CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-2020-18232
https://notcve.org/view.php?id=CVE-2020-18232
22 Aug 2023 — Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file. • https://github.com/winson2004aa/PAAFS/tree/master/vul2 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-2020-18494
https://notcve.org/view.php?id=CVE-2020-18494
22 Aug 2023 — Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file. • https://github.com/magicSwordsMan/PAAFS/tree/master/vul12 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-37501 – hdf5: heap buffer overread
https://notcve.org/view.php?id=CVE-2021-37501
03 Feb 2023 — Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c. Update hdf5 and libaec to latest upstream version with several CVE fixes. • https://github.com/HDFGroup/hdf5 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-26061
https://notcve.org/view.php?id=CVE-2022-26061
22 Aug 2022 — A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en la funcionalidad gif2h5 de HDF5 Group libhdf5 versión 1.10.4. Un archivo GIF especialmente diseñado puede conllevar a una ejecución de código. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1487 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-25972
https://notcve.org/view.php?id=CVE-2022-25972
22 Aug 2022 — An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de escritura fuera de límites en la funcionalidad gif2h5 de HDF5 Group libhdf5 versión 1.10.4. Un archivo GIF especialmente diseñado puede conllevar a una ejecución de código. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1485 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-25942
https://notcve.org/view.php?id=CVE-2022-25942
22 Aug 2022 — An out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de lectura fuera de límites en la funcionalidad gif2h5 de HDF5 Group libhdf5 versión 1.10.4. Un archivo GIF especialmente diseñado puede conllevar a una ejecución de código. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1486 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2020-10809
https://notcve.org/view.php?id=CVE-2020-10809
22 Mar 2020 — An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service. Se detectó un problema en HDF5 versiones hasta 1.12.0. • https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/browse/release_docs/RELEASE.txt • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2020-10810
https://notcve.org/view.php?id=CVE-2020-10810
22 Mar 2020 — An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service. Se detectó un problema en HDF5 versiones hasta 1.12.0. Se presenta una desreferencia del puntero NULL en la función H5AC_unpin_entry() localizada en el archivo H5AC.c. • https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/browse/release_docs/RELEASE.txt • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2020-10811
https://notcve.org/view.php?id=CVE-2020-10811
22 Mar 2020 — An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service. Se detectó un problema en HDF5 versiones hasta 1.12.0. Se presenta una lectura excesiva del búfer en la región heap de la memoria en la función H5O__layout_decode() localizada en el archivo H5Olayout.c. • https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/browse/release_docs/RELEASE.txt • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2020-10812
https://notcve.org/view.php?id=CVE-2020-10812
22 Mar 2020 — An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service. Se detectó un problema en HDF5 versiones hasta 1.12.0. Se presenta una desreferencia del puntero NULL en la función H5F_get_nrefs() localizada en el archivo H5Fquery.c. • https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/browse/release_docs/RELEASE.txt • CWE-476: NULL Pointer Dereference •