CVE-2025-2914

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...

HDF5 安全漏洞

HDF5 is a library of HDF open source . HDF5 has a double release vulnerability, which originates from the double release of the parameter mem of the function H5MMrealloc in the file src/H5MM.c. There are no detailed vulnerability details provided...

HDF5 安全漏洞

HDF5 is an HDF open source library. A security vulnerability exists in HDF5 1.14.6 and earlier versions, which stems from a heap buffer overflow in the H5Omsgflush function and requires local access...

HDF5 资源管理错误漏洞

HDF5 Hierarchical Data Format version 5 is an open source library and file format for storing and organizing large amounts of data. The HDF5 H5FLblkgclist function releases a post heap usage vulnerability that can be exploited by an attacker to cause out-of-bounds reads and potentially crash an...

HDF5 安全漏洞

HDF5 is a library of HDF open source . HDF5 has a buffer overflow vulnerability , the vulnerability stems from the H5Faddrencodelen function fails to correctly validate the length of the input data size , an attacker can use this vulnerability to cause a denial of service...

HDF5 安全漏洞

HDF5 Hierarchical Data Format version 5 is an open source library and file format for storing and organizing large amounts of data. A buffer overflow vulnerability exists in the HDF5 H5FSsinfoserializesectcb function. The vulnerability stems from the function failing to properly check buffer...

HDF5 H5T__bit_copy function buffer overflow vulnerability

HDF5 is a library of HDF open source . HDF5 has a buffer overflow vulnerability , the vulnerability stems from the H5Tbitcopy function fails to correctly validate the length of the input data size , an attacker can use this vulnerability to cause a denial of service...

HDF5 H5MM_strndup function buffer overflow vulnerability

HDF5 is a library of HDF open source . HDF5 has a buffer overflow vulnerability , the vulnerability stems from the H5MMstrndup function fails to correctly validate the length of the input data size , an attacker can use this vulnerability to cause a denial of service...

AnythingLLM 安全漏洞

AnythingLLM is an all-in-one AI application open-sourced by Mintplex. A security vulnerability exists in version 6dc3642 of AnythingLLM, which stems from an unauthenticated denial of service in the API embedded in the chat functionality, which allows an attacker to cause the server to crash by...

ChuanhuChatGPT 安全漏洞

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. A denial of service vulnerability exists in ChuanhuChatGPT version 20240918, which can be exploited by an attacker to cause the system to...

SUSE CVE-2025-2309

A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5Tbitcopy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclos...

SUSE CVE-2025-2310

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

DEBIAN-CVE-2025-2310

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

AZL-58825 CVE-2025-2310 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

DEBIAN-CVE-2025-2308

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Zscaleoffsetdecompressonebyte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed...

UBUNTU-CVE-2025-2310

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

Deserialization of Untrusted Data

Overview qiskit-terra is a Software for developing quantum computing programs Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialization of QPY files containing malformed symengine serialization streams. An attacker can terminate the process by...

Astra Linux – Vulnerability in hdf5

HDF5 through 1.14.3 contains a heap buffer overflow issue in H5Aattrreleasetable, which leads to the corruption of the instruction pointer and causes denial of service or potential code execution...

Astra Linux – Vulnerability in hdf5

A buffer overflow in H5Olayoutencode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service through a crafted HDF5 file. This issue was triggered during the repacking of an HDF5 file, also known as “Invalid write of size 2.”...

firefox: Compartment mismatch when parsing JavaScript JSON module

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Parsing a JavaScript module as JSON could, under some circumstances, cause cross-compartment access, which may result in a use-after-free...