CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2020-10809
https://notcve.org/view.php?id=CVE-2020-10809
22 Mar 2020 — An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service. Se detectó un problema en HDF5 versiones hasta 1.12.0. • https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/browse/release_docs/RELEASE.txt • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2020-10810
https://notcve.org/view.php?id=CVE-2020-10810
22 Mar 2020 — An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service. Se detectó un problema en HDF5 versiones hasta 1.12.0. Se presenta una desreferencia del puntero NULL en la función H5AC_unpin_entry() localizada en el archivo H5AC.c. • https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/browse/release_docs/RELEASE.txt • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2020-10811
https://notcve.org/view.php?id=CVE-2020-10811
22 Mar 2020 — An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service. Se detectó un problema en HDF5 versiones hasta 1.12.0. Se presenta una lectura excesiva del búfer en la región heap de la memoria en la función H5O__layout_decode() localizada en el archivo H5Olayout.c. • https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/browse/release_docs/RELEASE.txt • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2020-10812
https://notcve.org/view.php?id=CVE-2020-10812
22 Mar 2020 — An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service. Se detectó un problema en HDF5 versiones hasta 1.12.0. Se presenta una desreferencia del puntero NULL en la función H5F_get_nrefs() localizada en el archivo H5Fquery.c. • https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/browse/release_docs/RELEASE.txt • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-8396
https://notcve.org/view.php?id=CVE-2019-8396
17 Feb 2019 — A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2." Un desbordamiento de búfer en H5O__layout_encode en H5Olayout.c en HDF HDF5, hasta la versión 1.10.4, permite a atacantes remotos causar una denegación de servicio (DoS) utilizando un archivo .HDF5 manipulado. Este problema se desencadenó al reempaquetar un arc... • https://github.com/magicSwordsMan/PAAFS/tree/master/vul4 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17435
https://notcve.org/view.php?id=CVE-2018-17435
24 Sep 2018 — A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file. Sobrelectura de búfer basada en memoria dinámica (heap) en H5O_attr_decode() en H5Oattr.c en la biblioteca HDF HDF5 hasta la versión 1.10.3 permite a los atacantes causar una denegación de servicio (consumo de recursos) utilizando un archivo .HDF5 manipulado. El problema... • https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln7#heap-overflow-in-h5o_attr_decode • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17432
https://notcve.org/view.php?id=CVE-2018-17432
24 Sep 2018 — A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. Desreferencia de puntero NULL en H5O_sdspace_encode() en H5Osdspace.c en la biblioteca HDF HDF5 hasta la versión 1.10.3 permite a los atacantes causar una denegación de servicio (DoS) utilizando un archivo .HDF5 manipulado. • https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln6#null-pointer-dereference-in-h5o_sdspace_encode • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17433
https://notcve.org/view.php?id=CVE-2018-17433
24 Sep 2018 — A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file. Desbordamiento de búfer basado en memoria dinámica (heap) en ReadGifImageDesc() en gifread.c en la biblioteca HDF HDF5 hasta la versión 1.10.3 permite a los atacantes causar una denegación de servicio (consumo de recursos) utilizando un archivo .HDF5 manipulado. El pro... • https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln8#heap-overflow-in-readgifimagedesc • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17438
https://notcve.org/view.php?id=CVE-2018-17438
24 Sep 2018 — A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack. Se lanza una señal SIGFPE en la función H5D__select_io() de H5Dselect.c en la biblioteca HDF HDF5 hasta la versión 1.10.3 durante un intento de análisis de un archivo HDF manipulado. Esto se debe a una protección incorrecta contra divisiones ... • https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_h5d__select_io_h5dselect • CWE-369: Divide By Zero •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17436
https://notcve.org/view.php?id=CVE-2018-17436
24 Sep 2018 — ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file. ReadCode() en decompress.c en la biblioteca HDF HDF5 hasta la versión 1.10.3 permite a los atacantes causar una denegación de servicio (acceso de escritura no válido) utilizando un archivo .HDF5 manipulado. El problema se desencadenó al convertir un archivo GIF a HDF. • https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln8#invalid-write-memory-access-in-decompressc • CWE-787: Out-of-bounds Write •