Total
119 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-32614 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 8.8 HIGH |
| HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c. | |||||
| CVE-2024-32615 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 9.8 CRITICAL |
| HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Z__nbit_decompress_one_byte in H5Znbit.c, caused by the earlier use of an initialized pointer. | |||||
| CVE-2024-32616 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 7.4 HIGH |
| HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5O__dtype_encode_helper in H5Odtype.c. | |||||
| CVE-2024-32617 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 8.8 HIGH |
| HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MM_xstrdup in H5MM.c (called from H5G__ent_to_link in H5Glink.c). | |||||
| CVE-2024-32618 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 7.4 HIGH |
| HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__get_native_type in H5Tnative.c, resulting in the corruption of the instruction pointer. | |||||
| CVE-2024-29165 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 7.4 HIGH |
| HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_fletcher32, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | |||||
| CVE-2024-29161 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 8.8 HIGH |
| HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | |||||
| CVE-2024-29160 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 7.4 HIGH |
| HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_heap_deserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | |||||
| CVE-2024-29159 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 9.8 CRITICAL |
| HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_scaleoffset, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | |||||
| CVE-2024-29158 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 7.4 HIGH |
| HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | |||||
| CVE-2024-29162 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 7.4 HIGH |
| HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in H5HG_read, resulting in denial of service or potential code execution. | |||||
| CVE-2024-29163 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 7.4 HIGH |
| HDF5 through 1.14.3 contains a heap buffer overflow in H5T__bit_find, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | |||||
| CVE-2024-29164 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 9.8 CRITICAL |
| HDF5 through 1.14.3 contains a stack buffer overflow in H5R__decode_heap, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | |||||
| CVE-2024-29157 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 9.8 CRITICAL |
| HDF5 through 1.14.3 contains a heap buffer overflow in H5HG_read, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | |||||
| CVE-2025-2926 | 1 Hdfgroup | 1 Hdf5 | 2025-04-17 | 1.7 LOW | 3.3 LOW |
| A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5O__cache_chk_serialize of the file src/H5Ocache.c. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2924 | 1 Hdfgroup | 1 Hdf5 | 2025-04-17 | 1.7 LOW | 3.3 LOW |
| A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2925 | 1 Hdfgroup | 1 Hdf5 | 2025-04-17 | 1.7 LOW | 3.3 LOW |
| A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MM_realloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2915 | 1 Hdfgroup | 1 Hdf5 | 2025-04-14 | 1.7 LOW | 3.3 LOW |
| A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5F__accum_free of the file src/H5Faccum.c. The manipulation of the argument overlap_size leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2016-4330 | 1 Hdfgroup | 1 Hdf5 | 2025-04-12 | 6.9 MEDIUM | 8.6 HIGH |
| In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution. | |||||
| CVE-2016-4333 | 1 Hdfgroup | 1 Hdf5 | 2025-04-12 | 6.9 MEDIUM | 8.6 HIGH |
| The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the array when initializing it. | |||||