Every CVE whose affected-product data names Hdfgroup Hdf5, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (131)
CVE-2018-13869 — CVSS 9.8 (critical): An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c.
CVE-2018-13871 — CVSS 9.8 (critical): An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5FL_blk_malloc in H5FL.c.
CVE-2018-13872 — CVSS 9.8 (critical): An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5G_ent_decode in H5Gent.c.
CVE-2018-13873 — CVSS 9.8 (critical): An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5O_chunk_deserialize in H5Ocache.c.
CVE-2018-13874 — CVSS 9.8 (critical): An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in…
CVE-2024-32615 — CVSS 9.8 (critical): HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Z__nbit_decompress_one_byte in H5Znbit.c, caused by the earlier use…
CVE-2018-13876 — CVSS 9.8 (critical): An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in…
CVE-2024-29157 — CVSS 9.8 (critical): HDF5 through 1.14.3 contains a heap buffer overflow in H5HG_read, resulting in the corruption of the instruction pointer and causing denial…
CVE-2024-29159 — CVSS 9.8 (critical): HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_scaleoffset, resulting in the corruption of the instruction pointer and…
CVE-2024-29164 — CVSS 9.8 (critical): HDF5 through 1.14.3 contains a stack buffer overflow in H5R__decode_heap, resulting in the corruption of the instruction pointer and…
CVE-2024-32608 — CVSS 9.8 (critical): HDF5 library through 1.14.3 has memory corruption in H5A__close resulting in the corruption of the instruction pointer and causing denial…
CVE-2024-32621 — CVSS 9.8 (critical): HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HG_read in H5HG.c (called from H5VL__native_blob_get in…
CVE-2018-13870 — CVSS 9.8 (critical): An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c.
CVE-2018-13866 — CVSS 9.8 (critical): An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer over-read in the function H5F_addr_decode_len in…
CVE-2018-13867 — CVSS 9.8 (critical): An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c.
CVE-2018-13868 — CVSS 9.8 (critical): An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_old_decode in…
CVE-2024-32622 — CVSS 9.1 (critical): HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c (called from H5S_set_extent_simple in…
CVE-2020-18232 — CVSS 8.8 (high): Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of…
CVE-2019-9151 — CVSS 8.8 (high): An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5VM_memcpyvv in H5VM.c when called…
CVE-2025-44905 — CVSS 8.8 (high): hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.
CVE-2024-33877 — CVSS 8.8 (high): HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__conv_struct_opt in H5Tconv.c.
CVE-2017-17509 — CVSS 8.8 (high): In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example…
CVE-2024-33873 — CVSS 8.8 (high): HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c.
CVE-2024-32623 — CVSS 8.8 (high): HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VM_array_fill in H5VM.c (called from H5S_select_elements in…
CVE-2018-14031 — CVSS 8.8 (high): An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.
CVE-2018-14033 — CVSS 8.8 (high): An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in…
CVE-2018-14034 — CVSS 8.8 (high): An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5O_pline_reset in H5Opline.c.
CVE-2018-14035 — CVSS 8.8 (high): An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c.
CVE-2018-14460 — CVSS 8.8 (high): An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in…
CVE-2018-16438 — CVSS 8.8 (high): An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.
CVE-2024-32617 — CVSS 8.8 (high): HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MM_xstrdup in H5MM.c (called…
CVE-2024-32605 — CVSS 8.8 (high): HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_memcpyvv in H5VM.c (called from H5D__compact_readvv in H5Dcompact.c).
CVE-2024-29161 — CVSS 8.8 (high): HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and…
CVE-2021-46242 — CVSS 8.8 (high): HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.
CVE-2020-18494 — CVSS 8.8 (high): Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of…
CVE-2019-9152 — CVSS 8.8 (high): An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called…
CVE-2016-4331 — CVSS 8.6 (high): When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is…
CVE-2016-4332 — CVSS 8.6 (high): The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an…
CVE-2016-4333 — CVSS 8.6 (high): The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said…
CVE-2016-4330 — CVSS 8.6 (high): In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space…
CVE-2018-11206 — CVSS 8.1 (high): An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could…
CVE-2018-11205 — CVSS 8.1 (high): A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or…
CVE-2026-34734 — CVSS 7.8 (high): HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who…
CVE-2018-13875 — CVSS 7.8 (high): An issue was discovered in the HDF HDF5 1.8.20 library. There is an out-of-bounds read in the function H5VM_memcpyvv in H5VM.c.
CVE-2022-25942 — CVSS 7.8 (high): An out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead…
CVE-2022-25972 — CVSS 7.8 (high): An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead…
CVE-2022-26061 — CVSS 7.8 (high): A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file…
CVE-2026-26200 — CVSS 7.8 (high): HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` file parsed by HDF5 can trigger a…
CVE-2021-37501 — CVSS 7.5 (high): Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via…
CVE-2024-32609 — CVSS 7.5 (high): HDF5 Library through 1.14.3 allows stack consumption in the function H5E_printf_stack in H5Eint.c.
CVE-2024-29160 — CVSS 7.4 (high): HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_heap_deserialize, resulting in the corruption of the instruction pointer…
CVE-2024-32612 — CVSS 7.4 (high): HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5HL__fl_deserialize in H5HLcache.c, resulting in the corruption of…
CVE-2024-29162 — CVSS 7.4 (high): HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in H5HG_read, resulting in denial of service or potential code execution.
CVE-2024-29163 — CVSS 7.4 (high): HDF5 through 1.14.3 contains a heap buffer overflow in H5T__bit_find, resulting in the corruption of the instruction pointer and causing…
CVE-2024-32624 — CVSS 7.4 (high): HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__ref_mem_setnull in H5Tref.c (called from H5T__conv_ref in…
CVE-2024-29165 — CVSS 7.4 (high): HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_fletcher32, resulting in the corruption of the instruction pointer and…
CVE-2024-32620 — CVSS 7.4 (high): HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5F_addr_decode_len in H5Fint.c, resulting in the corruption of the…
CVE-2024-32616 — CVSS 7.4 (high): HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5O__dtype_encode_helper in H5Odtype.c.
CVE-2024-32619 — CVSS 7.4 (high): HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the…
CVE-2024-32618 — CVSS 7.4 (high): HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__get_native_type in H5Tnative.c, resulting in the corruption of…
CVE-2024-32613 — CVSS 7.4 (high): HDF5 Library through 1.14.3 contains a heap-based buffer over-read in the function H5HL__fl_deserialize in H5HLcache.c, a different…
CVE-2024-29158 — CVSS 7.4 (high): HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing…
CVE-2018-17436 — CVSS 6.5 (medium): ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via…
CVE-2019-8397 — CVSS 6.5 (medium): An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_close_real in H5T.c.
CVE-2019-8396 — CVSS 6.5 (medium): A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service…
CVE-2018-17439 — CVSS 6.5 (medium): An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in…
CVE-2021-46243 — CVSS 6.5 (medium): An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via the function H5O__dtype_decode_helper () at…
CVE-2021-46244 — CVSS 6.5 (medium): A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability…
CVE-2017-17505 — CVSS 6.5 (medium): In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example…
CVE-2018-17438 — CVSS 6.5 (medium): A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse…
CVE-2018-17437 — CVSS 6.5 (medium): Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a…
CVE-2018-17435 — CVSS 6.5 (medium): A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial…
CVE-2018-17434 — CVSS 6.5 (medium): A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted…
CVE-2018-17433 — CVSS 6.5 (medium): A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial…
CVE-2018-17432 — CVSS 6.5 (medium): A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a…
CVE-2018-17237 — CVSS 6.5 (medium): A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse…
CVE-2018-17234 — CVSS 6.5 (medium): Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a…
CVE-2018-17233 — CVSS 6.5 (medium): A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an…
CVE-2018-15671 — CVSS 6.5 (medium): An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5P__get_cb() in…
CVE-2018-11207 — CVSS 6.5 (medium): A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of…
CVE-2018-11204 — CVSS 6.5 (medium): A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote…
CVE-2018-11203 — CVSS 6.5 (medium): A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of…
CVE-2018-11202 — CVSS 6.5 (medium): A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote…
CVE-2017-17508 — CVSS 6.5 (medium): In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump…
CVE-2017-17507 — CVSS 6.5 (medium): In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5T_conv_struct_opt in H5Tconv.c in libhdf5.a. For example…
CVE-2017-17506 — CVSS 6.5 (medium): In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example…
CVE-2019-8398 — CVSS 6.5 (medium): An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_get_size in H5T.c.
CVE-2024-33875 — CVSS 5.7 (medium): HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c, resulting in the corruption of the…
CVE-2024-29166 — CVSS 5.7 (medium): HDF5 through 1.14.3 contains a buffer overflow in H5O__linfo_decode, resulting in the corruption of the instruction pointer and causing…
CVE-2024-32607 — CVSS 5.7 (medium): HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resulting in the corruption of the instruction pointer.
CVE-2024-32610 — CVSS 5.7 (medium): HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, resulting in a corrupted instruction pointer.
CVE-2024-32606 — CVSS 5.7 (medium): HDF5 Library through 1.14.3 may attempt to dereference uninitialized values in h5tools_str_sprint in tools/lib/h5tools_str.c (called from…
CVE-2021-45830 — CVSS 5.5 (medium): A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a…
CVE-2020-10811 — CVSS 5.5 (medium): An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in…
CVE-2020-10809 — CVSS 5.5 (medium): An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c…
CVE-2020-10810 — CVSS 5.5 (medium): An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It…
CVE-2020-10812 — CVSS 5.5 (medium): An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It…
CVE-2026-29043 — CVSS 5.5 (medium): HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file parsed by HDF5 can trigger a…
CVE-2021-45833 — CVSS 5.5 (medium): A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in…
CVE-2021-45832 — CVSS 5.5 (medium): A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service…
CVE-2025-2308 — CVSS 5.3 (medium): A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Z__scaleoffset_decompress_one_byte…
CVE-2025-6516 — CVSS 5.3 (medium): A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5F_addr_decode_len…
CVE-2025-6269 — CVSS 5.3 (medium): A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function…
CVE-2025-6270 — CVSS 5.3 (medium): A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function…
CVE-2025-2309 — CVSS 5.3 (medium): A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5T__bit_copy of the…
CVE-2025-2310 — CVSS 5.3 (medium): A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MM_strndup of the component Metadata…
CVE-2025-2153 — CVSS 5.0 (medium): A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the…
CVE-2025-6816 — CVSS 3.3 (low): A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5O__fsinfo_encode of the file…
CVE-2025-6817 — CVSS 3.3 (low): A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5C__load_entry of the…
CVE-2025-7067 — CVSS 3.3 (low): A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5FS__sinfo_serialize_node_cb…
CVE-2025-6858 — CVSS 3.3 (low): A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of…
CVE-2025-6857 — CVSS 3.3 (low): A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5G__node_cmp3…
CVE-2025-6856 — CVSS 3.3 (low): A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FL__reg_gc_list of the file…
CVE-2025-6750 — CVSS 3.3 (low): A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function…
CVE-2025-7069 — CVSS 3.3 (low): A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FS__sect_link_size of the file…
CVE-2025-7068 — CVSS 3.3 (low): A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the…
CVE-2025-6818 — CVSS 3.3 (low): A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5O__chunk_protect of the file…
CVE-2025-2913 — CVSS 3.3 (low): A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FL__blk_gc_list of…
CVE-2025-2912 — CVSS 3.3 (low): A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function…
CVE-2025-2914 — CVSS 3.3 (low): A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the…
CVE-2025-2915 — CVSS 3.3 (low): A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5F__accum_free of the…
CVE-2025-2923 — CVSS 3.3 (low): A vulnerability, which was classified as problematic, has been found in HDF5 up to 1.14.6. Affected by this issue is the function…
CVE-2025-2924 — CVSS 3.3 (low): A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the…
CVE-2025-2925 — CVSS 3.3 (low): A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MM_realloc of…
CVE-2025-2926 — CVSS 3.3 (low): A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5O__cache_chk_serialize of…