Vulnerability Reports

Multiple Divide by Zero in HDF5 (1.10.2, 1.10.3)

Multiple Divide by Zero in HDF5 (1.10.2, 1.10.3) Loginsoft-2018-15672 September 24, 2018 CVE Number CVE-2018-15672, CVE-2018-17237, CVE-2018-17233 CWE CWE-369: Divide By Zero Product Details HDF5 is a data model, library, and file format for storing and managing data....

Invalid write memory access vulnerability in HDF5 1.10.3

Invalid write memory access vulnerability in HDF5 1.10.3 Loginsoft-2018-17436 September 24, 2018 CVE Number CVE-2018-17436 CWE CWE-787: Out-of-bounds Write   Product Details HDF5 is a data model, library, and file format for storing and managing data. It supports an...

Heap based Buffer over-read vulnerability in HDF5 1.10.3

Heap based Buffer over-read vulnerability in HDF5 1.10.3 Loginsoft-2018-17435 September 24, 2018 CVE Number CVE-2018-17435 CWE CWE-126: Buffer Over-read   Product Details HDF5 is a data model, library, and file format for storing and managing data. It supports an...

Stack overflow vulnerability in HDF5 1.10.3

Stack overflow vulnerability in HDF5 1.10.3 Loginsoft-2018-17439 September 24, 2018 CVE Number CVE-2018-17439 CWE CWE-121: Stack-based Buffer Overflow   Product Details HDF5 is a data model, library, and file format for storing and managing data. It supports an...

 

Bug Reports

Unrestricted resource consumption in wilmidi 0.4.3

Unrestricted resource consumption in wilmidi 0.4.3 Loginsoft-2018-1008 September 13, 2018 CWE CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')   Product Details WildMIDI is a simple software midi player which has a core softsynth library that can be...

Denial of service in VCFtools 0.1.16

Denial of service in VCFtools 0.1.16 Loginsoft-2018-1007 August 29, 2018 CWE CWE-20: Improper Input Validation Product Details VCFtools is a suite of functions for use on genetic variation data in the form of VCF and BCF files. The tools provided will be used mainly...

Out-of-bound read in fig2dev 3.2.7a

Out-of-bound read in fig2dev 3.2.7a Loginsoft-2018-1006 August 26, 2018 CWE CWE-125: Out-of-bounds Read Product Details Xfig is a free and open-source vector graphics editor which runs under the X Window System on most UNIX-compatible platforms. fig2dev is a library...

Memory corruption in fig2dev 3.2.7a

Memory corruption in fig2dev 3.2.7a August 25, 2018 CWE CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer Product Details Xfig is a free and open-source vector graphics editor which runs under the X Window System on most UNIX-compatible...

NULL pointer dereference in fig2dev 3.2.7a

NULL pointer dereference in fig2dev 3.2.7a Loginsoft-2018-1005 August 23, 2018 CWE CWE-476: NULL Pointer Dereference Product Details Xfig is a free and open-source vector graphics editor which runs under the X Window System on most UNIX-compatible platforms. fig2dev...

Invalid memory access in BCFtools 1.9

Invalid memory access in BCFtools 1.9 Loginsoft-2018-1004 August 18, 2018 CWE CWE-476: NULL Pointer Dereference Product Details BCFtools is a program for variant calling and manipulating files in the Variant Call Format (VCF) and its binary counterpart BCF. All...

Buffer overflow in VCFtools 0.1.16

Buffer overflow in VCFtools 0.1.16 August 14, 2018 Product Details VCFtools is a suite of functions for use on genetic variation data in the form of VCF and BCF files. The tools provided will be used mainly to summarize data, run calculations on data, filter out data,...