Writeup Exploits

63,652 exploits tracked across all sources.

Sort: Activity Stars
CVE-2025-6817 WRITEUP LOW
HDF5 1.14.6 - Uncontrolled Resource Consumption in H5C__load_entry
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5C__load_entry of the file /src/H5Centry.c. The manipulation leads to resource consumption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
CVSS 3.3
CVE-2025-6816 WRITEUP LOW
HDF5 1.14.6 - Heap-Based Buffer Overflow in H5O__fsinfo_encode
A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5O__fsinfo_encode of the file /src/H5Ofsinfo.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
CVSS 3.3
CVE-2025-6750 WRITEUP LOW
HDF5 1.14.6 - Heap-Based Buffer Overflow in H5O__mtime_new_encode
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5O__mtime_new_encode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
CVSS 3.3
CVE-2025-6516 WRITEUP MEDIUM
HDF5 < 1.14.6 - Heap-Based Buffer Overflow in H5F_addr_decode_len
A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5F_addr_decode_len of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
CVSS 5.3
CVE-2025-6270 WRITEUP MEDIUM
HDF5 < 2.0.0 - Heap-Based Buffer Overflow in H5FS__sect_find_node
A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FS__sect_find_node of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
CVSS 5.3
CVE-2025-6269 WRITEUP MEDIUM
HDF5 < 1.14.6 - Heap-Based Buffer Overflow in H5C__reconstruct_cache_entry
A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5C__reconstruct_cache_entry of the file H5Cimage.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
CVSS 5.3
CVE-2025-2926 WRITEUP LOW
HDF5 <1.14.6 - Null Pointer Dereference
A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5O__cache_chk_serialize of the file src/H5Ocache.c. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
CVSS 3.3
CVE-2025-2925 WRITEUP LOW
HDF5 < 1.14.6 - Use-After-Free in H5MM_realloc
A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MM_realloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
CVSS 3.3
CVE-2025-2924 WRITEUP LOW
HDF5 < 1.14.6 - Heap-Based Buffer Overflow in H5HL__fl_deserialize
A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
CVSS 3.3
CVE-2025-2923 WRITEUP LOW
HDF5 < 1.14.6 - Heap-Based Buffer Overflow in H5F_addr_encode_len
A vulnerability, which was classified as problematic, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5F_addr_encode_len of the file src/H5Fint.c. The manipulation of the argument pp leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
CVSS 3.3
CVE-2025-2915 WRITEUP LOW
HDF5 < 1.14.6 - Heap-Based Buffer Overflow in H5F__accum_free
A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5F__accum_free of the file src/H5Faccum.c. The manipulation of the argument overlap_size leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
CVSS 3.3
CVE-2025-2914 WRITEUP LOW
HDF5 < 1.14.6 - Heap-Based Buffer Overflow in H5FS__sinfo_Srialize_Sct_cb
A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
CVSS 3.3
CVE-2025-2913 WRITEUP LOW
HDF5 < 2.0.0 - Use-After-Free in H5FL__blk_gc_list
A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FL__blk_gc_list of the file src/H5FL.c. The manipulation of the argument H5FL_blk_head_t leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
CVSS 3.3
CVE-2025-2912 WRITEUP LOW
HDF5 < 2.0.0 - Heap-Based Buffer Overflow in H5O_msg_flush
A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5O_msg_flush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
CVSS 3.3
CVE-2025-2153 WRITEUP MEDIUM
HDF5 1.14.6 - Heap-Based Buffer Overflow in H5SM_delete Function
A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
CVSS 5.0
CVE-2022-26061 WRITEUP HIGH
HDF5 1.10.4 - Heap-based Buffer Overflow via GIF2H5 Functionality
A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS 7.8
CVE-2022-25972 WRITEUP HIGH
HDF5 1.10.4 - Out-of-bounds Write via GIF File Parsing
An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS 7.8
CVE-2021-46244 WRITEUP MEDIUM
HDF5 v1.13.1-1 - Denial of Service via Divide By Zero in H5T__complete_copy
A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).
CVSS 6.5
CVE-2021-46243 WRITEUP MEDIUM
HDF5 1.13.1-1 - Denial of Service via Untrusted Pointer Dereference in H5O__dtype_decode_helper
An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via the function H5O__dtype_decode_helper () at hdf5/src/H5Odtype.c. This vulnerability can lead to a Denial of Service (DoS).
CVSS 6.5
CVE-2021-46242 WRITEUP HIGH
HDF5 v1.13.1-1 - Use-After-Free in H5AC_unpin_entry
HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.
CVSS 8.8
CVE-2021-45833 WRITEUP MEDIUM
HDF5 1.13.1-1 - Denial of Service via Stack-based Buffer Overflow in H5D__create_chunk_file_map_hyper
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).
CVSS 5.5
CVE-2021-45832 WRITEUP MEDIUM
HDF5 1.13.1-1 - Denial of Service via Stack-based Buffer Overflow in H5Eint.c
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).
CVSS 5.5
CVE-2021-45830 WRITEUP MEDIUM
HDF5 1.13.1-1 - Heap-Based Buffer Overflow in H5F_addr_decode_len
A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.
CVSS 5.5
CVE-2021-45829 WRITEUP MEDIUM
HDF5 1.13.1-1 - Denial of Service
HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service.
CVSS 5.5
CVE-2021-37501 WRITEUP HIGH
HDF5 1.12.0-1.13.0 - Denial of Service via h5tools_str_sprint Buffer Overflow
Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c.
CVSS 7.5