CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

Astra Linux - уязвимость в netcdf

A issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlinternaldtd, when parsing a crafted XML file, performs incorrect memory handling, resulting in a NULL pointer being dereferenced while running strcmp on a NULL pointer...

Astra Linux - уязвимость в netcdf

The ezxmltoxml function in ezxml 0.8.6 and earlier is vulnerable to out-of-band OOB writes when opening an XML file after exhausting the memory pool...

Astra Linux - уязвимость в netcdf

The ezxmlnew function in ezXML 0.8.6 and earlier is vulnerable to OOB write attacks when opening an XML file after exhausting the memory pool...

Astra Linux - уязвимость в netcdf

A issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxmlparse functions improperly handle XML entities, resulting in an infinite loop where memory allocation occurs...

Astra Linux - уязвимость в netcdf

A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, during the parsing of a crafted XML file, performs incorrect memory handling, resulting in an over-reading of the heap-based buffer in the “normalize line endings” feature...

Linux Distros Unpatched Vulnerability : CVE-2025-14933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NSF Unidata NetCDF-C NC Variable Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the parsing of dimension names. An attacker can achieve arbitrary code execution by enticing a user to open a specially crafted file or visit a malicious page, which leads to improper validation of...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the parsing of variable names due to insufficient validation of the length of user-supplied data before copying it into a fixed-length stack-based buffer. An attacker can achieve arbitrary code execution b...

CVE-2025-14936 NSF Unidata NetCDF-C Attribute Name Stack-based Buffer Overflow Remote Code Execution Vulnerability

NSF Unidata NetCDF-C Attribute Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NSF Unidata NetCDF-C. User interaction is required to exploit this vulnerability in that the targe...

NSF Unidata NetCDF-C 安全漏洞

NSF Unidata NetCDF-C is a tool for processing NetCDF files from NSF Unidata, USA. A security vulnerability exists in NSF Unidata NetCDF-C that stems from a lack of validation of the length of user-supplied data when parsing time units, which could lead to a stack buffer overflow and remote code...

NSF Unidata NetCDF-C 安全漏洞

NSF Unidata NetCDF-C is a tool for processing NetCDF files from NSF Unidata, USA. A security vulnerability exists in NSF Unidata NetCDF-C that stems from a lack of validation of the length of user-supplied data when parsing attribute names, which could lead to a stack buffer overflow and remote...

UBUNTU-CVE-2019-25050

netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4getatt called from nc4getatttc and ncgetatttext and in uffdcleanup called from netCDFDataset::netCDFDataset and netCDFDataset::netCDFDataset...

CVE-2019-25050

CVE-2019-25050 affects netCDF in GDAL 2.4.2 through 3.0.4. The issue is a stack-based buffer overflow in two code paths: nc4_get_att (invoked via nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (invoked from the netCDFDataset destructor). The connected documents consistently describe the ...