Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CVEs (2,307)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-22880 1Deltaww 1Cncsoft G2 Jul 11, 2025 Feb 7, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker...Show more Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.Show less
CVE-2023-40222 1Ashlar 1Cobalt Sep 16, 2025 Feb 4, 2025 8.4 HIGH· v4 7.8 HIGH· v3 N/A· v2 In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks proper validation of user-supplied data when parsing CO files. This could lead to a heap-based buffer overflow. An attack...Show more In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks proper validation of user-supplied data when parsing CO files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.Show less
CVE-2025-0870 1Axiosys 1Bento4 Feb 28, 2025 Jan 30, 2025 6.3 MEDIUM· v4 5.9 MEDIUM· v3 5.1 MEDIUM· v2 A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-...Show more A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.Show less
CVE-2025-0662 - - Feb 7, 2025 Jan 30, 2025 N/A· v4 4.9 MEDIUM· v3 N/A· v2 In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is sho...Show more In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of kernel memory being copied out to userspace. It is possible for an unprivileged userspace program to leak 14 bytes of a kernel heap allocation to userspace.Show less
CVE-2025-0753 1Axiosys 1Bento4 Feb 28, 2025 Jan 27, 2025 6.9 MEDIUM· v4 6.5 MEDIUM· v3 7.5 HIGH· v2 A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based...Show more A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-0751 1Axiosys 1Bento4 Feb 28, 2025 Jan 27, 2025 6.9 MEDIUM· v4 6.5 MEDIUM· v3 7.5 HIGH· v2 A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of the component mp42aac. The manipulation leads to heap-based buffer overflow. It...Show more A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-50698 1Sungrowpower 1Winet S Firmware May 29, 2025 Jan 24, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to heap-based buffer overflow due to bounds checks of the MQTT message content.
CVE-2019-15690 - - Jan 24, 2025 Jan 24, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, whi...Show more LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution.Show less
CVE-2024-55192 1Openimageio 1Openimageio Feb 5, 2025 Jan 23, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*).
CVE-2025-0611 1Google 1Chrome Apr 18, 2025 Jan 22, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-20128 2Cisco Clamav 3Clamav Secure EndpointSecure Endpoint Private Cloud Nov 3, 2025 Jan 22, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulner...Show more A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the . Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.Show less
CVE-2023-50739 - - Jan 18, 2025 Jan 18, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.
CVE-2024-12084 8Almalinux ArchlinuxGentoo+5 more 8Almalinux Arch LinuxEnterprise Linux+5 more Nov 3, 2025 Jan 15, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16...Show more A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.Show less
CVE-2025-0434 1Google 1Chrome Apr 21, 2025 Jan 15, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-10254 - - Jan 14, 2025 Jan 14, 2025 N/A· v4 4.7 MEDIUM· v3 N/A· v2 A potential buffer overflow vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash.
CVE-2024-10253 - - Jan 14, 2025 Jan 14, 2025 N/A· v4 4.7 MEDIUM· v3 N/A· v2 A potential TOCTOU vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash.
CVE-2025-21139 1Adobe 1Substance 3d Designer Jan 21, 2025 Jan 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue req...Show more Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2025-21137 1Adobe 1Substance 3d Designer Jan 21, 2025 Jan 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue req...Show more Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2025-21129 1Adobe 1Substance 3d Stager Jan 17, 2025 Jan 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Substance3D - Stager versions 3.0.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requ...Show more Substance3D - Stager versions 3.0.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2025-21417 1Microsoft 15Windows 10 1507 Windows 10 1607Windows 10 1809+12 more Jan 16, 2025 Jan 14, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Windows Telephony Service Remote Code Execution Vulnerability

Previous 1...484950...116 Next