29 matches found
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the H5Trefmemsetnull function. An attacker can cause a heap buffer overflow by supplying a specially crafted HDF5 .h5 file, which may result in denial of service or potentially allow execution of arbitrary...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the H5Tconvstructopt function. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted h5 file. Remediation Upgrade hdf5 to version 1.14.4.3 or higher. Referenc...
CVE-2024-32611 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32611 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-32615 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32615 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-32622 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32622 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-32607 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32607 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-32609 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32609 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-29157 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-29157 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-29159 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-29159 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-32605 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32605 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-29163 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-29163 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this issue...
AZL-40534 CVE-2024-33877 affecting package hdf5 for versions less than 1.14.4.3-1
HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Tconvstructopt in H5Tconv.c...
AZL-40531 CVE-2024-33873 affecting package hdf5 for versions less than 1.14.4.3-1
HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Dscattermem in H5Dscatgath.c...
AZL-40579 CVE-2024-32616 affecting package hdf5 for versions less than 1.14.4.3-1
HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5Odtypeencodehelper in H5Odtype.c...
AZL-40568 CVE-2024-32613 affecting package hdf5 for versions less than 1.14.4.3-1
HDF5 Library through 1.14.3 contains a heap-based buffer over-read in the function H5HLfldeserialize in H5HLcache.c, a different vulnerability than CVE-2024-32612...
AZL-40562 CVE-2024-32610 affecting package hdf5 for versions less than 1.14.4.3-1
HDF5 Library through 1.14.3 has a SEGV in H5Tclosereal in H5T.c, resulting in a corrupted instruction pointer...
AZL-40556 CVE-2024-32605 affecting package hdf5 for versions less than 1.14.4.3-1
HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VMmemcpyvv in H5VM.c called from H5Dcompactreadvv in H5Dcompact.c...
AZL-40637 CVE-2024-29159 affecting package hdf5 for versions less than 1.14.4.3-1
HDF5 through 1.14.3 contains a buffer overflow in H5Zfilterscaleoffset, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
AZL-40609 CVE-2024-29160 affecting package hdf5 for versions less than 1.14.4.3-1
HDF5 through 1.14.3 contains a heap buffer overflow in H5HGcacheheapdeserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
Magento XSS Vulnerability
In Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with limited administrative privileges can inject arbitrary JavaScript code via import / export functionality when creating profile action XML...