Linux Distros Unpatched Vulnerability : CVE-2023-26819

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as a: true, b:...

Malicious code in @zalastax/nolb-json-x (npm)

The package @zalastax/nolb-json-x was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2025-2924

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HLfldeserialize of the file src/H5HLcache.c. T...

Linux Distros Unpatched Vulnerability : CVE-2025-2912

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file...

Linux Distros Unpatched Vulnerability : CVE-2025-2914

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The...

Repairing Vulnerabilities without Invisible Hands. a Differentiated Replication Study on LLMs

Background: Automated Vulnerability Repair AVR is a fast-growing branch of program repair. Recent studies show that large language models LLMs outperform traditional techniques, extending their success beyond code generation and fault detection. Hypothesis: These gains may be driven by hidden...

GHSA-XWMG-2G98-W7V9 Nimbus JOSE + JWT is vulnerable to DoS attacks when processing deeply nested JSON

Connect2id Nimbus JOSE + JWT before 10.0.2 allows a remote attacker to cause a denial of service via a deeply nested JSON object supplied in a JWT claim set, because of uncontrolled recursion. NOTE: this is independent of the Gson 2.11.0 issue because the Connect2id product could have checked the...

SUSE CVE-2025-6818

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5Ochunkprotect of the file /src/H5Ochunk.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may ...

Uncontrolled Recursion

Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to Uncontrolled Recursion via the JSONReader process. An attacker can cause the application to crash by submitting deeply nested JSON structures, resulting in a stack overflow and...

DEBIAN-CVE-2025-7069

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FSsectlinksize of the file src/H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to t...

AZL-65208 CVE-2025-7067 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5FSsinfoserializenodecb of the file src/H5FScache.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed ...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the H5FSsinfoserializenodecb function. An attacker can cause a denial of service by triggering a heap-based buffer overflow through local access. Remediation A fix was pushed into the master branch but not...

HDF5 安全漏洞

HDF5 is a library of HDF open source . HDF5 1.14.6 version of the existence of a buffer overflow vulnerability , the vulnerability stems from the file src/H5FScache.c function H5FSsinfoserializenodecb fails to correctly validate the length of the input data size , a remote attacker can be used to...

HDF5 安全漏洞

HDF5 is a library of HDF open source . HDF5 version 1.14.6 there is a buffer overflow vulnerability , the vulnerability stems from the file src/H5FSsection.c function H5FSsectlinksize failed to correctly validate the length of the input data size , a remote attacker can use this vulnerability on...

SUSE CVE-2025-6856

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FLreggclist of the file src/H5FL.c. The manipulation leads to use after free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

AZL-64407 CVE-2025-6858 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5Cflushsingleentry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the publi...

DEBIAN-CVE-2025-6856

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FLreggclist of the file src/H5FL.c. The manipulation leads to use after free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

UBUNTU-CVE-2025-6857

A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5Gnodecmp3 of the file src/H5Gnode.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been...

UBUNTU-CVE-2025-6856

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FLreggclist of the file src/H5FL.c. The manipulation leads to use after free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

HDF5 安全漏洞

HDF5 is a library of HDF open source . HDF5 version 1.14.6 there is a buffer overflow vulnerability , the vulnerability stems from the file src/H5Gnode.c function H5Gnodecmp3 fails to correctly validate the length of the input data size , a remote attacker can use this vulnerability on the system...