Shodan
Vulnerabilities
Vulnerable Software
Hdfgroup:  Security Vulnerabilities
CVE-2019-9152
An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called from H5O_dtype_decode_helper in H5Odtype.c.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-02-25
CVE-2019-8396
A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2."
CVSS Score
6.5
EPSS Score
0.003
Published
2019-02-17
CVE-2019-8397
An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_close_real in H5T.c.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-02-17
CVE-2019-8398
An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_get_size in H5T.c.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-02-17
CVE-2018-17437
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-09-24
CVE-2018-17438
A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-09-24
CVE-2018-17439
An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-09-24
CVE-2018-17432
A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.
CVSS Score
6.5
EPSS Score
0.007
Published
2018-09-24
CVE-2018-17433
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-09-24
CVE-2018-17434
A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-09-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved