Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CVEs (2,316)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-2447 1Mozilla 2Firefox Thunderbird Apr 13, 2026 Feb 16, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2.
CVE-2025-70122 1Free5gc 1Free5gc Feb 18, 2026 Feb 13, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 A heap buffer overflow vulnerability in the UPF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted PFCP Session Modification Request. The issue occurs in the SDFFilterFields.Un...Show more A heap buffer overflow vulnerability in the UPF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted PFCP Session Modification Request. The issue occurs in the SDFFilterFields.UnmarshalBinary function (sdf-filter.go) when processing a declared length that exceeds the actual buffer capacity, leading to a runtime panic and UPF crash.Show less
CVE-2019-25327 - - Feb 13, 2026 Feb 12, 2026 8.4 HIGH· v4 9.8 CRITICAL· v3 N/A· v2 Prime95 version 29.8 build 6 contains a buffer overflow vulnerability in the user ID input field that allows remote attackers to execute arbitrary code. Attackers can craft a malicious payload and paste it into the Prime...Show more Prime95 version 29.8 build 6 contains a buffer overflow vulnerability in the user ID input field that allows remote attackers to execute arbitrary code. Attackers can craft a malicious payload and paste it into the PrimeNet user ID and proxy host fields to trigger a bind shell on port 3110.Show less
CVE-2026-26011 1Opennav 1Nav2 Feb 23, 2026 Feb 12, 2026 9.3 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 navigation2 is a ROS 2 Navigation Framework and System. In 1.3.11 and earlier, a critical heap out-of-bounds write vulnerability exists in Nav2 AMCL's particle filter clustering logic. By publishing a single crafted geom...Show more navigation2 is a ROS 2 Navigation Framework and System. In 1.3.11 and earlier, a critical heap out-of-bounds write vulnerability exists in Nav2 AMCL's particle filter clustering logic. By publishing a single crafted geometry_msgs/PoseWithCovarianceStamped message with extreme covariance values to the /initialpose topic, an unauthenticated attacker on the same ROS 2 DDS domain can trigger a negative index write (set->clusters[-1]) into heap memory preceding the allocated buffer. In Release builds, the sole boundary check (assert) is compiled out, leaving zero runtime protection. This primitive allows controlled corruption of the heap chunk metadata(at least the size of the heap chunk where the set->clusters is in is controllable by the attacker), potentially leading to further exploitation. At minimum, it provides a reliable single-packet denial of service that kills localization and halts all navigation.Show less
CVE-2025-67433 - - Feb 26, 2026 Feb 12, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service (DoS) via a crafted DATA packet.
CVE-2026-2007 1Postgresql 1Postgresql Feb 20, 2026 Feb 12, 2026 N/A· v4 8.2 HIGH· v3 N/A· v2 Heap buffer overflow in PostgreSQL pg_trgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out t...Show more Heap buffer overflow in PostgreSQL pg_trgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and 18.0 are affected.Show less
CVE-2026-2005 1Postgresql 1Postgresql Feb 20, 2026 Feb 12, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are af...Show more Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.Show less
CVE-2026-2314 1Google 1Chrome Feb 13, 2026 Feb 11, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap buffer overflow in Codecs in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-57709 1Qnap 1Qsync Central Feb 12, 2026 Feb 11, 2026 1.3 LOW· v4 8.1 HIGH· v3 N/A· v2 A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed th...Show more A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and laterShow less
CVE-2025-52870 1Qnap 1Qsync Central Feb 12, 2026 Feb 11, 2026 0.6 LOW· v4 8.1 HIGH· v3 N/A· v2 A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed th...Show more A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and laterShow less
CVE-2025-52869 1Qnap 1Qsync Central Feb 12, 2026 Feb 11, 2026 0.6 LOW· v4 8.1 HIGH· v3 N/A· v2 A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed th...Show more A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and laterShow less
CVE-2025-52868 1Qnap 1Qsync Central Feb 11, 2026 Feb 11, 2026 0.6 LOW· v4 8.1 HIGH· v3 N/A· v2 A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed th...Show more A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and laterShow less
CVE-2025-48724 1Qnap 1Qsync Central Feb 11, 2026 Feb 11, 2026 0.6 LOW· v4 8.1 HIGH· v3 N/A· v2 A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed th...Show more A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and laterShow less
CVE-2025-48723 1Qnap 1Qsync Central Feb 11, 2026 Feb 11, 2026 0.6 LOW· v4 8.1 HIGH· v3 N/A· v2 A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed th...Show more A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and laterShow less
CVE-2026-25646 1Libpng 1Libpng Feb 13, 2026 Feb 10, 2026 8.3 HIGH· v4 8.1 HIGH· v3 N/A· v2 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quant...Show more LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported by the user's display, certain palettes will cause the function to enter into an infinite loop that reads past the end of an internal heap-allocated buffer. The images that trigger this vulnerability are valid per the PNG specification. This vulnerability is fixed in 1.6.55.Show less
CVE-2026-21358 1Adobe 1Indesign Feb 11, 2026 Feb 10, 2026 N/A· v4 5.5 MEDIUM· v3 N/A· v2 InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnerability to crash the...Show more InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2026-21357 1Adobe 1Indesign Feb 11, 2026 Feb 10, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue r...Show more InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2026-21259 1Microsoft 5365 Apps ExcelOffice+2 more Feb 11, 2026 Feb 10, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.
CVE-2026-21248 1Microsoft 12Windows 10 1607 Windows 10 1809Windows 10 21h2+9 more Feb 11, 2026 Feb 10, 2026 N/A· v4 7.3 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
CVE-2026-21247 1Microsoft 12Windows 10 1607 Windows 10 1809Windows 10 21h2+9 more Feb 11, 2026 Feb 10, 2026 N/A· v4 7.3 HIGH· v3 N/A· v2 Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.

Previous 1...192021...116 Next