Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CVEs (2,306)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-20677 1Microsoft 3365 Apps OfficeOffice Long Term Servicing Channel Nov 21, 2024 Jan 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Ma...Show more A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365. As of February 13, 2024, the ability to insert FBX files has also been disabled in 3D Viewer. 3D models in Office documents that were previously inserted from a FBX file will continue to work as expected unless the Link to File option was chosen at insert time. This change is effective as of the January 9, 2024 security update.Show less
CVE-2022-36764 1Tianocore 1Edk2 Nov 3, 2025 Jan 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise...Show more EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.Show less
CVE-2022-36763 1Tianocore 1Edk2 Nov 3, 2025 Jan 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromis...Show more EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.Show less
CVE-2023-49123 1Siemens 1Solid Edge Se2023 Nov 21, 2024 Jan 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow...Show more A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.Show less
CVE-2023-49122 1Siemens 1Solid Edge Se2023 Nov 21, 2024 Jan 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow...Show more A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.Show less
CVE-2023-49121 1Siemens 1Solid Edge Se2023 Nov 21, 2024 Jan 9, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow...Show more A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.Show less
CVE-2023-6992 1Cloudflare 1Zlib Nov 21, 2024 Jan 4, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based bu...Show more Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow. A local attacker could exploit the problem during compression using a crafted malicious file potentially leading to denial of service of the software. Patches: The issue has been patched in commit 8352d10 https://github.com/cloudflare/zlib/commit/8352d108c05db1bdc5ac3bdf834dad641694c13c . The upstream repository is not affected. Show less
CVE-2023-47039 1Perl 1Perl Nov 21, 2024 Jan 2, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability was found in Perl. This security issue occurs while Perl for Windows relies on the system path environment variable to find the shell (`cmd.exe`). When running an executable that uses the Windows Perl int...Show more A vulnerability was found in Perl. This security issue occurs while Perl for Windows relies on the system path environment variable to find the shell (`cmd.exe`). When running an executable that uses the Windows Perl interpreter, Perl attempts to find and execute `cmd.exe` within the operating system. However, due to path search order issues, Perl initially looks for cmd.exe in the current working directory. This flaw allows an attacker with limited privileges to place`cmd.exe` in locations with weak permissions, such as `C:\ProgramData`. By doing so, arbitrary code can be executed when an administrator attempts to use this executable from these compromised locations.Show less
CVE-2023-7104 2Fedoraproject Sqlite 2Fedora Sqlite Nov 3, 2025 Dec 29, 2023 N/A· v4 7.3 HIGH· v3 5.2 MEDIUM· v2 A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The m...Show more A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.Show less
CVE-2023-7158 1Micropython 1Micropython Nov 21, 2024 Dec 29, 2023 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was found in MicroPython up to 1.21.0. It has been classified as critical. Affected is the function slice_indices of the file objslice.c. The manipulation leads to heap-based buffer overflow. It is possib...Show more A vulnerability was found in MicroPython up to 1.21.0. It has been classified as critical. Affected is the function slice_indices of the file objslice.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.22.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-249180.Show less
CVE-2023-48704 1Clickhouse 2Clickhouse Clickhouse Cloud Nov 21, 2024 Dec 22, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could sen...Show more ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on port 9000/tcp, triggering a bug in the decompression logic of Gorilla codec that crashes the ClickHouse server process. This attack does not require authentication. This issue has been addressed in ClickHouse Cloud version 23.9.2.47551 and ClickHouse versions 23.10.5.20, 23.3.18.15, 23.8.8.20, and 23.9.6.20.Show less
CVE-2023-47118 1Clickhouse 2Clickhouse Clickhouse Cloud Nov 21, 2024 Dec 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could se...Show more ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on port 9000/tcp, triggering a bug in the decompression logic of T64 codec that crashes the ClickHouse server process. This attack does not require authentication. Note that this exploit can also be triggered via HTTP protocol, however, the attacker will need a valid credential as the HTTP authentication take places first. This issue has been fixed in version 23.10.2.13-stable, 23.9.4.11-stable, 23.8.6.16-lts and 23.3.16.7-lts. Show less
CVE-2023-47038 3Fedoraproject PerlRedhat 5Enterprise Linux Enterprise Linux AusEnterprise Linux Eus+2 more Nov 4, 2025 Dec 18, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.
CVE-2023-3430 1Openimageio 1Openimageio Nov 21, 2024 Dec 18, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which trigge...Show more A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service.Show less
CVE-2023-33221 1Idemia 7Morphowave Compact Firmware Morphowave Sp FirmwareMorphowave Xp Firmware+4 more Nov 21, 2024 Dec 15, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. This allows a heap based buffer overflow that could lead to a potent...Show more When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code Execution on the targeted device. This is especially problematic if you use Default DESFire key. Show less
CVE-2023-50246 1Jqlang 1Jq Apr 25, 2025 Dec 13, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue.
CVE-2023-35639 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Nov 21, 2024 Dec 12, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-35630 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Nov 21, 2024 Dec 12, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
CVE-2023-21740 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Nov 21, 2024 Dec 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Media Remote Code Execution Vulnerability
CVE-2023-28527 1Ibm 2Informix Dynamic Server Informix Dynamic Server On Cloud Pak For Data Nov 21, 2024 Dec 9, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251206.

Previous 1...777879...116 Next