Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CVEs (2,251)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-36863 1Google 1Android Nov 21, 2024 Sep 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVE-2022-36862 1Google 1Android Nov 21, 2024 Sep 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVE-2022-36860 1Google 1Android Nov 21, 2024 Sep 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A heap-based overflow vulnerability in LoadEnvironment function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVE-2022-36858 1Google 1Android Nov 21, 2024 Sep 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc() function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVE-2022-36846 1Google 1Android Nov 21, 2024 Sep 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A heap-based overflow vulnerability in ConstructDictionary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVE-2022-36845 1Google 1Android Nov 21, 2024 Sep 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A heap-based overflow vulnerability in MHW_RECOG_LIB_INFO function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVE-2022-36844 1Google 1Android Nov 21, 2024 Sep 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A heap-based overflow vulnerability in HWR::EngJudgeModel::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVE-2022-36843 1Google 1Android Nov 21, 2024 Sep 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A heap-based overflow vulnerability in MHW_RECOG_LIB_INFO function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVE-2022-36842 1Google 1Android Nov 21, 2024 Sep 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A heap-based overflow vulnerability in prepareRecogLibrary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVE-2022-36841 1Google 1Android Nov 21, 2024 Sep 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A heap-based overflow vulnerability in PrepareRecogLibrary_Part function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVE-2022-25309 2Gnu Redhat 2Enterprise Linux Fribidi Nov 21, 2024 Sep 6, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted f...Show more A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service.Show less
CVE-2022-2915 1Sonicwall 5Sma 200 Firmware Sma 210 FirmwareSma 400 Firmware+2 more Nov 21, 2024 Aug 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerabil...Show more A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions.Show less
CVE-2022-2991 1Linux 1Linux Kernel Nov 21, 2024 Aug 25, 2022 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based b...Show more A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.Show less
CVE-2022-26061 1Hdfgroup 1Hdf5 Nov 21, 2024 Aug 22, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger thi...Show more A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.Show less
CVE-2022-2849 2Fedoraproject Vim 2Fedora Vim Nov 21, 2024 Aug 17, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.
CVE-2022-2819 2Fedoraproject Vim 2Fedora Vim Nov 21, 2024 Aug 15, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211.
CVE-2022-35677 1Adobe 1Framemaker Nov 21, 2024 Aug 11, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current...Show more Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-35676 1Adobe 1Framemaker Nov 21, 2024 Aug 11, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current...Show more Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-2580 1Vim 1Vim Nov 21, 2024 Aug 1, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102.
CVE-2022-2571 1Vim 1Vim Nov 21, 2024 Aug 1, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101.

Previous 1...909192...113 Next