Filtered by vendor Hdfgroup
Subscriptions
Total
106 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4331 | 1 Hdfgroup | 1 Hdf5 | 2025-04-12 | N/A |
| When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution. | ||||
| CVE-2016-4332 | 1 Hdfgroup | 1 Hdf5 | 2025-04-12 | N/A |
| The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library. | ||||
| CVE-2016-4333 | 1 Hdfgroup | 1 Hdf5 | 2025-04-12 | N/A |
| The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the array when initializing it. | ||||
| CVE-2021-37501 | 2 Hdfgroup, Redhat | 2 Hdf5, Enterprise Linux Ai | 2025-03-26 | 7.5 High |
| Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c. | ||||
| CVE-2024-32608 | 2 Hdfgroup, Redhat | 2 Hdf5, Enterprise Linux Ai | 2025-03-25 | 9.8 Critical |
| HDF5 library through 1.14.3 has memory corruption in H5A__close resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||||
| CVE-2025-2153 | 1 Hdfgroup | 1 Hdf5 | 2025-03-21 | 5 Medium |
| A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2017-17506 | 1 Hdfgroup | 1 Hdf5 | 2025-03-18 | 6.5 Medium |
| In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file. | ||||
| CVE-2018-13873 | 1 Hdfgroup | 1 Hdf5 | 2025-03-18 | 9.8 Critical |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5O_chunk_deserialize in H5Ocache.c. | ||||
| CVE-2022-26061 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 7.8 High |
| A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-25972 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 7.8 High |
| An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-46244 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 6.5 Medium |
| A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS). | ||||
| CVE-2021-46243 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 6.5 Medium |
| An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via the function H5O__dtype_decode_helper () at hdf5/src/H5Odtype.c. This vulnerability can lead to a Denial of Service (DoS). | ||||
| CVE-2021-46242 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 8.8 High |
| HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry. | ||||
| CVE-2021-45833 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 5.5 Medium |
| A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent). | ||||
| CVE-2021-45832 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 5.5 Medium |
| A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent). | ||||
| CVE-2021-45830 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 5.5 Medium |
| A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service. | ||||
| CVE-2021-45829 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 5.5 Medium |
| HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service. | ||||
| CVE-2020-18494 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 8.8 High |
| Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file. | ||||
| CVE-2020-18232 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 8.8 High |
| Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file. | ||||
| CVE-2020-10812 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 5.5 Medium |
| An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service. | ||||