HDF Group HDF5 安全漏洞

HDF Group HDF5 is a suite of tools for managing and storing different types of data from the American company HDF Group. The product supports managing, manipulating, viewing and analyzing data and generating files in portable formats. A security vulnerability exists in HDF5 Library version 1.14.3...

PT-2024-6189 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to a heap buffer overflow in the H5S point deserialize function located in the H5Spoint.c file of the HDF5 Library. This overflow can be exploited by a remote attacker to...

PT-2024-22773 · Hdf5 +1 · Hdf5 +1

Name of the Vulnerable Software and Affected Versions: HDF5 versions prior to 1.14.4 Description: The issue is a heap buffer overflow in the H5HG cache heap deserialize function, which can lead to the corruption of the instruction pointer. This can cause a denial of service or potentially allow f...

PT-2024-6204 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to a heap-based buffer over-read in the H5HL fl deserialize function located in the H5HLcache.c file of the HDF5 Library. This can potentially allow an attacker to impact...

PT-2024-6205 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to a heap-based buffer over-read in the H5HL fl deserialize function in the H5HLcache.c file of the HDF5 library. This can lead to the corruption of the instruction...

PT-2024-6196 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions 1.14.3 and earlier Description: The issue is related to a heap-based buffer overflow in the H5HG read function in H5HG.c, which is called from H5VL native blob get in H5VLnative blob.c. This results in the corruption of...

PT-2024-6206 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions 1.14.3 and earlier Description: The issue is related to the use of an uninitialized value in the H5A attr release table function in the H5Aint.c file of the HDF5 Library. This could potentially allow a remote attacker to...

PT-2024-6202 · Hdf5 +2 · Hdf5 +2

Name of the Vulnerable Software and Affected Versions: HDF5 versions prior to 1.14.3 Description: The issue is related to a heap-based buffer overflow in the H5Z nbit decompress one byte function in the H5Znbit.c file of the HDF5 library. This overflow is caused by the earlier use of an initializ...

PT-2024-6200 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to a heap-based buffer over-read caused by the unsafe use of strdup in H5MM xstrdup in H5MM.c, which can be exploited by a remote attacker to impact the confidentiality,...

编号撤回

libdwarf is a library and command line tool for reading and writing the DWARF2 standardized debug data format. This CVE number has been withdrawn...

libdwarf Resource Management Error Vulnerability

libdwarf is a library and command line tool for reading and writing DWARF2 standardized debug data format. A resource management error vulnerability exists in libdwarf that stems from the presence of a double release vulnerability...

PT-2024-40687 · Fasterxml · Jackson Dataformat Cbor

Name of the Vulnerable Software and Affected Versions: Jackson dataformat CBOR affected versions not specified Description: The issue is related to a security exception in the Jackson dataformat CBOR library. The crash occurs in the java.base/java.util.Arrays.copyOf method, which is called by...

Hyperledger Aries Cloud Agent Python Data Forgery Issue Vulnerability

Hyperledger Aries Cloud Agent Python is a tool for building the foundation of decentralized identity applications and services that run in non-mobile environments. A data forgery issue vulnerability exists in Hyperledger Aries Cloud Agent Python versions prior to 0.7.0, which stems from a data...

PT-2023-35641 · Fasterxml · Jackson-Dataformat-Xml

Name of the Vulnerable Software and Affected Versions: Jackson Dataformat YAML affected versions not specified Description: A security exception occurs in the Jackson Dataformat YAML library, specifically in the com.fasterxml.jackson.dataformat.yaml.YAMLParser class, when the currentName or...

The vulnerability of the H5Dchunk.c component in the HDF5 file processing library allows a attacker to cause a service failure.

The vulnerability of the H5Dchunk.c component in the HDF5 file processing library is related to the lack of checks for division by zero. Exploiting this vulnerability can allow a remote attacker to cause a service failure using a specially created HDF file...

UBUNTU-CVE-2020-18494

Buffer Overflow vulnerability in function H5Sclose in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file...

DEBIAN-CVE-2023-29451

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...

PT-2023-35865 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A heap buffer overflow issue has been identified, which can cause a crash. The crash occurs due to a WRITE 1 heap-buffer-overflow. Technical details about the issue include the involvement of...

CVE-2023-22970

Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file...

RosarioSIS Stores Sensitive Data in a Mechanism without Access Control

RosarioSIS prior to 11.0 allows anyone, regardless of authentication status, to download and view file attachments under the salaries module. In addition, the file names contain a date in a YYYY-MM-DD format and a random six-string digit, making enumerating file names with automated tools...