Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2024-32614
Publication date:
14/05/2024
HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c.
Severity CVSS v4.0: Pending analysis
Last modification:
18/04/2025

CVE-2024-32615
Publication date:
14/05/2024
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Z__nbit_decompress_one_byte in H5Znbit.c, caused by the earlier use of an initialized pointer.
Severity CVSS v4.0: Pending analysis
Last modification:
18/04/2025

CVE-2024-32616
Publication date:
14/05/2024
HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5O__dtype_encode_helper in H5Odtype.c.
Severity CVSS v4.0: Pending analysis
Last modification:
18/04/2025

CVE-2024-32617
Publication date:
14/05/2024
HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MM_xstrdup in H5MM.c (called from H5G__ent_to_link in H5Glink.c).
Severity CVSS v4.0: Pending analysis
Last modification:
18/04/2025

CVE-2024-32605
Publication date:
14/05/2024
HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_memcpyvv in H5VM.c (called from H5D__compact_readvv in H5Dcompact.c).
Severity CVSS v4.0: Pending analysis
Last modification:
18/04/2025

CVE-2024-32606
Publication date:
14/05/2024
HDF5 Library through 1.14.3 may attempt to dereference uninitialized values in h5tools_str_sprint in tools/lib/h5tools_str.c (called from h5tools_dump_simple_data in tools/lib/h5tools_dump.c).
Severity CVSS v4.0: Pending analysis
Last modification:
18/04/2025

CVE-2024-32607
Publication date:
14/05/2024
HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resulting in the corruption of the instruction pointer.
Severity CVSS v4.0: Pending analysis
Last modification:
18/04/2025

CVE-2024-32609
Publication date:
14/05/2024
HDF5 Library through 1.14.3 allows stack consumption in the function H5E_printf_stack in H5Eint.c.
Severity CVSS v4.0: Pending analysis
Last modification:
18/04/2025

CVE-2024-32610
Publication date:
14/05/2024
HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, resulting in a corrupted instruction pointer.
Severity CVSS v4.0: Pending analysis
Last modification:
18/04/2025

CVE-2024-32476
Publication date:
14/05/2024
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. There is a Denial of Service (DoS) vulnerability via OOM using jq in ignoreDifferences. This vulnerability has been patched in version(s) 2.10.7, 2.9.12 and 2.8.16.
Severity CVSS v4.0: Pending analysis
Last modification:
09/01/2025

CVE-2024-32100
Publication date:
14/05/2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.11.<br /> <br />
Severity CVSS v4.0: Pending analysis
Last modification:
07/02/2025

CVE-2024-31954
Publication date:
14/05/2024
An issue was discovered in the installer in Samsung Portable SSD for T5 1.6.10 on Windows. Because it is possible to tamper with the directory and DLL files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (An attacker must already have user privileges)
Severity CVSS v4.0: Pending analysis
Last modification:
03/07/2024
Subscribe to Vulnerabilities