CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

OSV•added 2026/04/29 1:21 p.m.•3 views

JLSEC-2026-318

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VMarrayfill in H5VM.c called from H5Sselectelements in H5Spoint.c...

8.8CVSS8.6AI score0.00912EPSS

Exploits0References2

Debian CVE•added 2025/11/07 8:32 p.m.•5 views

CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

7.8CVSS5.1AI score0.0014EPSS

Exploits0

BDU FSTEC•added 2024/09/17 12:0 a.m.•3 views

The vulnerability of the H5VM_array_fill() function in the H5VM.c file of the HDF5 library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the H5VMarrayfill function in the H5VM.c file of the HDF5 library is related to buffer overflow in the queue. Exploitation of this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

9CVSS7.8AI score0.00912EPSS

Exploits0References4Affected Software3

OSV•added 2024/05/14 3:36 p.m.•2 views

DEBIAN-CVE-2024-32623

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VMarrayfill in H5VM.c called from H5Sselectelements in H5Spoint.c...

8.8CVSS8.6AI score0.00912EPSS

Exploits0References1

SUSE CVE•added 2024/05/14 3:32 a.m.•2 views

SUSE CVE-2024-32623

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VMarrayfill in H5VM.c called from H5Sselectelements in H5Spoint.c...

8.8CVSS7.5AI score0.00912EPSS

Exploits0References3

Positive Technologies•added 2024/05/09 12:0 a.m.•4 views

PT-2024-6194 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions through 1.14.3 Description: The issue is related to a heap-based buffer overflow in the H5VM array fill function in the H5VM.c file of the HDF5 Library. This overflow can be triggered when the H5S select elements functio...

9CVSS7.9AI score0.00912EPSS

Exploits0References13

SUSE CVE•added 2023/02/15 6:8 a.m.•3 views

SUSE CVE-2008-2376

Integer overflow in the rbaryfill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service crash or possibly have unspecified other impact via a call to the Arrayfill method with a start aka beg argument greater than ARYMAXSIZE. NOTE: this...

7.5CVSS7.7AI score0.03601EPSS

Exploits0References3

Hacker One•added 2017/01/12 4:51 a.m.•16 views

shopify-scripts: Still heap overflow in mrb_ary_splice

The fix of 192362 is still crashed with a different PoC. I think the cause of this bug is the same and I missed the incomplete fix, so you may be able to skip rewards for this one. Cause If I set the tail value to a specific value, then I can maintain the array size. The original fix only checks...

6.9AI score

Exploits0

OpenVAS•added 2009/04/09 12:0 a.m.•33 views

Mandriva Update for ruby MDVSA-2008:140 (ruby)

Check for the Version of ruby OpenVAS Vulnerability Test Mandriva Update for ruby MDVSA-2008:140 ruby Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

10CVSS0.2AI score0.04456EPSS

Exploits2References2

RedHat Linux•added 2008/07/14 1:38 p.m.•4 views

ruby: integer overflows in rb_ary_fill() / Array#fill

7.5CVSS5.9AI score0.03601EPSS

Exploits0References4

RedHat Linux•added 2008/07/14 1:26 p.m.•6 views

ruby: integer overflows in rb_ary_fill() / Array#fill

7.5CVSS5.9AI score0.03601EPSS

Exploits0References4

Snyk•added 2008/07/09 12:41 a.m.•3 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. Integer overflow in the rbaryfill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service crash or possibly have unspecified other impact via a call to the...

7.5CVSS7.7AI score0.03601EPSS

Exploits0References2

NVD•added 2008/07/09 12:41 a.m.•10 views

CVE-2008-2376

7.5CVSS7.3AI score0.03601EPSS

Exploits0References28

Cvelist•added 2008/07/09 12:0 a.m.•13 views

CVE-2008-2376

7.3AI score0.03601EPSS

Exploits0References28

Positive Technologies•added 2008/07/09 12:0 a.m.•2 views

PT-2008-3855 · Ruby +1 · Ruby +1

Name of the Vulnerable Software and Affected Versions: Ruby versions prior to revision 17756 Description: The issue is related to an integer overflow in the rb ary fill function, which can be triggered by calling the Arrayfill method with a start argument greater than ARY MAX SIZE. This can lead ...

10CVSS7.9AI score0.04456EPSS

Exploits1References37

CVE•added 2008/07/09 12:0 a.m.•75 views

CVE-2008-2376

CVE-2008-2376 is an integer overflow in Ruby’s rb_ary_fill (array.c) that affects Ruby before revision 17756, allowing context-dependent attackers to cause a crash or potentially other impact via Array#fill when start (beg) > ARY_MAX_SIZE. The issue arises from an incomplete fix for related ov...

7.5CVSS7.3AI score0.03601EPSS

Exploits0References28Affected Software1

Tenable Nessus•added 2008/07/08 12:0 a.m.•31 views

Fedora 9 : ruby-1.8.6.230-4.fc9 (2008-6033)

Tue Jul 1 2008 Akira TAGOH - 1.8.6.230-4 - Backported from upstream SVN to fix a segfault issue with Arrayfill. - Mon Jun 30 2008 Akira TAGOH - 1.8.6.230-3 - Backported from upstream SVN to fix a segfault issue. 452825 - Backported from upstream SVN to fix an integer overflow in rbaryfill. - Wed...

10CVSS7.2AI score0.04456EPSS

Exploits2References3