Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CVEs (2,244)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-26330 1Amd 58Epyc 7001 Firmware Epyc 7002 FirmwareEpyc 7003 Firmware+55 more Nov 21, 2024 Nov 16, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 AMD System Management Unit (SMU) may experience a heap-based overflow which may result in a loss of resources.
CVE-2021-41253 1Zyantific 1Zydis Nov 21, 2024 Nov 8, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 Zydis is an x86/x86-64 disassembler library. Users of Zydis versions v3.2.0 and older that use the string functions provided in `zycore` in order to append untrusted user data to the formatter buffer within their custom...Show more Zydis is an x86/x86-64 disassembler library. Users of Zydis versions v3.2.0 and older that use the string functions provided in `zycore` in order to append untrusted user data to the formatter buffer within their custom formatter hooks can run into heap buffer overflows. Older versions of Zydis failed to properly initialize the string object within the formatter buffer, forgetting to initialize a few fields, leaving their value to chance. This could then in turn cause zycore functions like `ZyanStringAppend` to make incorrect calculations for the new target size, resulting in heap memory corruption. This does not affect the regular uncustomized Zydis formatter, because Zydis internally doesn't use the string functions in zycore that act upon these fields. However, because the zycore string functions are the intended way to work with the formatter buffer for users of the library that wish to extend the formatter, we still consider this to be a vulnerability in Zydis. This bug is patched starting in version 3.2.1. As a workaround, users may refrain from using zycore string functions in their formatter hooks until updating to a patched version.Show less
CVE-2021-3927 3Debian FedoraprojectVim 3Debian Linux FedoraVim Nov 21, 2024 Nov 5, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-22564 1Libjxl Project 1Libjxl Nov 21, 2024 Nov 1, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 For certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an...Show more For certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the right or bottom edges of the image, but only when groups are processed in certain order. Groups can be processed out of order in multi-threaded decoding environments with heavy thread load but also with images that contain the groups in an arbitrary order in the file. It is recommended to upgrade past 0.6.0 or patch with https://github.com/libjxl/libjxl/pull/775Show less
CVE-2021-3756 2Fedoraproject Symonics 2Fedora Libmysofa Nov 21, 2024 Oct 29, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 libmysofa is vulnerable to Heap-based Buffer Overflow
CVE-2021-3903 3Debian FedoraprojectVim 3Debian Linux FedoraVim Nov 21, 2024 Oct 27, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-34583 2Codesys Wago 28750 8202 Firmware 750 8203 Firmware750 8204 Firmware+25 more Aug 15, 2025 Oct 26, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.
CVE-2021-3872 3Debian FedoraprojectVim 3Debian Linux FedoraVim Nov 3, 2025 Oct 19, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-33023 1Advantech 1Webaccess Nov 21, 2024 Oct 18, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.
CVE-2021-3875 2Fedoraproject Vim 2Fedora Vim Nov 21, 2024 Oct 15, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-21940 1Anker 1Eufy Homebase 2 Firmware Nov 21, 2024 Oct 12, 2021 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted network packet can lead to a heap buffer overflow. An attacker can s...Show more A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted network packet can lead to a heap buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.Show less
CVE-2021-37199 1Siemens 2Sinumerik 808d Firmware Sinumerik 828d Firmware Nov 21, 2024 Oct 12, 2021 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 A vulnerability has been identified in SINUMERIK 808D (All versions), SINUMERIK 828D (All versions < V4.95). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allo...Show more A vulnerability has been identified in SINUMERIK 808D (All versions), SINUMERIK 828D (All versions < V4.95). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device.Show less
CVE-2021-25495 1Samsung 1Notes Nov 21, 2024 Oct 6, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.
CVE-2021-25479 1Google 1Android Nov 21, 2024 Oct 6, 2021 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
CVE-2021-25475 1Google 1Android Nov 21, 2024 Oct 6, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
CVE-2021-31986 1Axis 4Axis Os Axis Os 2016Axis Os 2018+1 more Nov 21, 2024 Oct 5, 2021 N/A· v4 6.8 MEDIUM· v3 4.0 MEDIUM· v2 User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.
CVE-2021-3625 1Zephyrproject 1Zephyr Nov 21, 2024 Oct 5, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Buffer overflow in Zephyr USB DFU DNLOAD. Zephyr versions >= v2.5.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3gr-hgvr-...Show more Buffer overflow in Zephyr USB DFU DNLOAD. Zephyr versions >= v2.5.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3gr-hgvr-f363Show less
CVE-2021-32626 5Debian FedoraprojectNetapp+2 more 6Communications Operations Monitor Debian LinuxFedora+3 more Nov 21, 2024 Oct 4, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for t...Show more Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote code execution. This problem exists in all versions of Redis with Lua scripting support, starting from 2.6. The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14. For users unable to update an additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.Show less
CVE-2021-36051 2Adobe Debian 2Debian Linux Xmp Toolkit Software Development Kit Nov 3, 2025 Oct 4, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in...Show more XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a specially-crafted .cpp file.Show less
CVE-2021-39863 1Adobe 6Acrobat Acrobat 2017Acrobat Dc+3 more Nov 21, 2024 Sep 29, 2021 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted PDF file. An unauthe...Show more Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less

Previous 1...979899...113 Next