2023-25526 | |
Hugo Magalhaes - Oracle | CVE-2023-25519 | |
Oversecured | CVE-2023-31014 | |
NVIDIA Offensive Security Research (OSR) team | CVE-2023-25527, CVE-2023-25528, CVE-2023-25529, CVE-2023-25530, CVE-2023-25531, CVE-2023-25532, CVE-2023-25533, CVE-2023-31008, CVE-2023-31009, CVE-2023-31010, CVE-2023-31011, CVE-2023-31012, CVE-2023-31013 | |
Jifan Xiao | CVE-2023-25523 | |
Worldcoin Security Lab | CVE-2023-25518 | |
Trae Mazza | CVE-2023-25520 | |
zz zr and Zhaozixi105 | CVE-2023-25510, CVE-2023-25511 | |
Luca Di Bartolomeo @ EPFL and Zhaozixi105 | CVE-2023-25512 | |
Luca Di Bartolomeo @ EPFL | CVE-2023-25513 | |
Xinhao Kong, Jingrong Chen, Wei Bai, Yechen Xu, Mahmoud Elhaddad, Shachar Raindel, Jitendra Padhye, Alvin R. Lebeck, and Danyang Zhuo. | CVE-2023-0203, CVE-2023-0204, CVE-2023-0205 | |
Imre Kis | CVE-2023-0194, CVE-2023-0195 | |
r3pwnx (@r3pwnx) - 360AIVul | CVE-2023-0193 | |
hjy79425575 | CVE-2023-0196 | |
Minse Kim of DNSLab, Korea University | CVE-2022-42291, CVE-2022-31611 | |
Shashi Bhushan | CVE-2022-42268 | |
NVIDIA also thanks the following individuals for their contribution towards making our products more secure L1k3beef Durvesh Kolhe Jacob 'kobsoN' Hazak - Zero-Defense Labs Cale Anderson, Iustin Ladunca Iwan Pakochack happytohelp22 (happytohelpw) Abdelrahman Ibrahim Farg Joel Ilagan Dirisipo Abhishek Arnaud Granal Everton (@hydd3n.sec) Rick Ridgley Sofor Malek "Ryuku" Mesdour and Hasan Sheet Meet Narkhede Mahmoud Soliman and Mahmoud Elsharawy Sharique Raza Ademar Nowasky Junior Rushabh Vyas Bhuwan Bhetwal (ya3raj) Kira Sheshank Shekhar Pandey (Mithun.1999) Bhuwan Bhetwal (ya3raj) – Cryptogen Nepal Rajnish Kumar (Dreamer) Ori Levi Akhil Jha Vinit Betkar Mayank Pandey (@mayank_pandey01) Malek "Ryuku" Mesdour Pradip Bhattarai Ryan Petroschka Tim Schiewe Chetanya Sharma @AggressiveUser Bharat (mrnoob) Rifat Al Jubayer Mohit Kumar Pratik Shetty Sameer Ahmad |
Agradecimientos | ID de CVE | |
---|---|---|
NVIDIA Offensive Security Research (OSR) team | CVE-2022-42271, CVE-2022-42272, CVE-2022-42273, CVE-2022-42274, CVE-2022-42275, CVE-2022-42276, CVE-2022-42277, CVE-2022-42278, CVE-2022-42279, CVE-2022-42280, CVE-2022-42281, CVE-2022-42282, CVE-2022-42283, CVE-2022-42284, CVE-2022-42285, CVE-2022-42286, CVE-2022-42287, CVE-2022-42288, CVE-2022-42289, CVE-2022-42290 | |
hjy79425575 | CVE: CVE-2022-34667 | |
Daniel Santos (@bananabr) | CVE-2022-34669 | |
Piotr Bania - Cisco Talos | CVE-2022-34671 | |
Tal Lossos | CVE-2022-34682 | |
Wei Lei and Sergey Kornienko (@b1thvn_) of PixiePoint Security | CVE-2022-34683, CVE-2022-42266 | |
Oliver Sellwood (Nintorac) Elias Hohl |
CVE-2022-34668 | |
Thierry Doré of Quarkslab | CVE‑2022‑31606, CVE‑2022‑31612, CVE‑2022‑31616, CVE‑2022‑31617 | |
Le Wu of Baidu Security | CVE‑2022‑31607 | |
Artem S. Tashkinov | CVE‑2022‑31608 | |
Tal Lossos | CVE‑2022‑31615 | |
NVIDIA Product Security Team | CVE-2022-28200, CVE-2022-31599, CVE-2022-31600, CVE-2022-31601, CVE-2022-31602, CVE-2022-31603 | |
Piortr Bania of Cisco Talos | CVE‑2022‑28181 and CVE-28182. | |
Xavier Danest - Decathlon | CVE‑2022‑28198. | |
Galen Schretlen of Worldcoin | CVE‑2022‑28193, CVE‑2022‑28194, CVE‑2022‑28195, CVE‑2022‑28196, CVE‑2022‑28197. | |
Leonardo Galli | CVE‑2022‑21821 | |
Jeremy Brown | CVE‑2022‑21820 | |
Oliver Sellwood | CVE-2022-21822 | |
Bennie Affleck of The Good Penguin Ltd | CVE‑2022‑21819 | |
Dmitriy Rabotyagov and Magnus Bergman | CVE-2022-21818 | |
Billy Laws | CVE‑2021‑34406 | |
NVIDIA agradece a las siguientes personas por su contribución a la seguridad de nuestros productos Corrie Sloot Darshan Kulkarni Ivo Abreu (berjimk) Yash Kushwah Sawrav Chowdhury (@sawravchy) Hariharan S (@Neo_X37) Vinayak Sakhare - AFour Technologies Bibek Sapkota (Sar00n) Salah Eddine Louffidi Rohit Sharma(@r0x5r) Hossam Gamil Torada Qusai Alhaddad - Honeywell Michael Klimenko (mk1337) Arup Ghosh - Institute of Life Sciences Wei Lei and Sergey Kornienko (@b1thvn_) of PixiePoint Security Muhanad Israiwi Kyrillos Reyad (Ryad) Maheta Keyur Maheshbhai Michael Weishaar from INNEO Solutions GmbH Eslam Kamal (Strik3r) Krishna Agarwal Jelle Ursem Mohamed Abdelhady Ruturaj Sharbidre Tamim Hasan Ronald Stephen Curtis Houghton Johan Källström from Ericsson AB Aniket Eknath Kudale Pankaj Kumar Thakur |
Agradecimientos | ID de CVE | |
---|---|---|
David Köhler | CVE‑2021‑23175 | |
Alexander Raspberryshkin, Alexander Matrosov y Adam "pi3" Zabrocki del Equipo de Seguridad de Productos de NVIDIA | CVE‑2021‑0144 | |
Fabian Toepfer | CVE‑2021‑1090, CVE‑2021‑1095, CVE‑2021‑1096 | |
Wenxiang Qian del equipo Tencent Blade | CVE‑2021‑1099, CVE‑2021‑1100 | |
Equipo de Seguridad de Productos de NVIDIA | CVE‑2021‑1103 | |
Frédéric Perriot de Apple Media Products RedTeam | CVE-2021-34372, CVE-2021-34373, CVE-2021-34374, CVE-2021-34375, CVE-2021-34376, CVE-2021-34377, CVE-2021-34378, CVE-2021-34379, CVE-2021-34380, CVE-2021-34381, CVE-2021-34382, CVE-2021-34383, CVE-2021-34384, CVE-2021-34385, CVE-2021-34386, CVE-2021-34387, CVE-2021-34388, CVE-2021-34389, CVE-2021-34390, CVE-2021-34391, CVE-2021-34392, CVE-2021-34393, CVE-2021-34394, CVE-2021-34395, CVE-2021-34396, CVE-2021-34397 | |
Wenxiang Qian del equipo Tencent Blade | CVE‑2021‑1082, CVE-2021-1084, CVE-2021-1087 | |
Equipo de Seguridad de Productos de NVIDIA | CVE‑2021‑1081, CVE-2021-1083 | |
Matt Batten Paolo Stagno |
CVE‑2021‑1079 | |
Aleksandar Milenkoski (@milenkowski) de ERNW Enno Rey Netzwerke GmbH | CVE‑2021‑1072 | |
Miguel de Gans | CVE‑2021‑1070 | |
Billy Laws | CVE‑2021‑1069 | |
Rotem Sela y Brian Mastenbrook de Western Digital | CVE‑2021‑1067 | |
Equipo de Seguridad de Productos de NVIDIA | CVE‑2021‑1068 | |
Billy Laws | CVE‑2021‑1069 | |
Xinyuan Lyu del Grupo de Sistemas Móviles Inteligentes, MOE KLINNS Lab, Universidad Xi'an Jiaotong | CVE‑2021‑1056 | |
Equipo de Seguridad de Productos de NVIDIA | CVE‑2021‑1057, CVE-2021-1058, CVE‑2021‑1059, CVE‑2021‑1062 | |
NVIDIA agradece a las siguientes personas por su contribución a la seguridad de nuestros productos Simranjit Singh Naif F Alanazi Gaurang Maheta Dristant Uprety Tencent Force Kent Backman de Dragos, Inc. Idan Noiman Zhuo Zhang de la Universidad Purdue Michael Dubell |
Agradecimientos | ID de CVE | |
---|---|---|
Hou JingYi (@hjy79425575) de Qihoo 360 CERT | CVE‑2020‑5992 | |
Weidang Peng del equipo Qihoo 360 AIVUL | CVE‑2020‑5991 | |
Sergey Gordeychik | CVE‑2020‑11483, CVE‑2020‑11487, CVE‑2020‑11489 | |
Roman Palkin y Sergey Gordeychik | CVE‑2020‑11484 | |
Maria Samoylova, Denis Kolegov y Roman Palkin | CVE-2020-11485 | |
Denis Kolegov y Sergey Gordeychik | CVE‑2020‑11615, CVE‑2020‑11616 | |
Sergey Gordeychik, Maria Samoylova, Denis Kolegov y Roman Palkin | CVE‑2020‑11486, CVE-2020-11488 | |
Boris Ryutin | CVE-2020-5977 | |
Xavier DANEST - Decathlon | CVE-2020-5977 | |
Hashim Jawad de ACTIVELabs | CVE-2020-5978, CVE-2020-5990 | |
Equipo de Seguridad de Productos de NVIDIA | CVE-2020-5983, CVE-2020-5986 | |
Jo Hemmerlein de Microsoft | CVE-2020-5979 | |
Andy Gill de Pen Test Partners LLP | CVE-2020-5980 | |
Piotr Bania de Cisco Talos | CVE-2020-5981 | |
Rhet Evans | CVE-2020-5975 | |
Martino Trevisan | CVE-2020-5976 | |
Miguel de Gans | CVE-2020-5974 | |
Eviatar Gerzi, CyberArk Labs Nuttakorn Tungpoonsup, Equipo de Investigación de Secure D Center, Secure D Center Co., Ltd. Ammarit Thongthua, Equipo de Investigación de Secure D Center, Secure D Center Co.,Ltd. Sittikorn Sangrattanapitak, Investigador de Ciberseguridad |
CVE-2020-5962 | |
Thomas E. Carroll | CVE-2020-5963 | |
Piotr Bania de Cisco Talos | CVE-2020-5965 | |
Zhiniang Peng (@edwardzpeng) de Qihoo 360 Core Security y Xuefeng Li | CVE-2020-5957 | |
NVIDIA agradece a las siguientes personas por su contribución a la seguridad de nuestros productos Emmanuel B. Ivan Korolev de Doctor Web, Ltd. Ivashko Yurii Mahmoud Basel Jayyousi Miguel de Gans Anurag Vijay Bhoir Deives Jonathan Bill Nickless Thomas Bryan Austin Mackey |
Agradecimientos | ID de CVE |
---|---|
Ryotak | CVE-2019-5702 |
Ryan Grachek | CVE-2019-5700 |
Hashim Jawad de ACTIVELabs | CVE-2019-5701 |
Peleg Hadar de SafeBreach Labs | CVE-2019-5695 |
Siyuan Yi de la Universidad Tecnológica de Chengdu | CVE-2019-5689 |
Peleg Hadar de SafeBreach Labs | CVE-2019-5694 CVE-2019-5695 |
Lucas Pinheiro de Microsoft | CVE-2019-5692 |
Jesse Michael y Mickey Shkatov de Eclypsium | CVE-2019-5688 |
Ryan Grachek | CVE-2019-5700 |
Yousra Aafer | CVE-2019-5681 |
Leron Gray (daddycocoaman) | CVE-2019-5682 |
Piotr Bania de Cisco Talos | CVE-2019-5684 CVE-2019-5685 |
Balázs Triszka | CVE-2019-5680 |
David Yesland de Rhino Security Labs | CVE-2019-5678 |
Kushal Arvind Shah de FortiGuard Labs de Fortinet; Łukasz 'zaeek'; Yasin Soliman; Marius Gabriel Mihai; y Stefan Kanthak | CVE-2019-5676 |
Jesse Raffa | CVE-2019-5672 |
David Yesland de Rhino Security Labs | CVE-2019-5674 |
Christoffer Wiman | CVE-2019-5665 |
Pankaj Kumar Thakur Taeyun Jang Jesse Michael y Mickey Shkatov de Eclypsium Mirch rico Raghavendra Singh Sameer Phad Hamdi Maamri Jonesy |
N/A |
Agradecimientos | ID de CVE |
---|---|
Akshay Jain | CVE-2018-6266 |
Pierre-Alexandre Braeken | CVE-2018-6263 |
Hoda Naghibijouybari, Ajaya Neupane, Zhiyun Qian y Nael Abu-Ghazaleh | CVE-2018-6260 |
Mark Barnes | CVE-2018-6261 |
Kate Temkin | CVE-2018-6242 |
Piotr Bania de Cisco Talos | CVE-2018-6251 |
Gehan Kaushal, Hassy Vinod | N/A |
Agradecimientos | ID de CVE |
---|---|
Andriy Noble | N/A |
Nathan Crandall, equipo de Seguridad de Productos de Tesla Motors | CVE-2017-0306 CVE-2016-6915 CVE-2016-6916 CVE-2016-6917 |
Tim Harrison | CVE-2017-0316 |
Enrique Nissim, IOActive | CVE-2017-6269 CVE-2017-6270 CVE-2017-6271 |
Enrique Nissim, IOActive | CVE-2017-6256 |
Andrei Lascu y Alastair Donaldson, Grupo de Programación Multinúcleo del Imperial College de Londres | CVE-2017-6259 |
Oliver Chang, Google Project Zero | CVE-2017-0312 CVE-2017-0313 |
Ryan Whitworth | CVE-2017-0317 |
Kushal Arvind Shah, FortiGuard Labs de Fortinet | N/A |
Tim Harrison | N/A |
Agradecimientos | ID de CVE |
---|---|
Oden Schmit | CVE-2016-8827 |
Oliver Chang, Google Project Zero | CVE-2016-8822 |
Piotr Bania, Cisco Talos | CVE-2016-8823 |
Nathan Crandall, equipo de Seguridad de Productos de Tesla Motors | CVE-2016-6915 CVE-2016-6916 CVE-2016-6917 |
Nathan Crandall, equipo de Seguridad de Productos de Tesla Motors | CVE-2016-3847 CVE-2016-3848 |
Peter Pi, Trend Micro | CVE-2016-3793 |
Scott Bauer | CVE-2016-3815 |
Chiachih Wu, Equipo CORE | CVE-2016-3844 |
Mingjian Zhou, Equipo CORE | CVE-2016-3844 |
Xuxian Jiang, Equipo CORE | CVE-2016-3844 |
Sagi Kedmi, Investigador de IBM Security X-Force | CVE-2016-3873 |
Jianqiang Zhao | CVE-2016-6688 CVE-2016-6677 CVE-2016-6687 CVE-2016-6686 CVE-2016-3930 |
PJF, IceSword Lab, Qihoo 360 Technology Co. Ltd. | CVE-2016-6688 CVE-2016-6677 CVE-2016-6687 CVE-2016-6686 CVE-2016-3930 |
Mingjian Zhou, Equipo CORE | CVE-2016-3933 |
Chiachih Wu, Equipo CORE | CVE-2016-3933 |
Xuxian Jiang, Equipo CORE | CVE-2016-3933 |
Oliver Chang, Google Project Zero | CVE-2016-8805 CVE-2016-8806 CVE-2016-8807 CVE-2016-8808 CVE-2016-8809 CVE-2016-8810 CVE-2016-8811 CVE-2016-8812 CVE-2016-7391 CVE-2016-7387 CVE-2016-7385 CVE-2016-7390 CVE-2016-7384 CVE-2016-7386 |
Tripwire VERT | CVE-2016-4959 |
Alin Ghica | CVE-2016-3161 CVE-2016-5852 |
Joseph Bialek, Investigación de Vulnerabilidades de Microsoft | CVE-2016-4960 CVE-2016-4961 |
Daniel Cornel | CVE-2016-5025 |
Jianqiang Zhao, IceSword Lab, Qihoo 360 Technology Co. Ltd. | CVE-2016-2434 CVE-2016-2435 CVE-2016-2436 CVE-2016-2445 CVE-2016-2446 |
PJF, IceSword Lab, Qihoo 360 Technology Co. Ltd. | CVE-2016-2434 CVE-2016-2435 CVE-2016-2436 CVE-2016-2445 CVE-2016-2446 |
Yuan-Tsung Lo, Equipo CORE | CVE-2016-2437 |
Lubo Zhang, Equipo CORE | CVE-2016-2437 |
Chiachih Wu, Equipo CORE | CVE-2016-2437 |
Xuxian Jiang, Equipo CORE | CVE-2016-2437 |
Agradecimientos | ID de CVE |
---|---|
Joshua J. Drake, Zimperium | CVE-2015-1538 CVE-2015-1539 CVE-2015-3824 CVE-2015-3826 CVE-2015-3827 CVE-2015-3828 CVE-2015-3829 CVE-2015-3864 |
McAfee/Intel Security en cooperación con NIVIDA | CVE |
Axel Monroy, Intel, en cooperación con NIVIDA | CVE-2015-7869 |
Nikita Tarakanov, Intel, en cooperación con NVIDIA | CVE-2015-7869 |
Wesley Daniels | CVE-2015-7866 |
Mellanox Technologies en colaboración con NIVIDA | CVE-2015-5053 |
Dario Weisser | CVE-2015-5950 |
James Forshaw, Google Project Zero | CVE-2015-1170 |
Agradecimientos | ID de CVE |
---|---|
Lee Campbell, Seguridad de Google Chrome | CVE-2014-5332 |
Adam Jackson | CVE-2014-8093 CVE-2014-8098 |
Alan Coopersmith | CVE-2014-8093 CVE-2014-8098 |
Robert Morell, NVIDIA | CVE-2014-8298 |
Agradecimientos | ID de CVE |
---|---|
Marcin Kościelnicki, X.Org Foundation Nouveau Project | CVE-2013-5987 |