Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CVEs (2,306)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-26211 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Jan 8, 2025 Apr 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-26210 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Dec 6, 2024 Apr 9, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-26205 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Jan 8, 2025 Apr 9, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-26202 1Microsoft 5Windows Server 2012 Windows Server 2016Windows Server 2019+2 more Jan 8, 2025 Apr 9, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 DHCP Server Service Remote Code Execution Vulnerability
CVE-2024-26200 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Jan 8, 2025 Apr 9, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-26195 1Microsoft 6Windows Server 2008 Windows Server 2012Windows Server 2016+3 more Jan 8, 2025 Apr 9, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 DHCP Server Service Remote Code Execution Vulnerability
CVE-2024-26179 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Jan 8, 2025 Apr 9, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-26168 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Jan 8, 2025 Apr 9, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Secure Boot Security Feature Bypass Vulnerability
CVE-2024-27341 1Tungstenautomation 1Power Pdf Jun 3, 2025 Apr 3, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User int...Show more Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22927.Show less
CVE-2024-27340 1Tungstenautomation 1Power Pdf Jun 3, 2025 Apr 3, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User int...Show more Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22926.Show less
CVE-2024-3209 2Fedoraproject Upx 2Fedora Upx Apr 25, 2025 Apr 2, 2024 N/A· v4 9.8 CRITICAL· v3 5.2 MEDIUM· v2 A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function get_ne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclos...Show more A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function get_ne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259055. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-3207 1Ermig1979 1Simd Apr 25, 2025 Apr 2, 2024 N/A· v4 9.8 CRITICAL· v3 5.2 MEDIUM· v2 A vulnerability was found in ermig1979 Simd up to 6.0.134. It has been declared as critical. This vulnerability affects the function ReadUnsigned of the file src/Simd/SimdMemoryStream.h. The manipulation leads to heap-ba...Show more A vulnerability was found in ermig1979 Simd up to 6.0.134. It has been declared as critical. This vulnerability affects the function ReadUnsigned of the file src/Simd/SimdMemoryStream.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. VDB-259054 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-3204 1Blosc 1C Blosc2 Apr 25, 2025 Apr 2, 2024 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability has been found in c-blosc2 up to 2.13.2 and classified as critical. Affected by this vulnerability is the function ndlz4_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz4x4.c. The manipulatio...Show more A vulnerability has been found in c-blosc2 up to 2.13.2 and classified as critical. Affected by this vulnerability is the function ndlz4_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz4x4.c. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.14.3 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-259051.Show less
CVE-2024-3203 1Blosc 1C Blosc2 Apr 25, 2025 Apr 2, 2024 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability, which was classified as critical, was found in c-blosc2 up to 2.13.2. Affected is the function ndlz8_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz8x8.c. The manipulation leads to heap-bas...Show more A vulnerability, which was classified as critical, was found in c-blosc2 up to 2.13.2. Affected is the function ndlz8_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz8x8.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.14.3 is able to address this issue. It is recommended to upgrade the affected component. VDB-259050 is the identifier assigned to this vulnerability.Show less
CVE-2024-30806 1Axiosys 1Bento4 May 27, 2025 Apr 2, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac.
CVE-2024-3024 1Broadcom 1Tcpreplay Apr 16, 2025 Mar 28, 2024 N/A· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buf...Show more A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-258333 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-20259 1Cisco 1Ios Xe Apr 30, 2025 Mar 27, 2024 N/A· v4 8.6 HIGH· v3 N/A· v2 A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition....Show more A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandled when endpoint analytics are enabled. An attacker could exploit this vulnerability by sending a crafted DHCP request through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: The attack vector is listed as network because a DHCP relay anywhere on the network could allow exploits from networks other than the adjacent one.Show less
CVE-2024-25390 1Rt Thread 1Rt Thread Nov 4, 2025 Mar 27, 2024 N/A· v4 8.4 HIGH· v3 N/A· v2 A heap buffer overflow occurs in finsh/msh_file.c and finsh/msh.c in RT-Thread through 5.0.2.
CVE-2024-24335 1Rt Thread 1Rt Thread Nov 4, 2025 Mar 27, 2024 N/A· v4 8.4 HIGH· v3 N/A· v2 A heap buffer overflow occurs in the dfs_v2 romfs filesystem RT-Thread through 5.0.2.
CVE-2024-24334 1Rt Thread 1Rt Thread Apr 30, 2025 Mar 27, 2024 N/A· v4 8.4 HIGH· v3 N/A· v2 A heap buffer overflow occurs in dfs_v2 dfs_file in RT-Thread through 5.0.2.

Previous 1...727374...116 Next