562 matches found
JLSEC-2026-293
HDF5 through 1.14.3 contains a heap buffer overflow in H5HGcacheheapdeserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
JLSEC-2026-344
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5Cloadentry of the file /src/H5Centry.c. The manipulation leads to resource consumption. The attack needs to be approached locally. The exploit has been disclosed to the public an...
JLSEC-2026-341
A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5Faddrdecodelen of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to...
JLSEC-2026-321
HDF5 Library through 1.14.3 has a heap buffer overflow in H5Omtimenewencode in H5Omtime.c...
JLSEC-2026-316
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HGread in H5HG.c called from H5VLnativeblobget in H5VLnativeblob.c, resulting in the corruption of the instruction pointer...
JLSEC-2026-302
HDF5 Library through 1.14.3 has a SEGV in H5Aclose in H5Aint.c, resulting in the corruption of the instruction pointer...
JLSEC-2026-312
HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MMxstrdup in H5MM.c called from H5Genttolink in H5Glink.c...
JLSEC-2026-297
HDF5 through 1.14.3 contains a stack buffer overflow in H5Rdecodeheap, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
JLSEC-2026-331
A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...
JLSEC-2026-335
A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MMrealloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to th...
JLSEC-2026-329
A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The...
JLSEC-2026-324
HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Tconvstructopt in H5Tconv.c...
JLSEC-2026-350
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...
JLSEC-2026-298
HDF5 through 1.14.3 contains a buffer overflow in H5Zfilterfletcher32, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
JLSEC-2026-292
HDF5 through 1.14.3 contains a buffer overflow in H5Zfilterscaleoffset, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...
CVE-2026-41607 Apache Thrift: C++ JSON OOB read
Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
EUVD-2026-21406
HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition in the H5Trefmemsetnull method. This can lead to a denial-of-service condition, and potentially further issues such as remote...
PT-2026-31938
HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition in the H5T ref mem setnull method. This can lead to a denial-of-service condition, and potentially further issues such as...
CVE-2026-34734
A flaw was found in the HDF5 software, specifically in the h5dump helper utility. An attacker can exploit this vulnerability by providing a specially crafted HDF5 file, leading to a heap-use-after-free condition. This flaw can result in arbitrary code execution, allowing the attacker to take...
CVE-2026-34734
HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-free. The freed object is referenced in a memmove call from H5Tconvstruct. The original object was...