CVE-2025-44905 – HDF5 Heap Buffer Overflow

May 30, 2025

CVE ID : CVE-2025-44905

Published : May 30, 2025, 4:15 a.m. | 48 minutes ago

Description : hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-44906 – jhead Heap Use After Free Vulnerability

Next Article CVE-2025-44904 – Apache HDF5 Heap Buffer Overflow

Highlights

CVE-2025-49582 – XWiki Macro Execution Remote Code Execution

June 13, 2025

CVE ID : CVE-2025-49582

Published : June 13, 2025, 5:15 p.m. | 51 minutes ago

Description : XWiki is a generic wiki platform. When editing content that contains “dangerous” macros like malicious script macros that were authored by a user with fewer rights, XWiki warns about the execution of these macros since XWiki 15.9RC1. These required rights analyzers that trigger these warnings are incomplete, allowing an attacker to hide malicious content. For most macros, the existing analyzers don’t consider non-lowercase parameters. Further, most macro parameters that can contain XWiki syntax like titles of information boxes weren’t analyzed at all. Similarly, the “source” parameters of the content and context macro weren’t anylzed even though they could contain arbitrary XWiki syntax. In the worst case, this could allow a malicious to add malicious script macros including Groovy or Python macros to a page that are then executed after another user with programming righs edits the page, thus allowing remote code execution. The required rights analyzers have been made more robust and extended to cover those cases in XWiki 16.4.7, 16.10.3 and 17.0.0.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

If Call of Duty: Black Ops 6’s Kilo 141 Jade camo challenge is bugged for you, try this

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-44905 – HDF5 Heap Buffer Overflow

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Intl.DurationFormat is now Baseline Newly available

CVE-2025-43971 – GoBGP Zero-Value Software Version Len Panic

CVE-2025-38089 – SunRPC Authentication Error Handling Remote Crash Vulnerability

Peter Green Chilled Cyberattack Disrupts Supermarket Supply Chain Across the UK

CVE-2025-49582 – XWiki Macro Execution Remote Code Execution

If Call of Duty: Black Ops 6’s Kilo 141 Jade camo challenge is bugged for you, try this

CVE-2011-10007 – Apache::FileFind::Rule Arbitrary Code Execution Vulnerability

Vector Search Embeddings and RAG

CVE-2025-44905 – HDF5 Heap Buffer Overflow

Related Posts