Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CVEs (2,306)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-36896 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Nov 21, 2024 Aug 8, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-36865 1Microsoft 3365 Apps OfficeOffice Long Term Servicing Channel Nov 21, 2024 Aug 8, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2023-36532 1Zoom 3Rooms Virtual Desktop InfrastructureZoom Nov 21, 2024 Aug 8, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access.
CVE-2023-3180 3Debian FedoraprojectQemu 3Debian Linux FedoraQemu Nov 21, 2024 Aug 3, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_he...Show more A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ.Show less
CVE-2023-4016 2Fedoraproject Procps Project 2Fedora Procps Nov 21, 2024 Aug 2, 2023 N/A· v4 3.3 LOW· v3 N/A· v2 Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.
CVE-2023-21406 1Axis 1A1001 Firmware Nov 21, 2024 Jul 25, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which is handling the OSDP communication allowing to...Show more Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which is handling the OSDP communication allowing to write outside of the allocated buffer. By appending invalid data to an OSDP message it was possible to write data beyond the heap allocated buffer. The data written outside the buffer could be used to execute arbitrary code. lease refer to the Axis security advisory for more information, mitigation and affected products and software versions.Show less
CVE-2022-46290 1Openbabel 1Open Babel Nov 4, 2025 Jul 21, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attac...Show more Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.The loop that stores the coordinates does not check its index against nAtomsShow less
CVE-2022-46289 1Openbabel 1Open Babel Nov 4, 2025 Jul 21, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attac...Show more Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.nAtoms calculation wrap-around, leading to a small buffer allocationShow less
CVE-2023-3463 1Ge 1Cimplicity Nov 21, 2024 Jul 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issue...Show more All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer overflows, uninitialized pointers, and a heap-based buffer overflow. Successful exploitation could allow an attacker to execute arbitrary code. Show less
CVE-2022-24834 2Fedoraproject Redis 2Fedora Redis Nov 21, 2024 Jul 13, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execut...Show more Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users. The problem is fixed in versions 7.0.12, 6.2.13, and 6.0.20.Show less
CVE-2023-24474 1Honeywell 4Direct Station Engineering StationExperion Server+1 more Nov 21, 2024 Jul 13, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message
CVE-2023-2763 13ds 13dexperience Solidworks Nov 21, 2024 Jul 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. These...Show more Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF file.Show less
CVE-2023-35374 1Microsoft 1Paint 3d Nov 21, 2024 Jul 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Paint 3D Remote Code Execution Vulnerability
CVE-2023-35363 1Microsoft 7Windows 10 1809 Windows 10 21h2Windows 10 22h2+4 more Nov 21, 2024 Jul 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-35350 1Microsoft 5Windows Server 2008 Windows Server 2012Windows Server 2016+2 more Nov 21, 2024 Jul 11, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability
CVE-2023-35337 1Microsoft 5Windows 10 21h2 Windows 10 22h2Windows 11 21h2+2 more Nov 21, 2024 Jul 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Win32k Elevation of Privilege Vulnerability
CVE-2023-35305 1Microsoft 9Windows 10 1607 Windows 10 1809Windows 10 21h2+6 more Nov 21, 2024 Jul 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-35304 1Microsoft 9Windows 10 1607 Windows 10 1809Windows 10 21h2+6 more Nov 21, 2024 Jul 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-35302 1Microsoft 11Windows 10 1507 Windows 10 1607Windows 10 1809+8 more Nov 21, 2024 Jul 11, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-33152 1Microsoft 3365 Apps OfficeOffice Long Term Servicing Channel May 19, 2026 Jul 11, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Microsoft ActiveX Remote Code Execution Vulnerability

Previous 1...818283...116 Next