CVSS: 8.8EPSS: %CPEs: 10EXPL: 0CVE-2024-33873
https://notcve.org/view.php?id=CVE-2024-33873
14 May 2024 — HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c. La librería HDF5 hasta 1.14.3 tiene un desbordamiento de búfer de almacenamiento dinámico en H5D__scatter_mem en H5Dscatgath.c. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: %CPEs: 10EXPL: 0CVE-2024-33874
https://notcve.org/view.php?id=CVE-2024-33874
14 May 2024 — HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c. La librería HDF5 hasta 1.14.3 tiene un desbordamiento de búfer de almacenamiento dinámico en H5O__mtime_new_encode en H5Omtime.c. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.4EPSS: %CPEs: 10EXPL: 0CVE-2024-32619
https://notcve.org/view.php?id=CVE-2024-32619
14 May 2024 — HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the instruction pointer. La librería HDF5 hasta la versión 1.14.3 contiene un desbordamiento de búfer de almacenamiento dinámico en H5T_copy_reopen en H5T.c, lo que provoca la corrupción del puntero de instrucción. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.4EPSS: %CPEs: 10EXPL: 0CVE-2024-32620
https://notcve.org/view.php?id=CVE-2024-32620
14 May 2024 — HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5F_addr_decode_len in H5Fint.c, resulting in the corruption of the instruction pointer. La librería HDF5 hasta la versión 1.14.3 contiene un búfer basado en montón sobreleído en H5F_addr_decode_len en H5Fint.c, lo que provoca la corrupción del puntero de instrucción. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.0EPSS: %CPEs: 10EXPL: 0CVE-2024-32614
https://notcve.org/view.php?id=CVE-2024-32614
14 May 2024 — HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c. La librería HDF5 hasta 1.14.3 tiene un SEGV en H5VM_memcpyvv en H5VM.c. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-125: Out-of-bounds Read •
CVSS: 5.7EPSS: %CPEs: 10EXPL: 0CVE-2024-32610
https://notcve.org/view.php?id=CVE-2024-32610
14 May 2024 — HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, resulting in a corrupted instruction pointer. La librería HDF5 hasta la versión 1.14.3 tiene un SEGV en H5T_close_real en H5T.c, lo que genera un puntero de instrucción dañado. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-416: Use After Free •
CVSS: 5.7EPSS: %CPEs: 10EXPL: 0CVE-2024-29166
https://notcve.org/view.php?id=CVE-2024-29166
14 May 2024 — HDF5 through 1.14.3 contains a buffer overflow in H5O__linfo_decode, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. HDF5 hasta 1.14.3 contiene un desbordamiento del búfer en H5O__linfo_decode, lo que provoca la corrupción del puntero de instrucción y provoca denegación de servicio o posible ejecución de código. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: %CPEs: 10EXPL: 0CVE-2024-29161
https://notcve.org/view.php?id=CVE-2024-29161
14 May 2024 — HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. HDF5 hasta 1.14.3 contiene un desbordamiento de búfer de almacenamiento dinámico en H5A__attr_release_table, lo que provoca la corrupción del puntero de instrucción y provoca denegación de servicio o posible ejecución de código. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.4EPSS: %CPEs: 10EXPL: 0CVE-2024-29158
https://notcve.org/view.php?id=CVE-2024-29158
14 May 2024 — HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. HDF5 hasta 1.14.3 contiene un desbordamiento de búfer en la región stack de la memoria en H5FL_arr_malloc, lo que provoca la corrupción del puntero de instrucción y provoca denegación de servicio o posible ejecución de código. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.9EPSS: 0%CPEs: 25EXPL: 0CVE-2024-4317 – PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks
https://notcve.org/view.php?id=CVE-2024-4317
09 May 2024 — Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwise read or results of functions they cannot execute. Installing an unaffected version only fixes fresh PostgreSQL installations, namely those that are created with the initdb utility after installing that versi... • https://www.postgresql.org/support/security/CVE-2024-4317 • CWE-862: Missing Authorization •