CWE-122: Heap-based Buffer Overflow

A heap buffer overflow vulnerability in UniFi Protect Camera firmware allows remote code execution. Attackers with access to the management network ca...

This critical vulnerability allows remote attackers to execute arbitrary code on systems running Weston Embedded uC-HTTP server by sending specially c...

A heap-based buffer overflow vulnerability in Anker Eufy Homebase 2's RTSP handling allows remote code execution. Attackers can send malicious network...

This critical vulnerability in Cisco Catalyst 9000 wireless controllers allows unauthenticated remote attackers to execute arbitrary code with adminis...

A heap-based buffer overflow vulnerability in libbiosig's Intan CLP parsing allows arbitrary code execution when processing malicious files. This affe...

CVE-2019-25327 is a critical buffer overflow vulnerability in Prime95 version 29.8 build 6 that allows remote attackers to execute arbitrary code by c...

CVE-2020-37162 is a critical buffer overflow vulnerability in Wedding Slideshow Studio 1.36 that allows remote attackers to execute arbitrary code by ...

A heap buffer overflow vulnerability in Fast DDS allows unauthenticated attackers to send a single malformed RTPS DATA_FRAG packet, causing immediate ...

A heap buffer overflow vulnerability in bulk_extractor's embedded unrar code allows attackers to trigger out-of-bounds writes when processing crafted ...

CVE-2026-0793 is a heap-based buffer overflow vulnerability in the InformaCast functionality of ALGO 8180 IP Audio Alerter devices, allowing remote at...

A heap buffer overflow vulnerability in FreeRDP's ClearCodec decode path allows malicious RDP servers to trigger client-side memory corruption. This c...

A heap buffer overflow vulnerability in FreeRDP's ClearCodec decode path allows malicious RDP servers to trigger client-side memory corruption. This a...

A heap buffer overflow vulnerability in FreeRDP client allows malicious RDP servers to trigger client-side memory corruption. This can cause denial of...

FreeRDP clients prior to version 3.21.0 contain a heap buffer overflow vulnerability in the planar bitmap decompression function. A malicious RDP serv...

This CVE describes a heap buffer overflow vulnerability in FreeRDP's ClearCodec implementation. A malicious RDP server can send crafted RDPGFX surface...

This is a critical heap buffer overflow vulnerability in FreeRDP that allows a malicious RDP server to execute arbitrary code on client systems by sen...

This vulnerability in gpsd allows attackers to trigger heap-based out-of-bounds writes by sending specially crafted NMEA2000 PGN 129540 packets with e...

A heap-based memory corruption vulnerability in matio library versions up to 1.5.28 allows attackers to cause out-of-bounds reads and invalid memory f...

A heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 allows remote code execution by sending an excessively large 'meter' para...

A stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2 allows remote attackers to execute arbitrary code through memory ...

A heap-based buffer overflow vulnerability in Ashlar-Vellum CAD software allows attackers to read sensitive memory or execute arbitrary code by sendin...

A heap-based buffer overflow vulnerability in MaLion and MaLionCloud's Windows Security Point component allows remote unauthenticated attackers to exe...

A heap-based buffer overflow vulnerability in Microsoft Graphics Component allows remote attackers to execute arbitrary code on vulnerable systems. Th...

CVE-2025-58447 is a critical heap-based buffer overflow vulnerability in rAthena MMORPG server's login component. Remote attackers can send specially ...

This critical vulnerability in Android's Skia graphics library allows remote attackers to execute arbitrary code with system privileges without user i...

A heap-based buffer overflow vulnerability in Arcserve Unified Data Protection (UDP) allows unauthenticated attackers to send specially crafted input ...

A heap-based buffer overflow vulnerability in libbiosig's Nex file parser allows arbitrary code execution when processing malicious .nex files. This a...

A heap-based buffer overflow vulnerability in libbiosig's ISHNE parsing allows arbitrary code execution when processing malicious ECG annotation files...

A heap-based buffer overflow vulnerability in libbiosig's RHS2000 file parser allows arbitrary code execution when processing malicious files. This af...

A heap-based buffer overflow vulnerability in Windows GDI+ allows remote attackers to execute arbitrary code on affected systems. This vulnerability a...

A heap buffer overflow vulnerability in ExecuTorch's model loading functionality allows attackers to execute arbitrary code or cause denial of service...

Multiple buffer overflow vulnerabilities in ExecuTorch model loading allow attackers to crash the runtime or potentially execute arbitrary code. This ...

A heap-based buffer overflow vulnerability in Windows SPNEGO Extended Negotiation allows unauthenticated attackers to execute arbitrary code remotely ...

This CVE describes a critical Bluetooth driver vulnerability allowing local privilege escalation without user interaction. An attacker with user-level...

A critical buffer overflow vulnerability in ClamAV's PDF scanning allows remote attackers to crash the antivirus service or potentially execute arbitr...

This CVE describes a critical Bluetooth driver vulnerability in MediaTek chipsets where an incorrect bounds check allows out-of-bounds write. Attacker...

CVE-2025-40906 affects BSON::XS versions 0.8.4 and earlier for Perl, which bundle a vulnerable libbson 1.1.7 library containing multiple critical vuln...

A heap-based buffer overflow vulnerability in Apache ORC's C++ LZO decompression logic allows attackers to cause memory corruption by providing specia...

This CVE describes an integer overflow vulnerability in SQLite's concat_ws() function that leads to a heap buffer overflow. Attackers can exploit this...

A critical heap buffer overflow vulnerability in CryptoLib versions 1.3.3 and prior allows attackers to cause denial of service or potentially execute...

A heap-based buffer overflow vulnerability in SunGrow WiNet-SV200 MQTT message processing allows attackers to execute arbitrary code or cause denial o...

A heap-based buffer overflow vulnerability in Siemens industrial software products allows unauthenticated remote attackers to execute arbitrary code. ...

This vulnerability allows a malicious MQTT broker to crash or potentially execute arbitrary code on clients using libmosquitto by sending a specially ...

CVE-2024-38812 is a critical heap-overflow vulnerability in vCenter Server's DCERPC protocol implementation that allows remote code execution. Attacke...

A heap-based buffer overflow vulnerability in Samsung's Escargot JavaScript engine allows attackers to write beyond allocated memory boundaries. This ...

A heap-based buffer overflow vulnerability in Siemens industrial software products allows unauthenticated remote attackers to execute arbitrary code. ...

CVE-2024-32671 is a heap-based buffer overflow vulnerability in Samsung's Escargot JavaScript engine that allows attackers to execute arbitrary code o...

This vulnerability allows unauthenticated attackers to execute arbitrary code on Windows systems running the Remote Desktop Licensing Service. It affe...

A heap-based buffer overflow vulnerability in Fluent Bit's embedded HTTP server allows attackers to corrupt memory by sending specially crafted trace ...

CVE-2024-32621 is a critical heap-based buffer overflow vulnerability in the HDF5 library that allows attackers to corrupt the instruction pointer and...