PT-2018-12287 · Hdf +2 · Hdf5 +2

Name of the Vulnerable Software and Affected Versions: HDF5 version 1.8.20 Description: A heap-based buffer over-read issue was found in the H5T copy function in H5T.c. Recommendations: For version 1.8.20, consider applying a patch or fix to resolve the issue in the H5T copy function...

UBUNTU-CVE-2018-13866

An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer over-read in the function H5Faddrdecodelen in H5Fint.c...

UBUNTU-CVE-2018-13874

An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FDsec2read in H5FDsec2.c, related to HDmemset...

UBUNTU-CVE-2018-13875

An issue was discovered in the HDF HDF5 1.8.20 library. There is an out-of-bounds read in the function H5VMmemcpyvv in H5VM.c...

DEBIAN-CVE-2018-13870

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Olinkdecode in H5Olink.c...

UBUNTU-CVE-2018-13870

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Olinkdecode in H5Olink.c...

HDF5 'H5D__btree_decode_key' function divide by zero error vulnerability

HDF5 is a free suite of tools for managing the storage of different types of data that can be managed, manipulated, viewed, analyzed, and generated in portable formats. A security vulnerability exists in the 'H5Dbtreedecodekey' function in the H5Dbtree.c file in HDF5 version 1.10.2. A remote...

DEBIAN-CVE-2018-11202

A NULL pointer dereference was discovered in H5Shypermakespans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack...

UBUNTU-CVE-2018-11203

A division by zero was discovered in H5Dbtreedecodekey in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack...

DEBIAN-CVE-2018-11204

A NULL pointer dereference was discovered in H5Ochunkdeserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack...

UBUNTU-CVE-2018-11204

A NULL pointer dereference was discovered in H5Ochunkdeserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack...

NASA CFITSIO `ffghbn` and `ffghtb` Stack Overflow Code Execution Vulnerabilities

Summary Exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this...

NASA CFITSIO Multiple Stack Overflow Code Execution Vulnerabilities

Summary Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigg...

[SECURITY] Fedora 28 Update: cfitsio-3.430-1.fc28

CFITSIO is a library of C and FORTRAN subroutines for reading and writing data files in FITS Flexible Image Transport System data format. CFITSIO simplifies the task of writing software that deals with FITS files by providing an easy to use set of high-level routines that insulate the programmer...

HDF5 Out-of-Bounds Write Vulnerability

HDF5 is a free suite of tools for managing the storage of different types of data that can be managed, manipulated, viewed, analyzed, and generated in portable formats. An out-of-bounds write vulnerability exists in the 'H5Gentdecodevec' function of H5Gcache.c in libhdf5.a in HDF5 version 1.10.1...

HDF5 De-Zero Vulnerability

HDF5 is a free suite of tools for managing the storage of different types of data that can be managed, manipulated, viewed, analyzed, and generated in portable formats. A security vulnerability exists in the 'H5Tsetloc' function in the H5T.c file of the libhdf5.a text in HDF5 version 1.10.1. An...

DEBIAN-CVE-2017-17507

In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Tconvstructopt in H5Tconv.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file...

DEBIAN-CVE-2017-17509

In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5Gentdecodevec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file...

Pivotal Spring Data REST Remote Code Execution Vulnerability

Spring Data REST is part of the Spring Data project and enables building hypermedia-driven REST web services on top of the Spring Data repository. A remote code execution vulnerability exists in Pivotal Spring Data REST, which allows an attacker to perform a remote code execution attack by...

CVE-2017-11229

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format FDF...