Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CVEs (2,306)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-21778 2Level1 Realtek 2Rtl819x Jungle Software Development Kit Wbr 6013 Firmware Nov 4, 2025 Jul 8, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A heap-based buffer overflow vulnerability exists in the configuration file mib_init_value_array functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted .dat file can lead to arbitrary code execution. An...Show more A heap-based buffer overflow vulnerability exists in the configuration file mib_init_value_array functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted .dat file can lead to arbitrary code execution. An attacker can upload a malicious file to trigger this vulnerability.Show less
CVE-2024-6383 - - Nov 3, 2025 Jul 3, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighbouring heap memory. T...Show more The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighbouring heap memory. This issue affects libbson versions prior to 1.27.1Show less
CVE-2024-29508 1Artifex 1Ghostscript Mar 17, 2025 Jul 3, 2024 N/A· v4 3.3 LOW· v3 N/A· v2 Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc.
CVE-2023-52168 - - Nov 3, 2025 Jul 3, 2024 N/A· v4 8.4 HIGH· v3 N/A· v2 The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512i-2,...Show more The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512i-2, for i=9, i=10, i=11, etc.Show less
CVE-2024-32229 1Ffmpeg 1Ffmpeg Jun 3, 2025 Jul 1, 2024 N/A· v4 8.4 HIGH· v3 N/A· v2 FFmpeg 7.0 contains a heap-buffer-overflow at libavfilter/vf_tiltandshift.c:189:5 in copy_column.
CVE-2024-39133 1Zziplib Project 1Zziplib Jul 7, 2025 Jun 27, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the __zzip_parse_root_directory() function at /zzip/zip.c.
CVE-2024-38950 1Struktur 1Libde265 Jun 6, 2025 Jun 26, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.
CVE-2024-38949 1Struktur 1Libde265 Jun 6, 2025 Jun 26, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc
CVE-2024-23155 1Autodesk 9Advance Steel AutocadAutocad Architecture+6 more May 6, 2025 Jun 25, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash...Show more A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.Show less
CVE-2024-23154 1Autodesk 9Advance Steel AutocadAutocad Architecture+6 more Nov 13, 2025 Jun 25, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitiv...Show more A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-37001 1Autodesk 9Advance Steel AutocadAutocad Architecture+6 more Nov 13, 2025 Jun 25, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive d...Show more A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-6154 1Parallels 1Parallels Desktop Nov 21, 2024 Jun 20, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker...Show more Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-20450.Show less
CVE-2024-29013 1Sonicwall 1Sonicos Mar 25, 2025 Jun 20, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.
CVE-2024-37080 1Vmware 1Vcenter Server Mar 13, 2025 Jun 18, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted ne...Show more vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.Show less
CVE-2024-37280 1Elastic 1Elasticsearch Nov 21, 2024 Jun 13, 2024 N/A· v4 4.9 MEDIUM· v3 N/A· v2 A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cau...Show more A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of Service. Note that passthrough fields is an experimental feature.Show less
CVE-2024-5835 2Fedoraproject Google 2Chrome Fedora Nov 21, 2024 Jun 11, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap buffer overflow in Tab Groups in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page....Show more Heap buffer overflow in Tab Groups in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)Show less
CVE-2024-36702 1Mz Automation 1Libiec61850 Jun 18, 2025 Jun 11, 2024 N/A· v4 7.4 HIGH· v3 N/A· v2 libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at /asn1/ber_encoder.c.
CVE-2024-30095 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Nov 21, 2024 Jun 11, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-30094 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Nov 21, 2024 Jun 11, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-30091 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Nov 21, 2024 Jun 11, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Win32k Elevation of Privilege Vulnerability

Previous 1...646566...116 Next