2009 matches found
CVE-2026-26200 HDF5 Affected by H5T__conv_struct_opt Heap Buffer Overflow
HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on...
CVE-2026-26200
CVE-2026-26200 affects HDF5 before version 1.14.4-2. An attacker able to control an HDF5 file being parsed can trigger a write-based heap buffer overflow, causing a denial of service and potentially, depending on the OS and exploitability, remote code execution. Real-world exploitation for RCE is...
CVE-2026-26200 HDF5 Affected by H5T__conv_struct_opt Heap Buffer Overflow
HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on...
CVE-2026-26200
HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on...
TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of plugins...
PT-2026-20861
Name of the Vulnerable Software and Affected Versions TensorFlow affected versions not specified Description A flaw exists in TensorFlow due to insecure handling of plugins, allowing local attackers to potentially escalate privileges on affected systems. An attacker must first have the ability to...
Linux Distros Unpatched Vulnerability : CVE-2026-26200
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer...
Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading
Summary TensorFlow / Keras continues to honor HDF5 “external storage” and ExternalLink features when loading weights. A malicious .weights.h5 or a .keras archive embedding such weights can direct loadweights to read from an arbitrary readable filesystem path. The bytes pulled from that path...
Duplicate Advisory: Keras vulnerable to arbitrary file read in the model loading mechanism (HDF5 integration)
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3m4q-jmj6-r34q. This link is maintained to preserve external references. Original Description Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all...
GHSA-GFMX-QQQH-F38Q Duplicate Advisory: Keras vulnerable to arbitrary file read in the model loading mechanism (HDF5 integration)
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3m4q-jmj6-r34q. This link is maintained to preserve external references. Original Description Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all...
AZL-77414 CVE-2026-1669 affecting package keras 3.3.3-6
Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...
DEBIAN-CVE-2026-1669
Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...
CVE-2026-1669
Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...
UBUNTU-CVE-2026-1669
Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...
CVE-2026-1669
Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...
CVE-2026-1669
Arbitrary file read in the model loading mechanism HDF5 integration in Keras versions 3.0.0 through 3.13.1 on all supported platforms allows a remote attacker to read local files and disclose sensitive information via a crafted .keras model file utilizing HDF5 external dataset references...
PT-2026-7728
Name of the Vulnerable Software and Affected Versions Keras versions 3.0.0 through 3.13.1 Description A flaw exists in the model loading mechanism, specifically within the HDF5 integration of Keras. This issue allows a remote attacker to read local files and potentially disclose sensitive...
[SECURITY] [DLA 4471-1] debian-security-support update
Debian LTS Advisory DLA-4471-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón February 06, 2026 https://wiki.debian.org/LTS Package : debian-security-support Version : 1:11+2026.02.06 Debian Bug : 1117607 1119290 1124248 debian-security-support, the Debian...
ROOT-OS-DEBIAN-11-CVE-2024-29164 CVE-2024-29164 in rootio-hdf5 - Patched by Root
Root has patched CVE-2024-29164 in the rootio-hdf5 package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2024-32621 CVE-2024-32621 in rootio-hdf5 - Patched by Root
Root has patched CVE-2024-32621 in the rootio-hdf5 package for Root:Debian:11. Multiple fixed versions available...