Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CVEs (2,313)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-53720 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Aug 18, 2025 Aug 12, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVE-2025-53155 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Aug 18, 2025 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
CVE-2025-53149 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Sep 29, 2025 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-53131 1Microsoft 10Windows 10 1809 Windows 10 21h2Windows 10 22h2+7 more Aug 19, 2025 Aug 12, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
CVE-2025-50176 1Microsoft 6Windows 11 22h2 Windows 11 23h2Windows 11 24h2+3 more Aug 19, 2025 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally.
CVE-2025-50168 1Microsoft 5Windows 11 22h2 Windows 11 23h2Windows 11 24h2+2 more Aug 19, 2025 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2025-50164 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Aug 14, 2025 Aug 12, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVE-2025-50163 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Aug 14, 2025 Aug 12, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-50162 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Aug 14, 2025 Aug 12, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVE-2025-50161 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Aug 14, 2025 Aug 12, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2025-50160 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Aug 14, 2025 Aug 12, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVE-2025-50155 1Microsoft 14Windows 10 1507 Windows 10 1607Windows 10 1809+11 more Aug 14, 2025 Aug 12, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2025-49757 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Aug 19, 2025 Aug 12, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-5462 1Ivanti 4Connect Secure Neurons For Secure AccessPolicy Secure+1 more Sep 23, 2025 Aug 12, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 A heap-based buffer overflow in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix depl...Show more A heap-based buffer overflow in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote unauthenticated attacker to trigger a denial of service.Show less
CVE-2025-54878 1Nasa 1Cryptolib Aug 27, 2025 Aug 11, 2025 N/A· v4 8.6 HIGH· v3 N/A· v2 CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a groun...Show more CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version 1.4.0 and prior in the IV setup logic for telecommand frames. The problem arises from missing bounds checks when copying the Initialization Vector (IV) into a freshly allocated buffer. An attacker can supply a crafted TC frame that causes the library to write one byte past the end of the heap buffer, leading to heap corruption and undefined behaviour. An attacker supplying a malformed telecommand frame can corrupt heap memory. This leads to undefined behaviour, which could manifest itself as a crash (denial of service) or more severe exploitation. This issue has been patched in version 1.4.0.Show less
CVE-2025-8843 1Nasm 1Netwide Assembler Apr 29, 2026 Aug 11, 2025 1.9 LOW· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach...Show more A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-54951 - - Aug 12, 2025 Aug 7, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A group of related buffer overflow vulnerabilities in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch p...Show more A group of related buffer overflow vulnerabilities in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit cea9b23aa8ff78aff92829a466da97461cc7930c.Show less
CVE-2025-54949 - - Aug 12, 2025 Aug 7, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A heap buffer overflow vulnerability in the loading of ExecuTorch models can potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit ede82493dae6d2d43f8c424e7be472...Show more A heap buffer overflow vulnerability in the loading of ExecuTorch models can potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit ede82493dae6d2d43f8c424e7be4721abe5242beShow less
CVE-2025-3354 1Ibm 1Tivoli Monitoring Aug 13, 2025 Aug 6, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the...Show more IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.Show less
CVE-2025-3320 1Ibm 1Tivoli Monitoring Aug 13, 2025 Aug 6, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the...Show more IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.Show less

Previous 1...343536...116 Next