CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

OSV•added 2026/04/29 1:21 p.m.•4 views

JLSEC-2026-316

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HGread in H5HG.c called from H5VLnativeblobget in H5VLnativeblob.c, resulting in the corruption of the instruction pointer...

9.8CVSS8.8AI score0.00577EPSS

Exploits0References2

OSV•added 2026/04/29 1:21 p.m.•4 views

JLSEC-2026-324

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Tconvstructopt in H5Tconv.c...

8.8CVSS8.6AI score0.006EPSS

Exploits0References2

Cvelist•added 2026/04/09 7:1 p.m.•16 views

CVE-2026-34734 HDF5: H5T__conv_struct Use After Free

HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-free. The freed object is referenced in a memmove call from H5Tconvstruct. The original object was...

7.8CVSS0.0002EPSS

Exploits1References1

OSV•added 2026/01/16 12:0 p.m.•2 views

OESA-2026-1131 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

8.8CVSS6.1AI score0.00308EPSS

Exploits20References21

Tenable Nessus•added 2025/08/11 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2025-2912

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file...

5.3CVSS4.7AI score0.00143EPSS

Exploits1References3

Snyk•added 2025/06/28 11:31 a.m.•1 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the H5Ochunkdeserialize function. An attacker can cause excessive resource consumption by providing specially crafted input that triggers repeated processing within this function. Remediation A f...

4.8CVSS4.1AI score0.00145EPSS

Exploits1References3

SUSE CVE•added 2025/03/17 2:17 p.m.•1 views

SUSE CVE-2025-2309

A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5Tbitcopy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclos...

7.8CVSS5.3AI score0.00051EPSS

Exploits1References3

OSV•added 2024/11/08 3:6 p.m.•1 views

OESA-2024-2339 hdf5 security update

9.8CVSS8AI score0.0094EPSS

Exploits2References37

OSV•added 2024/05/14 3:38 p.m.•0 views

UBUNTU-CVE-2024-33877

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Tconvstructopt in H5Tconv.c...

8.8CVSS7.3AI score0.006EPSS

Exploits0References3

OSV•added 2024/05/14 3:36 p.m.•1 views

DEBIAN-CVE-2024-32623

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VMarrayfill in H5VM.c called from H5Sselectelements in H5Spoint.c...

8.8CVSS8.6AI score0.006EPSS

Exploits0References1

OSV•added 2024/05/14 3:15 p.m.•1 views

DEBIAN-CVE-2024-29158

HDF5 through 1.14.3 contains a stack buffer overflow in H5FLarrmalloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

7.4CVSS8.3AI score0.00072EPSS

Exploits0References1

SUSE CVE•added 2024/05/14 3:32 a.m.•2 views

SUSE CVE-2024-32608

HDF5 library through 1.14.3 has memory corruption in H5Aclose resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

5.7CVSS7.8AI score0.0094EPSS

Exploits0References6

Positive Technologies•added 2024/05/09 12:0 a.m.•2 views

PT-2024-6196 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions 1.14.3 and earlier Description: The issue is related to a heap-based buffer overflow in the H5HG read function in H5HG.c, which is called from H5VL native blob get in H5VLnative blob.c. This results in the corruption of...

9.8CVSS8AI score0.00577EPSS

Exploits0References14

Positive Technologies•added 2024/05/09 12:0 a.m.•0 views

PT-2024-6189 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to a heap buffer overflow in the H5S point deserialize function located in the H5Spoint.c file of the HDF5 Library. This overflow can be exploited by a remote attacker to...

9CVSS8AI score0.00076EPSS

Exploits0References13

OSV•added 2023/02/03 6:15 p.m.•0 views

UBUNTU-CVE-2021-37501

Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5toolsstrsprint in /hdf5/tools/lib/h5toolsstr.c...

7.5CVSS7AI score0.00143EPSS

Exploits1References4

OSV•added 2018/09/24 2:29 p.m.•1 views

DEBIAN-CVE-2018-17432

A NULL pointer dereference in H5Osdspaceencode in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file...

6.5CVSS6.6AI score0.00755EPSS

Exploits1References1

OSV•added 2018/07/13 2:29 a.m.•1 views

DEBIAN-CVE-2018-14034

An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5Oplinereset in H5Opline.c...

8.8CVSS7AI score0.00376EPSS

Exploits0References1