Astra Linux - уязвимость в hdf5

A vulnerability classified as problematic was discovered in HDF5 1.14.6. This vulnerability affects the function H5Ofsinfoencode in the file /src/H5Ofsinfo.c. The vulnerability leads to a heap-based buffer overflow. An attack can be launched on the local host. The exploit has been disclosed to th...

OESA-2026-2185 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

JLSEC-2026-331

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...

JLSEC-2026-332

A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5Faccumfree of the file src/H5Faccum.c. The manipulation of the argument overlapsize leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been...

JLSEC-2026-334

A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HLfldeserialize of the file src/H5HLcache.c. The manipulation of the argument freeblock leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The...

JLSEC-2026-340

A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FSsectfindnode of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

OPENSUSE-SU-2026:10125-1 python311-django-storages-1.14.6-1.1 on GA media

These are all security issues fixed in the python311-django-storages-1.14.6-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-2926 affecting package hdf5 for versions less than 1.14.6-1

CVE-2025-2926 affecting package hdf5 for versions less than 1.14.6-1. A patched version of the package is available...

OESA-2026-1007 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

OESA-2026-1005 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

CVE-2025-7067 affecting package hdf5 for versions less than 1.14.6-1

CVE-2025-7067 affecting package hdf5 for versions less than 1.14.6-1. A patched version of the package is available...

CVE-2025-6816 affecting package hdf5 for versions less than 1.14.6-1

CVE-2025-6816 affecting package hdf5 for versions less than 1.14.6-1. A patched version of the package is available...

CVE-2025-2310 affecting package hdf5 for versions less than 1.14.6-1

CVE-2025-2310 affecting package hdf5 for versions less than 1.14.6-1. A patched version of the package is available...

CVE-2025-66557 Nextcloud Deck app allowed user with "Can share" permission to modify permissions of other non-owners

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.14.6 and 1.15.2, a bug in the permission logic allowed users with "Can share" permission to modify the permissions of other recipients. This...

EUVD-2025-201465

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.14.6 and 1.15.2, a bug in the permission logic allowed users with "Can share" permission to modify the permissions of other recipients. This...

CVE-2025-66557 Nextcloud Deck app allowed user with "Can share" permission to modify permissions of other non-owners

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.14.6 and 1.15.2, a bug in the permission logic allowed users with "Can share" permission to modify the permissions of other recipients. This...

PT-2025-49299

Name of the Vulnerable Software and Affected Versions Nextcloud Deck versions prior to 1.14.6 Nextcloud Deck versions prior to 1.15.2 Description Nextcloud Deck is a kanban style organization tool for personal and team project management integrated with Nextcloud. A flaw in the permission logic...

Nextcloud Desktop Client 访问控制错误漏洞

Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. An access control error vulnerability exists in Nextcloud Desktop Client versions prior to 1.14.6 and prior to 1.15.2, which stems from an error in the permissions logic and could lead to misuse ...

EUVD-2025-8637

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-6817

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5Cloadentry of the file /src/H5Centry.c. T...