NVIDIA 重視各種安全考量,而且會設法迅速評估以力求解決產品安全問題。每當使用者回報安全考量時,NVIDIA 都會交由適當的資源進行分析、驗證並提供修正措施,以解決問題。
NVIDIA 重視各種安全考量,而且會設法迅速評估以力求解決產品安全問題。每當使用者回報安全考量時,NVIDIA 都會交由適當的資源進行分析、驗證並提供修正措施,以解決問題。
NVIDIA 鼓勵透過安全性漏洞提交表格,進行安全性漏洞的協調漏洞揭露。
NVIDIA 感謝以下個人和組織的貢獻,讓我們的產品更加安全。
如需關於 CVE ID 的詳細資訊,請前往 NVIDIA 安全性布告欄頁面。
致謝名單 | CVE IDs | |
---|---|---|
cyfra07 | CVE-2024‑0140 | |
Xiaochen Zou | CVE-2024-0131 | |
Wolfgang Frisch | CVE-2024-0149 | |
Andres Riancho, Ronen Shustin, and Shir Tamari – Wiz Research | CVE-2024-0135, CVE-2024-0136, CVE-2024-0137 | |
NVIDIA 也感謝以下人士的貢獻,讓我們的產品更加安全 El Hatimi Mohamed Amine Abu Bakkar Siddique Yulia Smith |
致謝名單 | CVE IDs | |
---|---|---|
Abian Blome, Jan Kästle – Siemens Energy | CVE-2024-0139 | |
CSF LABS - Energisa Group | CVE-2024‑0122 | |
Andres Riancho, Ronen Shustin, and Shir Tamari - Wiz Research | CVE-2024-0134 | |
Piotr Bania - Cisco Talos | CVE-2024-0117, CVE-2024-0118, CVE-2024-0119, CVE-2024-0120, CVE-2024-0121 | |
Maxim Mints and Austin Herring | CVE-2024-0126 | |
Ryan Tracey - HiddenLayer | CVE-2024‑0129 | |
nEINEI - Tencent-zhuquelab | CVE-2024-0123, CVE-2024-0124, CVE-2024-0125 | |
r3pwnx | CVE-2024‑0116 | |
Andres Riancho, Ronen Shustin and Shir Tamari - Wiz Research | CVE-2024‑0132, CVE-2024-0133 | |
r3pwnx | CVE-2024-0109, CVE-2024-0110 | |
r3pwnx, nEINEI - Tencent-zhuquelab | CVE-2024-0111 | |
ByteDance | CVE-2024‑0115 | |
Cyrille CHATRAS - Orange Group | CVE-2024‑0113 | |
Matteo Marini and Daniele Cono D'Elia | CVE-2024‑0102 | |
Piotr Bania - Cisco Talos | CVE-2024‑0107 | |
CYS DET PEN - Siemens | CVE-2024-0089 | |
Jisoo Jang, Joonkyo Jung, Yongwan Jo, and Dokyung Song - Yonsei University | CVE-2024-0090 | |
Frederik Pustelnik | CVE-2024-0093 | |
pinkdraconian | CVE-2024-0095 | |
Andrew Innes, Will Williams, Jamie Dougherty, Markus Hennerbichler | CVE-2024-0103 | |
pinkdraconian, lawliet & Zhiniang Peng (@edwardzpeng) - Sangfor | CVE-2024-0087 | |
lawliet & Zhiniang Peng (@edwardzpeng) - Sangfor | CVE-2024-0088 | |
Matteo Marini and Daniele Cono D'Elia | CVE-2024‑0072, CVE-2024-0076 | |
hjy79425575 | CVE‑2023-31028, CVE-2024-0080 | |
l1k3beef - tencent-zhuquelab | CVE-2024-0082 | |
Ozgun Kultekin | CVE-2024-0083 | |
ALJI Mohamed (sim4n6) | CVE-2024-0081 | |
Piotr Bania - Cisco Talos | CVE-2024-0071 | |
HaoKun Yang | CVE-2023-31037 | |
NVIDIA 也感謝以下人士的貢獻,讓我們的產品更加安全 Sakil Hasan Saikat Jonas Rudloff, Tethys Svensson, Kristoffer Søholm Zhenkai Zhang - Clemson University Yanan Guo, Zhenkai Zhang, and Jun Yang Pietro `suidpit` Tirenna Shubham Deshmukh Pranav Jayabalan - The Cybersecurity Syndicate Nayeem Islam xsstestov François Proulx - BoostSecurity.io Florent Chabaud - Eviden EL HATIMI MOHAMED AMINE YUXIANG LI - Tencent zhuquelab Shivam Dhingra Philip Hellmann Adnan Khan Michał Krassowski Rajnish Kumar Gupta (geekyrajnish) Prathamesh B. Vilayatkar (hackerpratham) Tobias Diehl - Bulletproof Aviv Keller Andreas Klopsch Shay Ben Tikva IncessantQuack Michalk Bharat (mrnoob) |
致謝名單 | CVE IDs | |
---|---|---|
l1k3beef - tencent-zhuquelab | CVE-2023-31036 | |
Lockheed Martin Red Team | CVE-2023-31017 | |
Patryk Nowakowski | CVE-2023-31027 | |
Marc Dovero | CVE-2023-25525, CVE-2023-25526 | |
Hugo Magalhaes - Oracle | CVE-2023-25519 | |
Oversecured | CVE-2023-31014 | |
NVIDIA Offensive Security Research (OSR) team | CVE-2023-25527, CVE-2023-25528, CVE-2023-25529, CVE-2023-25530, CVE-2023-25531, CVE-2023-25532, CVE-2023-25533, CVE-2023-31008, CVE-2023-31009, CVE-2023-31010, CVE-2023-31011, CVE-2023-31012, CVE-2023-31013 | |
Jifan Xiao | CVE-2023-25523 | |
Worldcoin Security Lab | CVE-2023-25518 | |
Trae Mazza | CVE-2023-25520 | |
zz zr and Zhaozixi105 | CVE-2023-25510, CVE-2023-25511 | |
Luca Di Bartolomeo @ EPFL and Zhaozixi105 | CVE-2023-25512 | |
Luca Di Bartolomeo @ EPFL | CVE-2023-25513 | |
Xinhao Kong, Jingrong Chen, Wei Bai, Yechen Xu, Mahmoud Elhaddad, Shachar Raindel, Jitendra Padhye, Alvin R. Lebeck, and Danyang Zhuo. | CVE-2023-0203, CVE-2023-0204, CVE-2023-0205 | |
Imre Kis | CVE-2023-0194, CVE-2023-0195 | |
r3pwnx (@r3pwnx) - 360AIVul | CVE-2023-0193 | |
hjy79425575 | CVE-2023-0196 | |
Minse Kim of DNSLab, Korea University | CVE-2022-42291, CVE-2022-31611 | |
Shashi Bhushan | CVE-2022-42268 | |
NVIDIA also thanks the following individuals for their contribution towards making our products more secure L1k3beef Durvesh Kolhe Jacob 'kobsoN' Hazak - Zero-Defense Labs Cale Anderson, Iustin Ladunca Iwan Pakochack happytohelp22 (happytohelpw) Abdelrahman Ibrahim Farg Joel Ilagan Dirisipo Abhishek Arnaud Granal Everton (@hydd3n.sec) Rick Ridgley Sofor Malek "Ryuku" Mesdour and Hasan Sheet Meet Narkhede Mahmoud Soliman and Mahmoud Elsharawy Sharique Raza Ademar Nowasky Junior Rushabh Vyas Bhuwan Bhetwal (ya3raj) Kira Sheshank Shekhar Pandey (Mithun.1999) Bhuwan Bhetwal (ya3raj) – Cryptogen Nepal Rajnish Kumar (Dreamer) Ori Levi Akhil Jha Vinit Betkar Mayank Pandey (@mayank_pandey01) Malek "Ryuku" Mesdour Pradip Bhattarai Ryan Petroschka Tim Schiewe Chetanya Sharma @AggressiveUser Bharat (mrnoob) Rifat Al Jubayer Mohit Kumar Pratik Shetty Sameer Ahmad |
致謝名單 | CVE ID | |
---|---|---|
NVIDIA Offensive Security Research (OSR) team | CVE-2022-42271, CVE-2022-42272, CVE-2022-42273, CVE-2022-42274, CVE-2022-42275, CVE-2022-42276, CVE-2022-42277, CVE-2022-42278, CVE-2022-42279, CVE-2022-42280, CVE-2022-42281, CVE-2022-42282, CVE-2022-42283, CVE-2022-42284, CVE-2022-42285, CVE-2022-42286, CVE-2022-42287, CVE-2022-42288, CVE-2022-42289, CVE-2022-42290 | |
hjy79425575 | CVE: CVE-2022-34667 | |
Daniel Santos (@bananabr) | CVE-2022-34669 | |
Piotr Bania - Cisco Talos | CVE-2022-34671 | |
Tal Lossos | CVE-2022-34682 | |
Wei Lei and Sergey Kornienko (@b1thvn_) of PixiePoint Security | CVE-2022-34683, CVE-2022-42266 | |
Oliver Sellwood (Nintorac) Elias Hohl |
CVE-2022-34668 | |
Thierry Doré of Quarkslab | CVE‑2022‑31606, CVE‑2022‑31612, CVE‑2022‑31616, CVE‑2022‑31617 | |
Le Wu of Baidu Security | CVE‑2022‑31607 | |
Artem S. Tashkinov | CVE‑2022‑31608 | |
Tal Lossos | CVE‑2022‑31615 | |
NVIDIA Product Security Team | CVE-2022-28200, CVE-2022-31599, CVE-2022-31600, CVE-2022-31601, CVE-2022-31602, CVE-2022-31603 | |
Piortr Bania of Cisco Talos | CVE‑2022‑28181 and CVE-28182. | |
Xavier Danest - Decathlon | CVE‑2022‑28198. | |
Galen Schretlen of Worldcoin | CVE‑2022‑28193, CVE‑2022‑28194, CVE‑2022‑28195, CVE‑2022‑28196, CVE‑2022‑28197. | |
Leonardo Galli | CVE‑2022‑21821 | |
Jeremy Brown | CVE‑2022‑21820 | |
Oliver Sellwood | CVE-2022-21822 | |
Bennie Affleck of The Good Penguin Ltd | CVE‑2022‑21819 | |
Dmitriy Rabotyagov and Magnus Bergman | CVE-2022-21818 | |
Billy Laws | CVE‑2021‑34406 | |
NVIDIA 也感謝以下人士的貢獻,讓我們的產品更加安全 Corrie Sloot Darshan Kulkarni Ivo Abreu (berjimk) Yash Kushwah Sawrav Chowdhury (@sawravchy) Hariharan S (@Neo_X37) Vinayak Sakhare - AFour Technologies Bibek Sapkota (Sar00n) Salah Eddine Louffidi Rohit Sharma(@r0x5r) Hossam Gamil Torada Qusai Alhaddad - Honeywell Michael Klimenko (mk1337) Arup Ghosh - Institute of Life Sciences Wei Lei and Sergey Kornienko (@b1thvn_) of PixiePoint Security Muhanad Israiwi Kyrillos Reyad (Ryad) Maheta Keyur Maheshbhai Michael Weishaar from INNEO Solutions GmbH Eslam Kamal (Strik3r) Krishna Agarwal Jelle Ursem Mohamed Abdelhady Ruturaj Sharbidre Tamim Hasan Ronald Stephen Curtis Houghton Johan Källström from Ericsson AB Aniket Eknath Kudale Pankaj Kumar Thakur |
致謝名單 | CVE ID | |
---|---|---|
David Köhler | CVE‑2021‑23175 | |
NVIDIA 產品安全性團隊的 Alexander Tereshkin、Alexander Matrosov 和 Adam ‘pi3’ Zabrocki | CVE‑2021‑0144 | |
Fabian Toepfer | CVE‑2021‑1090、CVE‑2021‑1095、CVE‑2021‑1096 | |
騰訊 Blade Team 的 Wenxiang Qian | CVE‑2021‑1099、CVE‑2021‑1100 | |
NVIDIA 產品安全性團隊 | CVE‑2021‑1103 | |
Apple Media Products RedTeam 的 Frédéric Perriot | CVE-2021-34372、CVE-2021-34373、CVE-2021-34374、CVE-2021-34375、 CVE-2021-34376、CVE-2021-34377、CVE-2021-34378、CVE-2021-34379、 CVE-2021-34380、CVE-2021-34381、CVE-2021-34382、CVE-2021-34383、 CVE-2021-34384、CVE-2021-34385、CVE-2021-34386、CVE-2021-34387、 CVE-2021-34388、CVE-2021-34389、CVE-2021-34390、CVE-2021-34391、 CVE-2021-34392、CVE-2021-34393、CVE-2021-34394、CVE-2021-34395、CVE-2021-34396、CVE-2021-34397 | |
騰訊 Blade Team 的 Wenxiang Qian | CVE‑2021‑1082、CVE-2021-1084、CVE-2021-1087 | |
NVIDIA 產品安全性團隊 | CVE‑2021‑1081、CVE-2021-1083 | |
Matt Batten Paolo Stagno |
CVE‑2021‑1079 | |
ERNW Enno Rey Netzwerke GmbH 的 Aleksandar Milenkoski (@milenkowski) | CVE‑2021‑1072 | |
Michael de Gans | CVE‑2021‑1070 | |
Billy Laws | CVE‑2021‑1069 | |
Western Digital 的 Rotem Sela 和 Brian Mastenbrook | CVE‑2021‑1067 | |
NVIDIA 產品安全性團隊 | CVE‑2021‑1068 | |
Billy Laws | CVE‑2021‑1069 | |
西安交通大學 MOE KLINNS 實驗室智慧行動系統小組的 Xinyuan Lyu | CVE‑2021‑1056 | |
NVIDIA 產品安全性團隊 | CVE‑2021‑1057、CVE-2021-1058、CVE‑2021‑1059、CVE‑2021‑1062 | |
NVIDIA 也感謝以下人士的貢獻,讓我們的產品更加安全 Simranjit Singh Naif F Alanazi Gaurang Maheta Dristant Uprety Tencent Force Dragos, Inc. 的 Kent Backman Idan Noiman 普渡大學的 Zhuo Zhang Michael Dubell |
致謝名單 | CVE ID | |
---|---|---|
奇虎 360 網路安全響應中心的 Hou JingYi (@hjy79425575) | CVE‑2020‑5992 | |
奇虎 360 AIVUL 團隊的 Weidang Peng | CVE‑2020‑5991 | |
Sergey Gordeychik | CVE‑2020‑11483、CVE‑2020‑11487、CVE‑2020‑11489 | |
Roman Palkin 和 Sergey Gordeychik | CVE‑2020‑11484 | |
Maria Samoylova、Denis Kolegov 和 Roman Palkin | CVE‑2020‑11485 | |
Denis Kolegov 和 Sergey Gordeychik | CVE‑2020‑11615、CVE‑2020‑11616 | |
Sergey Gordeychik、Maria Samoylova、Denis Kolegov 和 Roman Palkin | CVE‑2020‑11486、CVE-2020-11488 | |
Boris Ryutin | CVE-2020-5977 | |
迪卡儂的 Xavier DANEST | CVE-2020-5977 | |
ACTIVELabs 的 Hashim Jawad | CVE-2020-5978、CVE-2020-5990 | |
NVIDIA 產品安全性團隊 | CVE-2020-5983、CVE-2020-5986 | |
Microsoft 的 Jo Hemmerlein | CVE-2020-5979 | |
Pen Test Partners LLP 的 Andy Gill | CVE-2020-5980 | |
Cisco Talos 的 Piotr Bania | CVE-2020-5981 | |
Rhet Evans | CVE-2020-5975 | |
Martino Trevisan | CVE-2020-5976 | |
Michael de Gans | CVE-2020-5974 | |
CyberArk Labs 的 Eviatar Gerzi Secure D Center Co.,Ltd. 旗下 Secure D Center 研究團隊的 Nuttakorn Tungpoonsup Secure D Center Co.,Ltd. 旗下 Secure D Center 研究團隊的 Ammarit Thongthua 網路安全研究人員 Sittikorn Sangrattanapitak |
CVE-2020-5962 | |
Thomas E. Carroll | CVE-2020-5963 | |
Cisco Talos 的 Piotr Bania | CVE-2020-5965 | |
奇虎 360 核心安全的 Zhiniang Peng (@edwardzpeng) 和 Xuefeng Li | CVE-2020-5957 | |
NVIDIA 也感謝以下人士的貢獻,讓我們的產品更加安全 Emmanuel B. Doctor Web, Ltd. 的 Ivan Korolev Ivashko Yurii Mahmoud Basel Jayyousi Michael de Gans Anurag Vijay Bhoir Deives Jonathan Bill Nickless Thomas Bryan Austin Mackey |
致謝名單 | CVE ID |
---|---|
RyotaK | CVE-2019-5702 |
Ryan Grachek | CVE-2019-5700 |
ACTIVELabs 的 Hashim Jawad | CVE-2019-5701 |
SafeBreach Labs 的 Peleg Hadar | CVE-2019-5695 |
成都理工大學 Siyuan Yi | CVE-2019-5689 |
SafeBreach Labs 的 Peleg Hadar | CVE-2019-5694 CVE-2019-5695 |
Microsoft 的 Lucas Pinheiro | CVE-2019-5692 |
Eclypsium 的 Jesse Michael 和 Mickey Shkatov | CVE-2019-5688 |
Ryan Grachek | CVE-2019-5700 |
Yousra Aafer | CVE-2019-5681 |
Leron Gray (daddycocoaman) | CVE-2019-5682 |
Cisco Talos 的 Piotr Bania | CVE-2019-5684 CVE-2019-5685 |
Balázs Triszka | CVE-2019-5680 |
Rhino Security Labs 的 David Yesland | CVE-2019-5678 |
Fortinet 旗下 FortiGuard Labs 的 Kushal Arvind Shah、Łukasz 'zaeek'、Yasin Soliman、Marius Gabriel Mihai 和 Stefan Kanthak | CVE-2019-5676 |
Jesse Raffa | CVE-2019-5672 |
Rhino Security Labs 的 David Yesland | CVE-2019-5674 |
Christoffer Wiman | CVE-2019-5665 |
Pankaj Kumar Thakur Taeyun Jang Eclypsium 的 Jesse Michael 和 Mickey Shkatov Rich Mirch Raghavendra Singh Sameer Phad Hamdi Maamri Jonesy |
無 |
致謝名單 | CVE ID |
---|---|
Akshay Jain | CVE-2018-6266 |
Pierre-Alexandre Braeken | CVE-2018-6263 |
Hoda Naghibijouybari、Ajaya Neupane、Zhiyun Qian 和 Nael Abu-Ghazaleh | CVE-2018-6260 |
Mark Barnes | CVE-2018-6261 |
Kate Temkin | CVE-2018-6242 |
Cisco Talos 的 Piotr Bania | CVE-2018-6251 |
Gehan Kaushal,Hassy Vinod | 無 |
致謝名單 | CVE ID |
---|---|
Andriy Noble | 無 |
Tesla Motors 產品安全性團隊的 Nathan Crandall | CVE-2017-0306 CVE-2016-6915 CVE-2016-6916 CVE-2016-6917 |
Tim Harrison | CVE-2017-0316 |
IOActive 的 Enrique Nissim | CVE-2017-6269 CVE-2017-6270 CVE-2017-6271 |
IOActive 的 Enrique Nissim | CVE-2017-6256 |
倫敦帝國學院多核心程式設計小組的 Andrei Lascu 和 Alastair Donaldson | CVE-2017-6259 |
Google Project Zero 的 Oliver Chang | CVE-2017-0312 CVE-2017-0313 |
Ryan Whitworth | CVE-2017-0317 |
Fortinet 旗下 FortiGuard Labs 的 Kushal Arvind Shah | 無 |
Tim Harrison | 無 |
致謝名單 | CVE ID |
---|---|
Oden Schmit | CVE-2016-8827 |
Google Project Zero 的 Oliver Chang | CVE-2016-8822 |
Cisco Talos 的 Piotr Bania | CVE-2016-8823 |
Tesla Motors 產品安全性團隊的 Nathan Crandall | CVE-2016-6915 CVE-2016-6916 CVE-2016-6917 |
Tesla Motors 產品安全性團隊的 Nathan Crandall | CVE-2016-3847 CVE-2016-3848 |
趨勢科技的 Peter Pi | CVE-2016-3793 |
Scott Bauer | CVE-2016-3815 |
CORE Team 的 Chiachih Wu | CVE-2016-3844 |
CORE Team 的 Mingjian Zhou | CVE-2016-3844 |
CORE Team 的 Xuxian Jiang | CVE-2016-3844 |
IBM X-Force 安全性研究人員 Sagi Kedmi | CVE-2016-3873 |
Jianqiang Zhao | CVE-2016-6688 CVE-2016-6677 CVE-2016-6687 CVE-2016-6686 CVE-2016-3930 |
奇虎 360 科技有限公司旗下 IceSword Lab 的 PJF | CVE-2016-6688 CVE-2016-6677 CVE-2016-6687 CVE-2016-6686 CVE-2016-3930 |
CORE Team 的 Mingjian Zhou | CVE-2016-3933 |
CORE Team 的 Chiachih Wu | CVE-2016-3933 |
CORE Team 的 Xuxian Jiang | CVE-2016-3933 |
Google Project Zero 的 Oliver Chang | CVE-2016-8805 CVE-2016-8806 CVE-2016-8807 CVE-2016-8808 CVE-2016-8809 CVE-2016-8810 CVE-2016-8811 CVE-2016-8812 CVE-2016-7391 CVE-2016-7387 CVE-2016-7385 CVE-2016-7390 CVE-2016-7384 CVE-2016-7386 |
Tripwire VERT | CVE-2016-4959 |
Alin Ghica | CVE-2016-3161 CVE-2016-5852 |
Microsoft 安全性漏洞研究的 Joseph Bialek | CVE-2016-4960 CVE-2016-4961 |
Daniel Cornel | CVE-2016-5025 |
奇虎 360 科技有限公司旗下 IceSword Lab 的 Jianqiang Zhao | CVE-2016-2434 CVE-2016-2435 CVE-2016-2436 CVE-2016-2445 CVE-2016-2446 |
奇虎 360 科技有限公司旗下 IceSword Lab 的 PJF | CVE-2016-2434 CVE-2016-2435 CVE-2016-2436 CVE-2016-2445 CVE-2016-2446 |
CORE Team 的 Yuan-Tsung Lo | CVE-2016-2437 |
CORE Team 的 Lubo Zhang | CVE-2016-2437 |
CORE Team 的 Chiachih Wu | CVE-2016-2437 |
CORE Team 的 Xuxian Jiang | CVE-2016-2437 |
致謝名單 | CVE ID |
---|---|
Zimperium 的 Joshua J. Drake | CVE-2015-1538 CVE-2015-1539 CVE-2015-3824 CVE-2015-3826 CVE-2015-3827 CVE-2015-3828 CVE-2015-3829 CVE-2015-3864 |
McAfee/Intel Security 與 NVIDIA 合作 | 無 CVE |
Intel 的 Axel Monroy 與 NVIDIA 合作 | CVE-2015-7869 |
Intel 的 Nikita Tarakanov 與 NVIDIA 合作 | CVE-2015-7869 |
Wesley Daniels | CVE-2015-7866 |
Mellanox Technologies 與 NVIDIA 合作 | CVE-2015-5053 |
Dario Weisser | CVE-2015-5950 |
James Forshaw,Google Project Zero | CVE-2015-1170 |
致謝名單 | CVE ID |
---|---|
Lee Campbell,Google Chrome 安全性小組 (Google Chrome Security) | CVE-2014-5332 |
Adam Jackson | CVE-2014-8093 CVE-2014-8098 |
Alan Coopersmith | CVE-2014-8093 CVE-2014-8098 |
Robert Morell,NVIDIA | CVE-2014-8298 |
致謝名單 | CVE ID |
---|---|
X.Org 基金會 Nouveau 專案的 Marcin Kościelnicki | CVE-2013-5987 |