CVSS: 7.4EPSS: %CPEs: -EXPL: 0CVE-2024-29160
https://notcve.org/view.php?id=CVE-2024-29160
HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_heap_deserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: %CPEs: -EXPL: 0CVE-2024-29159
https://notcve.org/view.php?id=CVE-2024-29159
HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_scaleoffset, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.4EPSS: %CPEs: -EXPL: 0CVE-2024-29158
https://notcve.org/view.php?id=CVE-2024-29158
HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: %CPEs: -EXPL: 0CVE-2024-29157
https://notcve.org/view.php?id=CVE-2024-29157
HDF5 through 1.14.3 contains a heap buffer overflow in H5HG_read, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-4871 – Foreman: host ssh key not being checked in remote execution
https://notcve.org/view.php?id=CVE-2024-4871
This flaw can lead to a man-in-the-middle attack (MITM), denial of service, leaking of secrets the remote execution job contains, or other issues that may arise from the attacker's ability to forge an SSH key. • https://access.redhat.com/security/cve/CVE-2024-4871 https://bugzilla.redhat.com/show_bug.cgi?id=2278627 https://access.redhat.com/errata/RHBA-2024:4589 • CWE-322: Key Exchange without Entity Authentication •