Product
Security

NVIDIA takes security concerns seriously and works to quickly evaluate and address them. Once a security concern is reported, NVIDIA commits the appropriate resources to analyze, validate and provide corrective actions to address the issue.

NVIDIA encourages Coordinated Vulnerability Disclosure of security vulnerabilities through the Security Vulnerability Submission Form.

NVIDIA thanks the following individuals and organizations for their contribution towards making our products more secure.
For details on CVE IDs, go to NVIDIA Security Bulletin page.   

  • 2024

    Acknowledgment CVE IDs
    nEINEI - Tencent-zhuquelab CVE-2024-0123, CVE-2024-0124, CVE-2024-0125
    r3pwnx CVE-2024‑0116
    Andres Riancho, Ronen Shustin and Shir Tamari - Wiz Research CVE-2024‑0132, CVE-2024-0133
    r3pwnx CVE-2024-0109, CVE-2024-0110
    r3pwnx, nEINEI - Tencent-zhuquelab CVE-2024-0111
    ByteDance CVE-2024‑0115
    Cyrille CHATRAS - Orange Group CVE-2024‑0113
    Matteo Marini and Daniele Cono D'Elia CVE-2024‑0102
    Piotr Bania - Cisco Talos CVE-2024‑0107
    CYS DET PEN - Siemens CVE-2024-0089
    Jisoo Jang, Joonkyo Jung, Yongwan Jo, and Dokyung Song - Yonsei University CVE-2024-0090
    Frederik Pustelnik CVE-2024-0093
    pinkdraconian CVE-2024-0095
    Andrew Innes, Will Williams, Jamie Dougherty, Markus Hennerbichler CVE-2024-0103
    pinkdraconian, lawliet & Zhiniang Peng (@edwardzpeng) - Sangfor CVE-2024-0087
    lawliet & Zhiniang Peng (@edwardzpeng) - Sangfor CVE-2024-0088
    Matteo Marini and Daniele Cono D'Elia CVE-2024‑0072, CVE-2024-0076
    hjy79425575 CVE‑2023-31028, CVE-2024-0080
    l1k3beef - tencent-zhuquelab CVE-2024-0082
    Ozgun Kultekin CVE-2024-0083
    ALJI Mohamed (sim4n6) CVE-2024-0081
    Piotr Bania - Cisco Talos CVE-2024-0071
    HaoKun Yang CVE-2023-31037
    NVIDIA also thanks the following individuals for their contribution towards making our products more secure

    Sakil Hasan Saikat
    Jonas Rudloff, Tethys Svensson, Kristoffer Søholm
    Zhenkai Zhang - Clemson University
    Yanan Guo, Zhenkai Zhang, and Jun Yang
    Pietro `suidpit` Tirenna
    Shubham Deshmukh
    Pranav Jayabalan - The Cybersecurity Syndicate
    Nayeem Islam
    xsstestov
    François Proulx - BoostSecurity.io
    Florent Chabaud - Eviden
    EL HATIMI MOHAMED AMINE
    YUXIANG LI - Tencent zhuquelab
    Shivam Dhingra
    Philip Hellmann
    Adnan Khan
    Michał Krassowski
    Rajnish Kumar Gupta (geekyrajnish)
    Prathamesh B. Vilayatkar (hackerpratham)
    Tobias Diehl - Bulletproof
    Aviv Keller
    Andreas Klopsch
    Shay Ben Tikva
    IncessantQuack
    Michalk
    Bharat (mrnoob)
  • 2023

    Acknowledgment CVE IDs
    l1k3beef - tencent-zhuquelab CVE-2023-31036
    Lockheed Martin Red Team CVE-2023-31017
    Patryk Nowakowski CVE-2023-31027
    Marc Dovero CVE-2023-25525, CVE-2023-25526
    Hugo Magalhaes - Oracle CVE-2023-25519
    Oversecured CVE-2023-31014
    NVIDIA Offensive Security Research (OSR) team CVE-2023-25527, CVE-2023-25528, CVE-2023-25529, CVE-2023-25530, CVE-2023-25531, CVE-2023-25532, CVE-2023-25533, CVE-2023-31008, CVE-2023-31009, CVE-2023-31010, CVE-2023-31011, CVE-2023-31012, CVE-2023-31013
    Jifan Xiao CVE-2023-25523
    Worldcoin Security Lab CVE-2023-25518
    Trae Mazza CVE-2023-25520
    zz zr and Zhaozixi105 CVE-2023-25510, CVE-2023-25511
    Luca Di Bartolomeo @ EPFL and Zhaozixi105 CVE-2023-25512
    Luca Di Bartolomeo @ EPFL CVE-2023-25513
    Xinhao Kong, Jingrong Chen, Wei Bai, Yechen Xu, Mahmoud Elhaddad, Shachar Raindel, Jitendra Padhye, Alvin R. Lebeck, and Danyang Zhuo. CVE-2023-0203, CVE-2023-0204, CVE-2023-0205
    Imre Kis CVE-2023-0194, CVE-2023-0195
    r3pwnx (@r3pwnx) - 360AIVul CVE-2023-0193
    hjy79425575 CVE-2023-0196
    Minse Kim of DNSLab, Korea University CVE-2022-42291, CVE-2022-31611
    Shashi Bhushan CVE-2022-42268
    NVIDIA also thanks the following individuals for their contribution towards making our products more secure

    L1k3beef
    Durvesh Kolhe
    Jacob 'kobsoN' Hazak - Zero-Defense Labs
    Cale Anderson, Iustin Ladunca
    Iwan Pakochack
    happytohelp22 (happytohelpw)
    Abdelrahman Ibrahim Farg
    Joel Ilagan
    Dirisipo Abhishek
    Arnaud Granal
    Everton (@hydd3n.sec)
    Rick Ridgley
    Sofor
    Malek "Ryuku" Mesdour and Hasan Sheet
    Meet Narkhede
    Mahmoud Soliman and Mahmoud Elsharawy
    Sharique Raza
    Ademar Nowasky Junior
    Rushabh Vyas
    Bhuwan Bhetwal (ya3raj)
    Kira
    Sheshank Shekhar Pandey (Mithun.1999)
    Bhuwan Bhetwal (ya3raj) – Cryptogen Nepal
    Rajnish Kumar (Dreamer)
    Ori Levi
    Akhil Jha
    Vinit Betkar
    Mayank Pandey (@mayank_pandey01)
    Malek "Ryuku" Mesdour
    Pradip Bhattarai
    Ryan Petroschka
    Tim Schiewe
    Chetanya Sharma @AggressiveUser
    Bharat (mrnoob)
    Rifat Al Jubayer
    Mohit Kumar
    Pratik Shetty
    Sameer Ahmad
  • 2022

    Acknowledgment CVE IDs
    NVIDIA Offensive Security Research (OSR) team CVE-2022-42271, CVE-2022-42272, CVE-2022-42273, CVE-2022-42274, CVE-2022-42275, CVE-2022-42276, CVE-2022-42277, CVE-2022-42278, CVE-2022-42279, CVE-2022-42280, CVE-2022-42281, CVE-2022-42282, CVE-2022-42283, CVE-2022-42284, CVE-2022-42285, CVE-2022-42286, CVE-2022-42287, CVE-2022-42288, CVE-2022-42289, CVE-2022-42290
    hjy79425575 CVE: CVE-2022-34667
    Daniel Santos (@bananabr) CVE-2022-34669
    Piotr Bania - Cisco Talos CVE-2022-34671
    Tal Lossos CVE-2022-34682
    Wei Lei and Sergey Kornienko (@b1thvn_) of PixiePoint Security CVE-2022-34683, CVE-2022-42266
    Oliver Sellwood (Nintorac)
    Elias Hohl
    CVE-2022-34668
    Thierry Doré of Quarkslab CVE‑2022‑31606, CVE‑2022‑31612, CVE‑2022‑31616, CVE‑2022‑31617
    Le Wu of Baidu Security CVE‑2022‑31607
    Artem S. Tashkinov CVE‑2022‑31608
    Tal Lossos CVE‑2022‑31615
    NVIDIA Product Security Team CVE-2022-28200, CVE-2022-31599, CVE-2022-31600, CVE-2022-31601, CVE-2022-31602, CVE-2022-31603
    Piortr Bania of Cisco Talos CVE‑2022‑28181 and CVE-28182.
    Xavier Danest - Decathlon CVE‑2022‑28198.
    Galen Schretlen of Worldcoin CVE‑2022‑28193, CVE‑2022‑28194, CVE‑2022‑28195, CVE‑2022‑28196, CVE‑2022‑28197.
    Leonardo Galli CVE‑2022‑21821
    Jeremy Brown CVE‑2022‑21820
    Oliver Sellwood CVE-2022-21822
    Bennie Affleck of The Good Penguin Ltd CVE‑2022‑21819
    Dmitriy Rabotyagov and Magnus Bergman CVE-2022-21818
    Billy Laws CVE‑2021‑34406
    NVIDIA also thanks the following individuals for their contribution towards making our products more secure

    Corrie Sloot
    Darshan Kulkarni
    Ivo Abreu (berjimk)
    Yash Kushwah
    Sawrav Chowdhury (@sawravchy)
    Hariharan S (@Neo_X37)
    Vinayak Sakhare - AFour Technologies
    Bibek Sapkota (Sar00n)
    Salah Eddine Louffidi
    Rohit Sharma(@r0x5r)
    Hossam Gamil Torada
    Qusai Alhaddad - Honeywell
    Michael Klimenko (mk1337)
    Arup Ghosh - Institute of Life Sciences
    Wei Lei and Sergey Kornienko (@b1thvn_) of PixiePoint Security
    Muhanad Israiwi
    Kyrillos Reyad (Ryad)
    Maheta Keyur Maheshbhai
    Michael Weishaar from INNEO Solutions GmbH
    Eslam Kamal (Strik3r)
    Krishna Agarwal
    Jelle Ursem
    Mohamed Abdelhady
    Ruturaj Sharbidre
    Tamim Hasan
    Ronald Stephen
    Curtis Houghton
    Johan Källström from Ericsson AB
    Aniket Eknath Kudale
    Pankaj Kumar Thakur
  • 2021

    Acknowledgment CVE IDs
    David Köhler CVE‑2021‑23175
    Alexander Tereshkin, Alexander Matrosov, and Adam ‘pi3’ Zabrocki of NVIDIA Product Security Team CVE‑2021‑0144
    Fabian Toepfer CVE‑2021‑1090, CVE‑2021‑1095, CVE‑2021‑1096
    Wenxiang Qian of Tencent Blade Team CVE‑2021‑1099, CVE‑2021‑1100
    NVIDIA Product Security Team CVE‑2021‑1103
    Frédéric Perriot of the Apple Media Products RedTeam CVE-2021-34372, CVE-2021-34373, CVE-2021-34374, CVE-2021-34375, CVE-2021-34376, CVE-2021-34377, CVE-2021-34378, CVE-2021-34379, CVE-2021-34380, CVE-2021-34381, CVE-2021-34382, CVE-2021-34383, CVE-2021-34384, CVE-2021-34385, CVE-2021-34386, CVE-2021-34387, CVE-2021-34388, CVE-2021-34389, CVE-2021-34390, CVE-2021-34391, CVE-2021-34392, CVE-2021-34393, CVE-2021-34394, CVE-2021-34395, CVE-2021-34396, CVE-2021-34397
    Wenxiang Qian of Tencent Blade Team CVE‑2021‑1082, CVE-2021-1084, CVE-2021-1087
    NVIDIA Product Security Team CVE‑2021‑1081, CVE-2021-1083
    Matt Batten
    Paolo Stagno
    CVE‑2021‑1079
    Aleksandar Milenkoski (@milenkowski) of ERNW Enno Rey Netzwerke GmbH CVE‑2021‑1072
    Michael de Gans CVE‑2021‑1070
    Billy Laws CVE‑2021‑1069
    Rotem Sela and Brian Mastenbrook of Western Digital CVE‑2021‑1067
    NVIDIA Product Security Team CVE‑2021‑1068
    Billy Laws CVE‑2021‑1069
    Xinyuan Lyu of Intelligent Mobile Systems Group, MOE KLINNS Lab, Xi'an Jiaotong University CVE‑2021‑1056
    NVIDIA Product Security Team CVE‑2021‑1057, CVE-2021-1058, CVE‑2021‑1059, CVE‑2021‑1062
    NVIDIA also thanks the following individuals for their contribution towards making our products more secure

    Simranjit Singh
    Naif F Alanazi
    Gaurang Maheta
    Dristant Uprety
    Tencent Force
    Kent Backman of Dragos, Inc.
    Idan Noiman
    Zhuo Zhang of Purdue University
    Michael Dubell
  • 2020

    Acknowledgment CVE IDs
    Hou JingYi (@hjy79425575) of Qihoo 360 CERT CVE‑2020‑5992
    Weidang Peng of Qihoo 360 AIVUL Team CVE‑2020‑5991
    Sergey Gordeychik CVE‑2020‑11483, CVE‑2020‑11487, CVE‑2020‑11489
    Roman Palkin and Sergey Gordeychik CVE‑2020‑11484
    Maria Samoylova, Denis Kolegov, and Roman Palkin CVE‑2020‑11485
    Denis Kolegov and Sergey Gordeychik CVE‑2020‑11615, CVE‑2020‑11616
    Sergey Gordeychik, Maria Samoylova, Denis Kolegov, and Roman Palkin CVE‑2020‑11486, CVE-2020-11488
    Boris Ryutin CVE-2020-5977
    Xavier DANEST - Decathlon CVE-2020-5977
    Hashim Jawad of ACTIVELabs CVE-2020-5978, CVE-2020-5990
    NVIDIA Product Security Team CVE-2020-5983, CVE-2020-5986
    Jo Hemmerlein of Microsoft CVE-2020-5979
    Andy Gill of Pen Test Partners LLP CVE-2020-5980
    Piotr Bania of Cisco Talos CVE-2020-5981
    Rhet Evans CVE-2020-5975
    Martino Trevisan CVE-2020-5976
    Michael de Gans CVE-2020-5974
    Eviatar Gerzi, CyberArk Labs
    Nuttakorn Tungpoonsup, Secure D Center Research Team, Secure D Center Co.,Ltd.
    Ammarit Thongthua, Secure D Center Research Team, Secure D Center Co.,Ltd.
    Sittikorn Sangrattanapitak, Cybersecurity Researcher
    CVE-2020-5962
    Thomas E. Carroll CVE-2020-5963
    Piotr Bania of Cisco Talos CVE-2020-5965
    Zhiniang Peng (@edwardzpeng) of Qihoo 360 Core Security and Xuefeng Li CVE-2020-5957
    NVIDIA also thanks the following individuals for their contribution towards making our products more secure

    Emmanuel B.
    Ivan Korolev of Doctor Web, Ltd.
    Ivashko Yurii
    Mahmoud Basel Jayyousi
    Michael de Gans
    Anurag Vijay Bhoir
    Deives Jonathan
    Bill Nickless
    Thomas Bryan
    Austin Mackey
  • 2019

    Acknowledgment CVE IDs
    RyotaK CVE-2019-5702
    Ryan Grachek CVE-2019-5700
    Hashim Jawad of ACTIVELabs CVE-2019-5701
    Peleg Hadar of SafeBreach Labs CVE-2019-5695
    Siyuan Yi of Chengdu University of Technology CVE-2019-5689
    Peleg Hadar of SafeBreach Labs CVE-2019-5694
    CVE-2019-5695
    Lucas Pinheiro of Microsoft CVE-2019-5692
    Jesse Michael and Mickey Shkatov of Eclypsium CVE-2019-5688
    Ryan Grachek CVE-2019-5700
    Yousra Aafer CVE-2019-5681
    Leron Gray (daddycocoaman) CVE-2019-5682
    Piotr Bania of Cisco Talos CVE-2019-5684
    CVE-2019-5685
    Balázs Triszka CVE-2019-5680
    David Yesland of Rhino Security Labs CVE-2019-5678
    Kushal Arvind Shah of Fortinet's FortiGuard Labs; Łukasz 'zaeek'; Yasin Soliman; Marius Gabriel Mihai; and Stefan Kanthak CVE-2019-5676
    Jesse Raffa CVE-2019-5672
    David Yesland of Rhino Security Labs CVE-2019-5674
    Christoffer Wiman CVE-2019-5665
    Pankaj Kumar Thakur
    Taeyun Jang
    Jesse Michael and Mickey Shkatov of Eclypsium
    Rich Mirch
    Raghavendra Singh
    Sameer Phad
    Hamdi Maamri
    Jonesy
    N/A
  • 2018

    Acknowledgment CVE IDs
    Akshay Jain CVE-2018-6266
    Pierre-Alexandre Braeken CVE-2018-6263
    Hoda Naghibijouybari, Ajaya Neupane, Zhiyun Qian, and Nael Abu-Ghazaleh CVE-2018-6260
    Mark Barnes CVE-2018-6261
    Kate Temkin CVE-2018-6242
    Piotr Bania of Cisco Talos CVE-2018-6251
    Gehan Kaushal, Hassy Vinod N/A
  • 2017

    Acknowledgment CVE IDs
    Andriy Noble N/A
    Nathan Crandall, Tesla Motors Product Security Team CVE-2017-0306
    CVE-2016-6915
    CVE-2016-6916
    CVE-2016-6917
    Tim Harrison CVE-2017-0316
    Enrique Nissim, IOActive CVE-2017-6269
    CVE-2017-6270
    CVE-2017-6271
    Enrique Nissim, IOActive CVE-2017-6256
    Andrei Lascu and Alastair Donaldson, Multicore Programming Group at Imperial College London CVE-2017-6259
    Oliver Chang, Google Project Zero CVE-2017-0312
    CVE-2017-0313
    Ryan Whitworth CVE-2017-0317
    Kushal Arvind Shah, Fortinet's FortiGuard Labs N/A
    Tim Harrison N/A
  • 2016

    Acknowledgment CVE IDs
    Oden Schmit CVE-2016-8827
    Oliver Chang, Google Project Zero CVE-2016-8822
    Piotr Bania, Cisco Talos CVE-2016-8823
    Nathan Crandall, Tesla Motors Product Security Team CVE-2016-6915
    CVE-2016-6916
    CVE-2016-6917
    Nathan Crandall, Tesla Motors Product Security Team CVE-2016-3847
    CVE-2016-3848
    Peter Pi, Trend Micro CVE-2016-3793
    Scott Bauer CVE-2016-3815
    Chiachih Wu, CORE Team CVE-2016-3844
    Mingjian Zhou, CORE Team CVE-2016-3844
    Xuxian Jiang, CORE Team CVE-2016-3844
    Sagi Kedmi, IBM Security X-Force Researcher CVE-2016-3873
    Jianqiang Zhao CVE-2016-6688
    CVE-2016-6677
    CVE-2016-6687
    CVE-2016-6686
    CVE-2016-3930
    PJF, IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2016-6688
    CVE-2016-6677
    CVE-2016-6687
    CVE-2016-6686
    CVE-2016-3930
    Mingjian Zhou, CORE Team CVE-2016-3933
    Chiachih Wu, CORE Team CVE-2016-3933
    Xuxian Jiang, CORE Team CVE-2016-3933
    Oliver Chang, Google Project Zero CVE-2016-8805
    CVE-2016-8806
    CVE-2016-8807
    CVE-2016-8808
    CVE-2016-8809
    CVE-2016-8810
    CVE-2016-8811
    CVE-2016-8812
    CVE-2016-7391
    CVE-2016-7387
    CVE-2016-7385
    CVE-2016-7390
    CVE-2016-7384
    CVE-2016-7386
    Tripwire VERT CVE-2016-4959
    Alin Ghica CVE-2016-3161
    CVE-2016-5852
    Joseph Bialek, Microsoft Vulnerability Research CVE-2016-4960
    CVE-2016-4961
    Daniel Cornel CVE-2016-5025
    Jianqiang Zhao, IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2016-2434
    CVE-2016-2435
    CVE-2016-2436
    CVE-2016-2445
    CVE-2016-2446
    PJF, IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2016-2434
    CVE-2016-2435
    CVE-2016-2436
    CVE-2016-2445
    CVE-2016-2446
    Yuan-Tsung Lo, CORE Team CVE-2016-2437
    Lubo Zhang, CORE Team CVE-2016-2437
    Chiachih Wu, CORE Team CVE-2016-2437
    Xuxian Jiang, CORE Team CVE-2016-2437
  • 2015

    Acknowledgment CVE IDs
    Joshua J. Drake, Zimperium CVE-2015-1538
    CVE-2015-1539
    CVE-2015-3824
    CVE-2015-3826
    CVE-2015-3827
    CVE-2015-3828
    CVE-2015-3829
    CVE-2015-3864
    McAfee/Intel Security in cooperation with NIVIDA No CVE
    Axel Monroy, Intel, in cooperation with NIVIDA CVE-2015-7869
    Nikita Tarakanov, Intel, in cooperation with NVIDIA CVE-2015-7869
    Wesley Daniels CVE-2015-7866
    Mellanox Technologies in cooperation with NIVIDA CVE-2015-5053
    Dario Weisser CVE-2015-5950
    James Forshaw, Google Project Zero CVE-2015-1170
  • 2014

    Acknowledgment CVE IDs
    Lee Campbell, Google Chrome Security CVE-2014-5332
    Adam Jackson CVE-2014-8093
    CVE-2014-8098
    Alan Coopersmith CVE-2014-8093
    CVE-2014-8098
    Robert Morell, NVIDIA CVE-2014-8298
  • 2013

    Acknowledgment CVE IDs
    Marcin Kościelnicki, X.Org Foundation Nouveau Project CVE-2013-5987