SUSE CVE-2019-16091

Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c...

SUSE CVE-2020-10809

An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service...

SUSE CVE-2020-10810

An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5ACunpinentry located in H5AC.c. It allows an attacker to cause Denial of Service...

SUSE CVE-2021-46242

HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5ACunpinentry...

UBUNTU-CVE-2021-37501

Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5toolsstrsprint in /hdf5/tools/lib/h5toolsstr.c...

HDF Group HDF5 缓冲区错误漏洞

HDF Group HDF5 is a suite of tools for managing and storing different types of data from HDF Group, USA. The product supports managing, manipulating, viewing and analyzing data and generating files in portable formats. A buffer error vulnerability exists in HDF Group HDF5 hdf5-h5dump versions...

samtools htsjdk license issue vulnerability

htsjdk is a samtools open source a Java API for high-throughput sequencing data HTS format . An authorization issue exists in htsjdk 3.0.1 and earlier versions com.github.samtools.The vulnerability is due to the createTempDir function in util/IOUtil, which creates a temporary file in a directory...

UBUNTU-CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

The vulnerability of the decompress.c component in the HDF5 libhdf5 library allows a hacker to execute arbitrary code on the target system.

The vulnerability of the decompress.c component in the HDF5 libhdf5 library is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code on the target system by having the user open a specially created malicious GIF...

The vulnerability of the ReadGifHeader() function in the HDF5 library libhdf5 allows a hacker to execute arbitrary code on the target system.

The vulnerability of the ReadGifHeader function in the HDF5 library libhdf5 is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code on the target system by having the user open a specially created malicious GIF file...

DEBIAN-CVE-2022-26061

A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

UBUNTU-CVE-2022-25942

An out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

UBUNTU-CVE-2022-25972

An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

USN-5272-1 hdf5 vulnerabilities

It was discovered that HDF5 incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

CVE-2022-35411

rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON not Pickle is the default data format, an unauthenticated client can cause the data to be processed with unpickle...

nodejs-json-schema: Prototype pollution vulnerability

The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code...

libdwarf 缓冲区错误漏洞

libdwarf is a library and command line tool for reading and writing the DWARF2 standardized debug data format. A security vulnerability exists in libdwarf version 0.4.0, which stems from a heap-based buffer over-read in libdwarf...

DEBIAN-CVE-2021-46243

An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via the function H5Odtypedecodehelper at hdf5/src/H5Odtype.c. This vulnerability can lead to a Denial of Service DoS...

HDF5 数字错误漏洞

HDF5 is a suite of tools for managing and storing different types of data from HDF USA. The product supports managing, manipulating, viewing and analyzing data and generating files in portable formats. A security vulnerability exists in HDF5 v1.13.1-1, which can be exploited by an attacker to...

HDF5 代码问题漏洞

HDF5 is a suite of tools for managing and storing different types of data from HDF, Inc. The product supports managing, manipulating, viewing and analyzing data and generating files in a portable format. HDF5 v1.13.1-1 contains a security vulnerability that can be exploited by attackers to perfor...