Lucene search
K

562 matches found

OSV
OSV
added 2026/04/29 1:21 p.m.10 views

JLSEC-2026-293

HDF5 through 1.14.3 contains a heap buffer overflow in H5HGcacheheapdeserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

7.4CVSS8.8AI score0.00223EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 1:21 p.m.7 views

JLSEC-2026-344

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5Cloadentry of the file /src/H5Centry.c. The manipulation leads to resource consumption. The attack needs to be approached locally. The exploit has been disclosed to the public an...

4.8CVSS3.4AI score0.00188EPSS
Exploits1References6
OSV
OSV
added 2026/04/29 1:21 p.m.9 views

JLSEC-2026-341

A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5Faddrdecodelen of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to...

7.8CVSS5.1AI score0.00303EPSS
Exploits1References5
OSV
OSV
added 2026/04/29 1:21 p.m.9 views

JLSEC-2026-321

HDF5 Library through 1.14.3 has a heap buffer overflow in H5Omtimenewencode in H5Omtime.c...

9.8CVSS8.1AI score0.00927EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 1:21 p.m.10 views

JLSEC-2026-316

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HGread in H5HG.c called from H5VLnativeblobget in H5VLnativeblob.c, resulting in the corruption of the instruction pointer...

9.8CVSS8.8AI score0.00927EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 1:21 p.m.7 views

JLSEC-2026-302

HDF5 Library through 1.14.3 has a SEGV in H5Aclose in H5Aint.c, resulting in the corruption of the instruction pointer...

5.7CVSS8.4AI score0.00234EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 1:21 p.m.6 views

JLSEC-2026-312

HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MMxstrdup in H5MM.c called from H5Genttolink in H5Glink.c...

8.8CVSS8.5AI score0.00814EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 1:21 p.m.10 views

JLSEC-2026-297

HDF5 through 1.14.3 contains a stack buffer overflow in H5Rdecodeheap, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

9.8CVSS8.8AI score0.00865EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 1:21 p.m.8 views

JLSEC-2026-331

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...

4.8CVSS4.1AI score0.00255EPSS
Exploits1References4
OSV
OSV
added 2026/04/29 1:21 p.m.7 views

JLSEC-2026-335

A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MMrealloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to th...

5.5CVSS4.5AI score0.00242EPSS
Exploits1References5
OSV
OSV
added 2026/04/29 1:21 p.m.9 views

JLSEC-2026-329

A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The...

5.3CVSS4AI score0.00255EPSS
Exploits1References4
OSV
OSV
added 2026/04/29 1:21 p.m.8 views

JLSEC-2026-324

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Tconvstructopt in H5Tconv.c...

8.8CVSS8.6AI score0.0092EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 1:21 p.m.7 views

JLSEC-2026-350

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

5.5CVSS3.8AI score0.00194EPSS
Exploits1References6
OSV
OSV
added 2026/04/29 1:21 p.m.11 views

JLSEC-2026-298

HDF5 through 1.14.3 contains a buffer overflow in H5Zfilterfletcher32, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

7.4CVSS8.9AI score0.00234EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 1:21 p.m.12 views

JLSEC-2026-292

HDF5 through 1.14.3 contains a buffer overflow in H5Zfilterscaleoffset, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

9.8CVSS8.9AI score0.00917EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/28 9:21 a.m.7 views

CVE-2026-41607 Apache Thrift: C++ JSON OOB read

Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

5.2AI score0.00967EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/10 3:35 p.m.6 views

EUVD-2026-21406

HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition in the H5Trefmemsetnull method. This can lead to a denial-of-service condition, and potentially further issues such as remote...

5.5CVSS6.7AI score0.00213EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.6 views

PT-2026-31938

HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition in the H5T ref mem setnull method. This can lead to a denial-of-service condition, and potentially further issues such as...

5.5CVSS6.7AI score0.00213EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/09 11:52 p.m.6 views

CVE-2026-34734

A flaw was found in the HDF5 software, specifically in the h5dump helper utility. An attacker can exploit this vulnerability by providing a specially crafted HDF5 file, leading to a heap-use-after-free condition. This flaw can result in arbitrary code execution, allowing the attacker to take...

7.8CVSS6.1AI score0.00193EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/04/09 8:16 p.m.7 views

CVE-2026-34734

HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-free. The freed object is referenced in a memmove call from H5Tconvstruct. The original object was...

7.8CVSS5.7AI score0.00193EPSS
Exploits1References2
Rows per page
Query Builder