UBUNTU-CVE-2025-2912

A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The...

CVE-2025-2912

CVE-2025-2912 (HDF5) affects HDF5 up to 1.14.6. The vulnerability is in the function H5O_msg_flush (src/H5Omessage.c) where manipulation of the argument oh leads to a heap-based buffer overflow. Exploitation requires local access, and public disclosure of the exploit is noted. Connected OSV entri...

PT-2025-13551

Name of the Vulnerable Software and Affected Versions HDF5 versions up to 1.14.6 Description A problematic vulnerability was found in HDF5, affecting the function H5F accum free of the file src/H5Faccum.c. The manipulation of the argument overlap size leads to a heap-based buffer overflow. This...

PT-2025-13568

Name of the Vulnerable Software and Affected Versions HDF5 versions up to 1.14.6 Description A problematic issue has been identified, affecting the H5MM realloc function in the file src/H5MM.c. The manipulation of the mem argument leads to a double free condition. This issue can be exploited...

PT-2025-13567

Name of the Vulnerable Software and Affected Versions HDF5 versions up to 1.14.6 Description A problematic issue was found in HDF5, affecting the H5HL fl deserialize function in the file src/H5HLcache.c. The manipulation of the free block argument leads to a heap-based buffer overflow. This issue...

PT-2025-13195 · Upx +2 · Upx +2

Name of the Vulnerable Software and Affected Versions: UPX versions up to 5.0.0 Description: A problematic issue was found in the function PackLinuxElf64::un DT INIT of the file src/p lx elf.cpp, leading to a heap-based buffer overflow. The attack can be launched on the local host. Recommendation...

UBUNTU-CVE-2025-2724

A vulnerability classified as problematic has been found in GNOME libgsf up to 1.14.53. Affected is the function sortingkeycopy. The manipulation of the argument Name leads to out-of-bounds read. It is possible to launch the attack on the local host. The vendor was contacted early about this...

UBUNTU-CVE-2025-2721

A vulnerability was found in GNOME libgsf up to 1.14.53. It has been classified as critical. This affects the function gsfbase64encodesimple. The manipulation of the argument sizet leads to heap-based buffer overflow. An attack has to be approached locally. The vendor was contacted early about th...

CVE-2025-2720

Removed by vendor...

CVE-2025-2588

A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability affects the function recaseexpand of the file src/fa.c. The manipulation of the argument re leads to null pointer dereference. Attacking locally is a requirement. The exploit has been...

CVE-2025-2588

CVE-2025-2588 affects Augeas (Hercules Augeas) 1.14.1. The vulnerability is in function re_case_expand in src/fa.c, where manipulation of the argument re can cause a null pointer dereference. Local access is required, and the exploit has been disclosed publicly. Remediation is available via updat...

SUSE CVE-2025-2308

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Zscaleoffsetdecompressonebyte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed...

SUSE CVE-2025-2310

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

AZL-58810 CVE-2025-2308 affecting package hdf5 1.14.6-1

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Zscaleoffsetdecompressonebyte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed...

AZL-58806 CVE-2025-2310 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

CVE-2025-2310

CVE-2025-2310 affects HDF5 1.14.6 and earlier, specifically the H5MM_strndup function in the Metadata Attribute Decoder. The vulnerability is a heap-based buffer overflow exploitable with local access; the exploit has been disclosed publicly. Several connected sources note a patch is available in...

CVE-2025-2308 HDF5 Scale-Offset Filter H5Z__scaleoffset_decompress_one_byte heap-based overflow

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Zscaleoffsetdecompressonebyte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed...

PT-2025-11306

Name of the Vulnerable Software and Affected Versions HDF5 version 1.14.6 Description A critical issue affects the function H5MM strndup of the component Metadata Attribute Decoder, leading to heap-based buffer overflow. The manipulation requires local attacking. The exploit has been disclosed to...

UBUNTU-CVE-2025-2149

A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnqSigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zeropoint leads to improper initialization. The attack needs to be approached...

Linux Distros Unpatched Vulnerability : CVE-2024-6062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swfsvgaddisosample of t...