Nvidia Cuda Toolkit vulnerabilities

CVE-2025-33228 [HIGH] CWE-78 CVE-2025-33228: NVIDIA Nsight Systems contains a vulnerability in the gfx_hotspot recipe, where an attacker could ca NVIDIA Nsight Systems contains a vulnerability in the gfx_hotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the process_nsys_rep_cli.py script if the script is invoked manually. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial

CVE-2025-33229 [HIGH] CWE-427 CVE-2025-33229: NVIDIA Nsight Visual Studio for Windows contains a vulnerability in Nsight Monitor where an attacker NVIDIA Nsight Visual Studio for Windows contains a vulnerability in Nsight Monitor where an attacker can execute arbitrary code with the same privileges as the NVIDIA Nsight Visual Studio Edition Monitor application. A successful exploit of this vulnerability may lead to escalation of privileges, code execution, data tampering, denial of service, and

CVE-2025-33230 [HIGH] CWE-78 CVE-2025-33230: NVIDIA Nsight Systems for Linux contains a vulnerability in the .run installer, where an attacker co NVIDIA Nsight Systems for Linux contains a vulnerability in the .run installer, where an attacker could cause an OS command injection by supplying a malicious string to the installation path. A successful exploit of this vulnerability might lead to escalation of privileges, code execution, data tampering, denial of service, and information disclosure.

CVE-2025-33231 [MEDIUM] CWE-427 CVE-2025-33231: NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanis NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service and infor

CVE-2025-23339 [LOW] CWE-121 CVE-2025-23339: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may ca NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may cause a stack-based buffer overflow by getting the user to run cuobjdump on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running cuobjdump.

CVE-2025-23275 [MEDIUM] CWE-787 CVE-2025-23275: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information disclosure.

CVE-2025-23308 [LOW] CWE-122 CVE-2025-23308: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cau NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cause a heap-based buffer overflow by getting the user to run nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running nvdisasm.

CVE-2025-23273 [LOW] CWE-369 CVE-2025-23273: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.

CVE-2025-23338 [LOW] CWE-129 CVE-2025-23338: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.

CVE-2025-23346 [LOW] CWE-476 CVE-2025-23346: NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NU NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a limited denial of service.

CVE-2025-23271 [LOW] CWE-125 CVE-2025-23271: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user m NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.

CVE-2025-23255 [LOW] CWE-125 CVE-2025-23255: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user may cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability may lead to a partial denial of service.

CVE-2025-23248 [LOW] CWE-125 CVE-2025-23248: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user m NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.

CVE-2025-23340 [LOW] CWE-125 CVE-2025-23340: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user m NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.

CVE-2025-23247 [MEDIUM] CWE-130 CVE-2025-23247: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a fail NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

CVE-2024-53874 [LOW] CWE-125 CVE-2024-53874: NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.

CVE-2024-53879 [LOW] CWE-1284 CVE-2024-53879: NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.

CVE-2024-53871 [LOW] CWE-125 CVE-2024-53871: NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service.

CVE-2024-53872 [LOW] CWE-125 CVE-2024-53872: NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.

CVE-2024-53873 [LOW] CWE-125 CVE-2024-53873: NVIDIA CUDA toolkit for Windows contains a vulnerability in the cuobjdump binary, where a user could NVIDIA CUDA toolkit for Windows contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.