Total
128 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-6516 | 1 Hdfgroup | 1 Hdf5 | 2025-06-26 | N/A | 7.8 HIGH |
| A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5F_addr_decode_len of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-44904 | 1 Hdfgroup | 1 Hdf5 | 2025-06-03 | N/A | N/A |
| hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function. | |||||
| CVE-2025-44905 | 1 Hdfgroup | 1 Hdf5 | 2025-06-03 | N/A | N/A |
| hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function. | |||||
| CVE-2025-2308 | 1 Hdfgroup | 1 Hdf5 | 2025-05-28 | N/A | 7.8 HIGH |
| A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Z__scaleoffset_decompress_one_byte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release. | |||||
| CVE-2025-2309 | 1 Hdfgroup | 1 Hdf5 | 2025-05-28 | N/A | 7.8 HIGH |
| A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5T__bit_copy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release. | |||||
| CVE-2025-2310 | 1 Hdfgroup | 1 Hdf5 | 2025-05-28 | N/A | 7.8 HIGH |
| A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MM_strndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release. | |||||
| CVE-2024-33877 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__conv_struct_opt in H5Tconv.c. | |||||
| CVE-2024-32620 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5F_addr_decode_len in H5Fint.c, resulting in the corruption of the instruction pointer. | |||||
| CVE-2024-33876 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 has a heap buffer overflow in H5S__point_deserialize in H5Spoint.c. | |||||
| CVE-2024-32622 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c (called from H5S_set_extent_simple in H5S.c). | |||||
| CVE-2024-32619 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the instruction pointer. | |||||
| CVE-2024-33873 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c. | |||||
| CVE-2024-33874 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c. | |||||
| CVE-2024-32624 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__ref_mem_setnull in H5Tref.c (called from H5T__conv_ref in H5Tconv.c), resulting in the corruption of the instruction pointer. | |||||
| CVE-2024-33875 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c, resulting in the corruption of the instruction pointer. | |||||
| CVE-2024-32623 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VM_array_fill in H5VM.c (called from H5S_select_elements in H5Spoint.c). | |||||
| CVE-2024-32621 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HG_read in H5HG.c (called from H5VL__native_blob_get in H5VLnative_blob.c), resulting in the corruption of the instruction pointer. | |||||
| CVE-2024-32607 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resulting in the corruption of the instruction pointer. | |||||
| CVE-2024-32606 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 may attempt to dereference uninitialized values in h5tools_str_sprint in tools/lib/h5tools_str.c (called from h5tools_dump_simple_data in tools/lib/h5tools_dump.c). | |||||
| CVE-2024-32614 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | N/A |
| HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c. | |||||