CVE-2025-2912

MEDIUM Year: 2025
CVSS v3 Score
5.3
Medium
CVSS v2 Score
1.7
Low
Weakness Type
CWE-119
View all →

Vulnerability Description

A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5O_msg_flush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2010-0749

MEDIUM
CVSS:5.3(Medium)

Transmission before 1.92 allows attackers to prevent download of a file by corrupted data during the endgame.

CWE-1192010

CVE-2013-7490

MEDIUM
CVSS:5.3(Medium)

An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.

CWE-1192013

CVE-2015-8792

MEDIUM
CVSS:5.3(Medium)

The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers ...

CWE-1192015

CVE-2016-1907

MEDIUM
CVSS:5.3(Medium)

The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.

CWE-1192016

CVE-2016-9118

MEDIUM
CVSS:5.3(Medium)

Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.

CWE-1192016

CVE-2016-9797

MEDIUM
CVSS:5.3(Medium)

In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidum...

CWE-1192016