Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CVEs (2,251)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-2182 2Fedoraproject Vim 2Fedora Vim Nov 21, 2024 Jun 23, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2021-45918 1Nhi 1Health Insurance Web Service Component Nov 21, 2024 Jun 20, 2022 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memor...Show more NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memory space reserved for the program, in order to terminate service without authentication, which requires a system restart to recover service.Show less
CVE-2022-2125 3Apple FedoraprojectVim 3Fedora MacosVim Nov 21, 2024 Jun 19, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-30654 1Adobe 1Incopy Nov 21, 2024 Jun 16, 2022 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation...Show more Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-30650 1Adobe 1Incopy Nov 21, 2024 Jun 16, 2022 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation...Show more Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-30661 1Adobe 1Indesign Nov 21, 2024 Jun 16, 2022 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitat...Show more Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-30658 1Adobe 1Indesign Nov 21, 2024 Jun 16, 2022 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitat...Show more Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2022-2061 1Chafa Project 1Chafa Nov 21, 2024 Jun 13, 2022 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0.
CVE-2022-30540 1Hornerautomation 1Cscape Nov 21, 2024 Jun 2, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The affected product is vulnerable to a heap-based buffer overflow via uninitialized pointer, which may allow an attacker to execute arbitrary code
CVE-2022-31003 2Debian Signalwire 2Debian Linux Sofia Sip Nov 21, 2024 May 31, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, `rest = record + 2` will access the memory behind `\0` and cause an out-...Show more Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, `rest = record + 2` will access the memory behind `\0` and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causing a crash or more serious consequence, such as remote code execution. Version 1.13.8 contains a patch for this issue.Show less
CVE-2022-1942 4Apple DebianFedoraproject+1 more 4Debian Linux FedoraMacos+1 more Nov 3, 2025 May 31, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-1886 2Fedoraproject Vim 2Fedora Vim Nov 21, 2024 May 26, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-29210 1Google 1Tensorflow Nov 21, 2024 May 21, 2022 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 TensorFlow is an open source platform for machine learning. In version 2.8.0, the `TensorKey` hash function used total estimated `AllocatedBytes()`, which (a) is an estimate per tensor, and (b) is a very poor hash functi...Show more TensorFlow is an open source platform for machine learning. In version 2.8.0, the `TensorKey` hash function used total estimated `AllocatedBytes()`, which (a) is an estimate per tensor, and (b) is a very poor hash function for constants (e.g. `int32_t`). It also tried to access individual tensor bytes through `tensor.data()` of size `AllocatedBytes()`. This led to ASAN failures because the `AllocatedBytes()` is an estimate of total bytes allocated by a tensor, including any pointed-to constructs (e.g. strings), and does not refer to contiguous bytes in the `.data()` buffer. The discoverers could not use this byte vector anyway because types such as `tstring` include pointers, whereas they needed to hash the string values themselves. This issue is patched in Tensorflow versions 2.9.0 and 2.8.1.Show less
CVE-2022-1733 3Apple FedoraprojectVim 3Fedora MacosVim Nov 21, 2024 May 17, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.
CVE-2022-28234 1Adobe 4Acrobat Acrobat DcAcrobat Reader+1 more Nov 21, 2024 May 11, 2022 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of a crafted .pdf file,...Show more Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of a crafted .pdf file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf fileShow less
CVE-2022-1621 4Apple DebianFedoraproject+1 more 4Debian Linux FedoraMacos+1 more Nov 21, 2024 May 10, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
CVE-2022-1619 5Apple DebianFedoraproject+2 more 6Debian Linux FedoraHci Management Node+3 more Nov 21, 2024 May 8, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution
CVE-2021-38439 1Gurum 1Gurumdds Nov 21, 2024 May 5, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 All versions of GurumDDS are vulnerable to heap-based buffer overflow, which may cause a denial-of-service condition or remotely execute arbitrary code.
CVE-2022-20737 1Cisco 1Adaptive Security Appliance Software Nov 21, 2024 May 3, 2022 N/A· v4 7.1 HIGH· v3 7.0 HIGH· v2 A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cau...Show more A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device or to obtain portions of process memory from an affected device. This vulnerability is due to insufficient bounds checking when parsing specific HTTP authentication messages. An attacker could exploit this vulnerability by sending malicious traffic to an affected device acting as a VPN Gateway. To send this malicious traffic, an attacker would need to control a web server that can be accessed through the Clientless SSL VPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition, or to retrieve bytes from the device process memory that may contain sensitive information.Show less
CVE-2022-1437 1Radare 1Radare2 Nov 21, 2024 Apr 22, 2022 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive informati...Show more Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.Show less

Previous 1...929394...113 Next