16 matches found
CVE-2026-26200
HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on...
PT-2024-40468 · Unknown · Simplesamlphp
Name of the Vulnerable Software and Affected Versions: SimpleSAMLphp versions prior to 1.14.4 Description: The issue allows attackers to display links targeting a malicious website inside a trusted site running SimpleSAMLphp, due to the lack of security checks involving the link href and retryURL...
AZL-42327 CVE-2024-3727 affecting package skopeo for versions less than 1.14.4-1
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
AZL-40732 CVE-2024-32623 affecting package hdf5 for versions less than 1.14.4-1
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VMarrayfill in H5VM.c called from H5Sselectelements in H5Spoint.c...
AZL-40682 CVE-2024-32611 affecting package hdf5 for versions less than 1.14.4-1
HDF5 Library through 1.14.3 may use an uninitialized value in H5Aattrreleasetable in H5Aint.c...
AZL-40706 CVE-2024-32614 affecting package hdf5 for versions less than 1.14.4-1
HDF5 Library through 1.14.3 has a SEGV in H5VMmemcpyvv in H5VM.c...
AZL-40720 CVE-2024-29158 affecting package hdf5 for versions less than 1.14.4-1
HDF5 through 1.14.3 contains a stack buffer overflow in H5FLarrmalloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
PT-2024-6211 · Unknown +2 · Hdf5 Library +2
Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to the h5tools str sprint function in the h5tools str.c file of the HDF5 Library, which may attempt to dereference uninitialized values. This could potentially allow an...
PT-2024-6210 · Unknown +2 · Hdf5 Library +2
Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to a buffer overflow in the heap, caused by the H5A close function in the H5Aint.c file of the HDF5 library, leading to corruption of the instruction pointer. This can be...
PT-2024-6205 · Unknown +2 · Hdf5 Library +2
Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to a heap-based buffer over-read in the H5HL fl deserialize function in the H5HLcache.c file of the HDF5 library. This can lead to the corruption of the instruction...
PT-2024-6193
Name of the Vulnerable Software and Affected Versions HDF5 Library versions prior to 1.14.4 Description The issue is related to a heap-based buffer overflow in the H5T ref mem setnull function in the H5Tref.c file of the HDF5 Library, which can lead to the corruption of the instruction pointer...
PT-2024-6188
Name of the Vulnerable Software and Affected Versions HDF5 Library versions prior to 1.14.4 Description The issue is related to a heap-based buffer overflow in the H5T conv struct opt function in the H5Tconv.c file of the HDF5 Library. This could potentially allow a remote attacker to impact the...
SUSE CVE-2013-4396
Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service daemon crash or possibly execute arbitrary code via a crafted ImageText request that triggers...
SUSE CVE-2020-14954
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data e.g., from a man-in-the-middle attacker and evaluates it in a TLS context, aka "response injection."...
PT-2022-5137 · D-Bus +10 · D-Bus +10
Name of the Vulnerable Software and Affected Versions: D-Bus versions 1.12.24 and earlier, 1.13.x, 1.14.x before 1.14.4, and 1.15.x before 1.15.2 Description: An issue was discovered in D-Bus where an authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when...
PT-2022-7537 · Hdf5 +2 · Hdf5 +2
Name of the Vulnerable Software and Affected Versions: HDF5 versions 1.14.3 and earlier Description: The issue is related to a buffer overflow in the H5Z filter scaleoffset function of the HDF5 library. This overflow occurs due to the lack of size checking for input data during the copying proces...