Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-45829

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-03 Jan, 2022 | 21:22
Updated At-04 Aug, 2024 | 04:54
Rejected At-
Credits

HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:03 Jan, 2022 | 21:22
Updated At:04 Aug, 2024 | 04:54
Rejected At:
▼CVE Numbering Authority (CNA)

HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/HDFGroup/hdf5/issues/1317
x_refsource_MISC
Hyperlink: https://github.com/HDFGroup/hdf5/issues/1317
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/HDFGroup/hdf5/issues/1317
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/HDFGroup/hdf5/issues/1317
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:03 Jan, 2022 | 22:15
Updated At:11 Jan, 2022 | 16:37

HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches
The HDF Group
hdfgroup
>>hdf5>>1.13.1-1
cpe:2.3:a:hdfgroup:hdf5:1.13.1-1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-404Primarynvd@nist.gov
CWE ID: CWE-404
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/HDFGroup/hdf5/issues/1317cve@mitre.org
Exploit
Issue Tracking
Third Party Advisory
Hyperlink: https://github.com/HDFGroup/hdf5/issues/1317
Source: cve@mitre.org
Resource:
Exploit
Issue Tracking
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

56Records found
CVE-2025-2591
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 11.72%
||
7 Day CHG~0.00%
Published-21 Mar, 2025 | 13:31
Updated-17 Jul, 2025 | 21:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open Asset Import Library Assimp MDLLoader.cpp InternReadFile_Quake1 divide by zero

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-assimpOpen Asset Import Library
Product-assimpAssimp
CWE ID-CWE-369
Divide By Zero
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2013-1054
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-4.3||MEDIUM
EPSS-0.22% / 44.48%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 19:20
Updated-16 Sep, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Possible remote DOS in WebApps

The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus disabling the extension entirely.

Action-Not Available
Vendor-Canonical Ltd.
Product-ubuntu_linuxunity-firefox-extensionunity-firefox-extension
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2022-1210
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.3||MEDIUM
EPSS-0.04% / 11.62%
||
7 Day CHG-0.02%
Published-03 Apr, 2022 | 00:00
Updated-15 Apr, 2025 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LibTIFF tiff2ps resource consumption

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-unspecifiedNetApp, Inc.LibTIFF
Product-ontap_select_deploy_administration_utilitylibtiffLibTIFF
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2022-0396
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-5.3||MEDIUM
EPSS-0.01% / 0.71%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 10:45
Updated-16 Sep, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoS from specifically crafted TCP packets

BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.NetApp, Inc.Siemens AGFedora Project
Product-h300esinec_insh500sh300s_firmwareh410c_firmwareh410sh300sh300e_firmwareh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwareh700ebindh410ch700e_firmwareh700sBIND
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2023-1157
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.8||LOW
EPSS-0.03% / 5.38%
||
7 Day CHG~0.00%
Published-02 Mar, 2023 | 18:16
Updated-02 Aug, 2024 | 05:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
finixbit elf-parser elf_parser.cpp get_segments denial of service

A vulnerability, which was classified as problematic, was found in finixbit elf-parser. Affected is the function elf_parser::Elf_parser::get_segments of the file elf_parser.cpp. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. VDB-222222 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-elf-parser_projectfinixbit
Product-elf-parserelf-parser
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2021-40833
Matching Score-4
Assigner-126858f1-1b65-4b74-81ca-7034f7f7723f
ShareView Details
Matching Score-4
Assigner-126858f1-1b65-4b74-81ca-7034f7f7723f
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 33.12%
||
7 Day CHG~0.00%
Published-26 Nov, 2021 | 16:39
Updated-04 Aug, 2024 | 02:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial-of-Service (DoS) Vulnerability

A vulnerability affecting F-Secure antivirus engine was discovered whereby unpacking UPX file can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.

Action-Not Available
Vendor-Apple Inc.F-Secure CorporationMicrosoft Corporation
Product-linux_security_64linux_securityelements_endpoint_protectionatlantwindowsmacosinternet_gatekeeperF-Secure endpoint protection products on Windows and Mac. F-Secure Linux Security (32-bit) F-Secure Linux Security 64 F-Secure Internet Gatekeeper & F-Secure Atlant
CWE ID-CWE-404
Improper Resource Shutdown or Release
  • Previous
  • 1
  • 2
  • Next
Details not found