Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CVEs (2,251)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-4584 1Axiosys 1Bento4 Nov 21, 2024 Dec 17, 2022 N/A· v4 8.8 HIGH· v3 7.5 HIGH· v2 A vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer ove...Show more A vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-216170 is the identifier assigned to this vulnerability.Show less
CVE-2022-2601 3Fedoraproject GnuRedhat 8Enterprise Linux Eus Enterprise Linux For Power Little Endian EusEnterprise Linux Server Aus+5 more May 27, 2026 Dec 14, 2022 N/A· v4 8.6 HIGH· v3 N/A· v2 A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this furt...Show more A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.Show less
CVE-2022-44910 1Quarkslab 1Binbloom Apr 22, 2025 Dec 14, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Binbloom 2.0 was discovered to contain a heap buffer overflow via the read_pointer function at /binbloom-master/src/helpers.c.
CVE-2022-44654 1Trendmicro 1Apex One Apr 29, 2025 Dec 12, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Affected builds of Trend Micro Apex One and Apex One as a Service contain a monitor engine component that is complied without the /SAFESEH memory protection mechanism which helps to monitor for malicious payloads. The af...Show more Affected builds of Trend Micro Apex One and Apex One as a Service contain a monitor engine component that is complied without the /SAFESEH memory protection mechanism which helps to monitor for malicious payloads. The affected component's memory protection mechanism has been updated to enhance product security.Show less
CVE-2022-2948 1Ge 1Cimplicity Nov 21, 2024 Dec 7, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code.
CVE-2022-3491 1Vim 1Vim Nov 21, 2024 Dec 3, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.
CVE-2022-3520 1Vim 1Vim Nov 21, 2024 Dec 2, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
CVE-2022-4141 2Fedoraproject Vim 2Fedora Vim Nov 3, 2025 Nov 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.
CVE-2022-43171 1Lief Project 1Lief Apr 29, 2025 Nov 17, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind function of LIEF v0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted MachO file.
CVE-2022-24942 1Silabs 1Micrium Uc Http Nov 21, 2024 Nov 15, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request.
CVE-2022-20946 1Cisco 1Firepower Threat Defense Nov 21, 2024 Nov 15, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS)...Show more A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory handling error that occurs when GRE traffic is processed. An attacker could exploit this vulnerability by sending a crafted GRE payload through an affected device. A successful exploit could allow the attacker to cause the device to restart, resulting in a DoS condition. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-gre-dos-hmedHQPM"] This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication.Show less
CVE-2022-45188 3Debian FedoraprojectNetatalk 3Debian Linux FedoraNetatalk Feb 13, 2026 Nov 12, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).
CVE-2022-39136 1Siemens 2Jt2go Teamcenter Visualization Nov 21, 2024 Nov 8, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V1...Show more A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V13.3 (All versions >= V13.3.0.7 < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application is vulnerable to fixed-length heap-based buffer while parsing specially crafted TIF files. An attacker could leverage this vulnerability to execute code in the context of the current process.Show less
CVE-2022-2809 1Openbmc Project 1Openbmc Nov 21, 2024 Oct 27, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. When fuzzing the multipart_parser code using AFL++ with address sanitizer enabled to find smallest memory corruptions possible. It dete...Show more A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. When fuzzing the multipart_parser code using AFL++ with address sanitizer enabled to find smallest memory corruptions possible. It detected problem in how multipart_parser handles unclosed http headers. If long enough http header is passed in the multipart form without colon there is one byte overwrite on heap. It can be conducted multiple times in a loop to cause DoS.Show less
CVE-2022-2069 1Siemens 2Jt2go Teamcenter Visualization Nov 21, 2024 Oct 20, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 The APDFL.dll in Siemens JT2Go prior to V13.3.0.5 and Siemens Teamcenter Visualization prior to V14.0.0.2 contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files....Show more The APDFL.dll in Siemens JT2Go prior to V13.3.0.5 and Siemens Teamcenter Visualization prior to V14.0.0.2 contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.Show less
CVE-2022-39260 4Apple DebianFedoraproject+1 more 4Debian Linux FedoraGit+1 more Nov 21, 2024 Oct 19, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32...Show more Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround.Show less
CVE-2022-35712 1Adobe 1Coldfusion Nov 21, 2024 Oct 14, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Ex...Show more Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is triggered when a crafted network packet is sent to the server.Show less
CVE-2022-35711 1Adobe 1Coldfusion Nov 21, 2024 Oct 14, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Ex...Show more Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is triggered when a crafted network packet is sent to the server.Show less
CVE-2022-37864 1Siemens 1Solid Edge Nov 21, 2024 Oct 11, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability has been identified in Solid Edge (All Versions < SE2022MP9). The affected application contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted DWG files. Th...Show more A vulnerability has been identified in Solid Edge (All Versions < SE2022MP9). The affected application contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted DWG files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17627)Show less
CVE-2022-39852 1Google 1Android Nov 21, 2024 Oct 7, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution.

Previous 1...888990...113 Next