4829 matches found
DEBIAN-CVE-2025-2913
A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FLblkgclist of the file src/H5FL.c. The manipulation of the argument H5FLblkheadt leads to use after free. An attack has to be approached locally. The exploit has been disclosed...
AZL-59388 CVE-2025-2915 affecting package hdf5 1.14.6-1
A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5Faccumfree of the file src/H5Faccum.c. The manipulation of the argument overlapsize leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been...
CVE-2025-2915
CVE-2025-2915 affects HDF5 up to 1.14.6. The vulnerable component is the function H5F__accum_free in src/H5Faccum.c, where manipulation of the argument overlap_size triggers a heap-based buffer overflow. Local attack required. Public exploit information exists per the CVE, and the impact stated i...
CVE-2025-2915
A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5Faccumfree of the file src/H5Faccum.c. The manipulation of the argument overlapsize leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been...
CVE-2025-2913 HDF5 H5FL.c H5FL__blk_gc_list use after free
A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FLblkgclist of the file src/H5FL.c. The manipulation of the argument H5FLblkheadt leads to use after free. An attack has to be approached locally. The exploit has been disclosed...
CVE-2025-2913 HDF5 H5FL.c H5FL__blk_gc_list use after free
A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FLblkgclist of the file src/H5FL.c. The manipulation of the argument H5FLblkheadt leads to use after free. An attack has to be approached locally. The exploit has been disclosed...
CVE-2025-2913
CVE-2025-2913 affects HDF5 1.14.6 and earlier, via H5FL__blk_gc_list in H5FL.c. The root cause is manipulation of H5FL_blk_head_t, which leads to a use-after-free condition. Local attacker access is required. Public exploit information exists. OSV entries describe the issue as a local-use-after-f...
CVE-2025-2913
A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FLblkgclist of the file src/H5FL.c. The manipulation of the argument H5FLblkheadt leads to use after free. An attack has to be approached locally. The exploit has been disclosed...
CVE-2025-2912
A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The...
CVE-2025-2912 HDF5 H5Omessage.c H5O_msg_flush heap-based overflow
A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The...
CVE-2025-2912 HDF5 H5Omessage.c H5O_msg_flush heap-based overflow
A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The...
CVE-2025-2912
A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The...
PT-2025-13569
Name of the Vulnerable Software and Affected Versions HDF5 versions up to 1.14.6 Description A problematic issue was found in HDF5, affecting the H5O cache chk serialize function in the file src/H5Ocache.c. This issue leads to a null pointer dereference. The attack must be approached locally...
DEBIAN-CVE-2025-2849
A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::unDTINIT of the file src/plxelf.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been...
CVE-2025-2721
A vulnerability was found in GNOME libgsf up to 1.14.53. It has been classified as critical. This affects the function gsfbase64encodesimple. The manipulation of the argument sizet leads to heap-based buffer overflow. An attack has to be approached locally. The vendor was contacted early about th...
GHSA-3P6V-HRG8-8QJ7 @mozilla/readability Denial of Service through Regex
Specially crafted titles may have caused a regular expression to excessively backtrack and cause a local denial of service. Additional Details are available at Bugzilla Credit: DayShift...
CVE-2025-2724
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The code maintainer explains that "the only way to get an object of type GsfMSOleSortingKey is via...
CVE-2025-2724
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The code maintainer explains that "the only way to get an object of type GsfMSOleSortingKey is via...
CVE-2025-2724
...
CVE-2025-2723
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The code maintainer explains that "the call is invalid as the buffer pointed to by "data" must have...