Total
128 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-6516 | 1 Hdfgroup | 1 Hdf5 | 2025-06-26 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5F_addr_decode_len of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-44904 | 1 Hdfgroup | 1 Hdf5 | 2025-06-03 | N/A | 8.8 HIGH |
| hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function. | |||||
| CVE-2025-44905 | 1 Hdfgroup | 1 Hdf5 | 2025-06-03 | N/A | 8.8 HIGH |
| hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function. | |||||
| CVE-2025-2308 | 1 Hdfgroup | 1 Hdf5 | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Z__scaleoffset_decompress_one_byte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release. | |||||
| CVE-2025-2309 | 1 Hdfgroup | 1 Hdf5 | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5T__bit_copy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release. | |||||
| CVE-2025-2310 | 1 Hdfgroup | 1 Hdf5 | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MM_strndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release. | |||||
| CVE-2017-17506 | 1 Hdfgroup | 1 Hdf5 | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. | |||||
| CVE-2017-17507 | 1 Hdfgroup | 1 Hdf5 | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5T_conv_struct_opt in H5Tconv.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. | |||||
| CVE-2017-17509 | 1 Hdfgroup | 1 Hdf5 | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file. | |||||
| CVE-2017-17508 | 1 Hdfgroup | 1 Hdf5 | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. | |||||
| CVE-2017-17505 | 1 Hdfgroup | 1 Hdf5 | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. | |||||
| CVE-2024-32619 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 7.4 HIGH |
| HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the instruction pointer. | |||||
| CVE-2024-32620 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 7.4 HIGH |
| HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5F_addr_decode_len in H5Fint.c, resulting in the corruption of the instruction pointer. | |||||
| CVE-2024-32621 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 9.8 CRITICAL |
| HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HG_read in H5HG.c (called from H5VL__native_blob_get in H5VLnative_blob.c), resulting in the corruption of the instruction pointer. | |||||
| CVE-2024-32622 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 9.1 CRITICAL |
| HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c (called from H5S_set_extent_simple in H5S.c). | |||||
| CVE-2024-32623 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 8.8 HIGH |
| HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VM_array_fill in H5VM.c (called from H5S_select_elements in H5Spoint.c). | |||||
| CVE-2024-32624 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 7.4 HIGH |
| HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__ref_mem_setnull in H5Tref.c (called from H5T__conv_ref in H5Tconv.c), resulting in the corruption of the instruction pointer. | |||||
| CVE-2024-33873 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 8.8 HIGH |
| HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c. | |||||
| CVE-2024-33874 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 9.8 CRITICAL |
| HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c. | |||||
| CVE-2024-33875 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 5.7 MEDIUM |
| HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c, resulting in the corruption of the instruction pointer. | |||||