15 matches found
JLSEC-2026-340
A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FSsectfindnode of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...
CVE-2023-54178
In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix null pointer dereferencing in ofunittestfindnodebyname when kmalloc fail to allocate memory in kasprintf, name or fullname will be NULL, strcmp will cause null pointer dereference...
PT-2025-54007
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to null pointer dereferencing within the of unittest find node by name function. Specifically, if kmalloc fails to allocate memory during the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986893)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986893 advisory. In the Linux kernel, the following vulnerability has been resolved: Input: sparcspkr - fix refcount leak in bbcbeepprobe offindnodebypath calls offindnodeoptsbypath,...
HDF5 H5FSsection.c H5FS__sect_find_node heap-based overflow
...
SUSE CVE-2025-6270
A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FSsectfindnode of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...
DEBIAN-CVE-2025-6270
A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FSsectfindnode of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...
UBUNTU-CVE-2025-6270
A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FSsectfindnode of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the H5FSsectfindnode function. An attacker can execute arbitrary code or cause a denial of service by providing specially crafted input that triggers a heap-based buffer overflow. Remediation A fix was...
SUSE CVE-2017-6891
Two errors in the "asn1findnode" function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility...
CVE-2020-10137
Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FINDNODEINRANGE frames, allowing a remote, unauthenticated attacker to inject a FINDNODEINRANGE frame with an invalid random payload, denying service by blocking the processing of upcoming...
openstack-ironic-inspector SQL Injection Vulnerability
openstack-ironic-inspector is a hardware inspection daemon. The program is mainly used to inspect the hardware properties of nodes managed by OpenStack Ironic. A SQL injection vulnerability exists in the 'nodecache.findnode' function in openstack-ironic-inspector. The vulnerability stems from a...
openstack-ironic-inspector: SQL Injection vulnerability when receiving introspection data
A SQL-injection vulnerability was found in openstack-ironic-inspector's nodecache.findnode. This function makes a SQL query using unfiltered data from a server reporting inspection results by a POST to the /v1/continue endpoint. Because the API is unauthenticated, the flaw could be exploited by a...
GnuTLS libtasn1 "asn1_find_node()" buffer overflow vulnerability
Libtasn1 is the ASN.1 library used by GnuTLS. A buffer overflow vulnerability exists in the "asn1findnode" function in lib/parseraux.c in the GnuTLS libtasn1, which could allow an attacker to stack buffer overflows by tricking the user into processing specially designed job files through utilitie...
Out-of-bounds
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service out-of-bounds read operation via a crafted packet that triggers a certain Find Node check attempt...