Lucene search
K

321 matches found

Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-12480 Arbitrary HDF5 File Read via Virtual Dataset Bypass in keras-team/keras

Keras versions up to and including 3.13.2 are vulnerable to an arbitrary HDF5 file read due to an incomplete fix for CVE-2026-1669. The vulnerability resides in the H5IOStore.verifydataset and fileeditor.py methods, which fail to check the dataset.isvirtual property of HDF5 datasets. This allows ...

5.5CVSS0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in hdf5

A memory leak in the H5Odtypedecodehelper function within H5Odtype.c in the HDF HDF5 library from version 1.10.3 allows attackers to cause a denial of service due to excessive memory consumption, through an exploitable HDF5 file...

6.5CVSS7AI score0.01494EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in hdf5

A memory leak in the H5Ochunkdeserialize function within H5Ocache.c, part of the HDF HDF5 library, from version 1.10.3 allows attackers to cause a denial of service due to excessive memory consumption through an exploitable HDF5 file...

6.5CVSS7AI score0.01494EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in hdf5

A SIGFPE signal was raised in the function H5Dchunksetinforeal of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempt to parse a crafted HDF file, due to incorrect protection against division by zero. This issue is distinct from CVE-2018-11207...

6.5CVSS7.1AI score0.01487EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in hdf5

A violation of bounds was detected in H5Ofillnewdecode and H5Ofillolddecode within H5Ofill.c in the HDF HDF5 1.10.2 library. This could allow a remote denial of service or information disclosure attack...

8.1CVSS6.8AI score0.02948EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux - уязвимость в hdf5

A issue was discovered in HDF5 through version 1.12.0. There is a heap-based buffer over-read in the function H5Olayoutdecode, located in H5Olayout.c. This allows an attacker to cause a Denial of Service attack...

5.5CVSS6.9AI score0.0144EPSS
Exploits1References2
Redos
Redos
added 2026/05/12 12:0 a.m.9 views

ROS-20260512-73-0011

Vulnerability in hdf5 related to memory usage after memory release. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

7.8CVSS6.2AI score0.00193EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017777)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017777 advisory. Memory leak in the H5Odtypedecodehelper function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service memory consumptio...

6.5CVSS5.8AI score0.01494EPSS
Exploits1References4
OSV
OSV
added 2026/05/09 12:33 p.m.9 views

OESA-2026-2262 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

7.8CVSS5.4AI score0.00364EPSS
Exploits1References2
OSV
OSV
added 2026/05/09 12:33 p.m.7 views

OESA-2026-2261 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

7.8CVSS5.5AI score0.00364EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/05/07 8:16 p.m.9 views

CVE-2026-8088

A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the...

5.5CVSS5.4AI score0.00246EPSS
Exploits1References10
OSV
OSV
added 2026/04/29 1:21 p.m.7 views

JLSEC-2026-319

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Trefmemsetnull in H5Tref.c called from H5Tconvref in H5Tconv.c, resulting in the corruption of the instruction pointer...

7.4CVSS8.8AI score0.00638EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 1:21 p.m.6 views

JLSEC-2026-331

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...

4.8CVSS4.1AI score0.00255EPSS
Exploits1References4
OSV
OSV
added 2026/04/29 1:21 p.m.10 views

JLSEC-2026-346

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FLreggclist of the file src/H5FL.c. The manipulation leads to use after free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

7.8CVSS3.9AI score0.00198EPSS
Exploits1References5
OSV
OSV
added 2026/04/29 1:21 p.m.9 views

JLSEC-2026-336

A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5Ocachechkserialize of the file src/H5Ocache.c. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public a...

5.5CVSS3.6AI score0.00233EPSS
Exploits1References5
OSV
OSV
added 2026/04/29 1:21 p.m.6 views

JLSEC-2026-337

hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VMmemcpyvv function...

8.8CVSS5.6AI score0.00377EPSS
Exploits1References2
OSV
OSV
added 2026/04/29 1:21 p.m.10 views

JLSEC-2026-293

HDF5 through 1.14.3 contains a heap buffer overflow in H5HGcacheheapdeserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

7.4CVSS8.8AI score0.00223EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 1:21 p.m.8 views

JLSEC-2026-325

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SMdelete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is...

8.1CVSS4.7AI score0.00462EPSS
Exploits1References5
OSV
OSV
added 2026/04/29 1:21 p.m.9 views

JLSEC-2026-332

A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5Faccumfree of the file src/H5Faccum.c. The manipulation of the argument overlapsize leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been...

5.5CVSS3.8AI score0.00269EPSS
Exploits1References5
OSV
OSV
added 2026/04/29 1:21 p.m.8 views

JLSEC-2026-323

HDF5 Library through 1.14.3 has a heap buffer overflow in H5Spointdeserialize in H5Spoint.c...

5.7CVSS8.6AI score0.00227EPSS
Exploits0References2
Rows per page
Query Builder