Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CVEs (2,312)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-49697 1Microsoft 4365 Apps OfficeOffice Long Term Servicing Channel+1 more Jul 15, 2025 Jul 8, 2025 N/A· v4 8.4 HIGH· v3 N/A· v2 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49696 1Microsoft 3365 Apps OfficeOffice Long Term Servicing Channel Jul 15, 2025 Jul 8, 2025 N/A· v4 8.4 HIGH· v3 N/A· v2 Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49691 1Microsoft 13Windows 10 1507 Windows 10 1607Windows 10 1809+10 more Jul 15, 2025 Jul 8, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network.
CVE-2025-49683 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Jul 15, 2025 Jul 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.
CVE-2025-49676 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 15, 2025 Jul 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49674 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 15, 2025 Jul 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49673 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 15, 2025 Jul 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49672 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 15, 2025 Jul 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49670 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 15, 2025 Jul 8, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49669 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 15, 2025 Jul 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49668 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 15, 2025 Jul 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49666 1Microsoft 5Windows Server 2016 Windows Server 2019Windows Server 2022+2 more Jul 15, 2025 Jul 8, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network.
CVE-2025-49663 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Aug 25, 2025 Jul 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49657 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 15, 2025 Jul 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-48824 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 15, 2025 Jul 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-48805 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Jul 15, 2025 Jul 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
CVE-2025-47998 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jul 15, 2025 Jul 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-47987 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Jul 14, 2025 Jul 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.
CVE-2025-47981 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Sep 26, 2025 Jul 8, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.
CVE-2025-50130 - - Jul 8, 2025 Jul 8, 2025 8.4 HIGH· v4 7.8 HIGH· v3 N/A· v2 A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. Opening V9 files or X1 files specially crafted by an attacker on the affected product may...Show more A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. Opening V9 files or X1 files specially crafted by an attacker on the affected product may lead to arbitrary code execution.Show less

Previous 1...373839...116 Next