CWE-122: Heap-based Buffer Overflow

A buffer overflow vulnerability in IBM Semeru Runtime's native AES/CBC encryption implementation allows attackers to cause denial of service through a...

CVE-2025-3712 is a heap-based buffer overflow vulnerability in LCD KVM over IP Switch CL5708IM firmware that allows unauthenticated remote attackers t...

A heap-based buffer overflow vulnerability in RT-Labs P-Net library allows attackers to crash industrial control system IO devices by sending maliciou...

A heap-based buffer overflow vulnerability in RT-Labs P-Net library allows attackers to crash industrial control system devices by sending malicious R...

A heap-based buffer overflow vulnerability in Juniper Networks Junos OS flexible PIC concentrator (FPC) allows attackers to send specific DHCP packets...

A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allows remote unauthenticated attackers to execute arbi...

A heap buffer overflow vulnerability exists in the smooth2() function of lcms2-2.16's cmsgamma.c file. This could allow remote attackers to cause deni...

This vulnerability is a heap-based buffer overflow in Windows Core Messaging that allows an authenticated attacker to execute arbitrary code with elev...

A heap overflow vulnerability in OpenH264 video codec library allows remote attackers to crash applications or potentially execute arbitrary code by t...

This .NET vulnerability allows remote attackers to execute arbitrary code on affected systems by exploiting a heap-based buffer overflow. It affects s...

This CVE describes a heap-based buffer overflow vulnerability in .NET and Visual Studio that could allow remote code execution. Attackers could exploi...

This vulnerability allows attackers to cause a heap-based buffer overflow in Zephyr RTOS Bluetooth Object Transfer Service (OTS) client by sending mal...

A heap-based buffer overflow vulnerability in Juniper Networks Junos OS telemetry sensor process (sensord) causes memory leaks when specific telemetry...

CVE-2024-35434 is a heap buffer overflow vulnerability in Irontec Sngrep v1.8.1's RTP packet processing function. Attackers can exploit this by sendin...

This heap overflow vulnerability in libvpx allows attackers to execute arbitrary code or cause denial of service by encoding VP9 video frames with dim...

This vulnerability in xmllint (part of libxml2) allows attackers to trigger a buffer over-read when formatting error messages with the --htmlout flag....

IBM MQ Appliance 9.3 CD and LTS have a heap-based buffer overflow vulnerability due to improper bounds checking. Remote authenticated attackers can ex...

CVE-2024-28896 is a Secure Boot security feature bypass vulnerability that allows an attacker with physical access or administrative privileges to byp...

A heap-based buffer overflow in the logger_generic function of the Ax_rtu binary allows remote authenticated attackers to cause memory corruption, pot...

This vulnerability in Microsoft ODBC Driver allows remote attackers to execute arbitrary code on affected systems by sending specially crafted request...

An out-of-bounds write vulnerability in grub2's NTFS filesystem driver allows attackers to corrupt heap metadata by presenting a specially crafted NTF...

CVE-2023-5344 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 9.0.1969. Attackers can exploit this by tricking user...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems via specially crafted Bluetooth packets. Attackers can exploit...

This vulnerability allows remote code execution on systems using Microsoft's Protected Extensible Authentication Protocol (PEAP) for network authentic...

This vulnerability in NHI's health insurance web service allows remote attackers to cause a heap-based buffer overflow by sending overly long input st...

A heap-based buffer overflow vulnerability in multiple Mitsubishi Electric industrial automation software products allows remote unauthenticated attac...

A heap overflow vulnerability in FactoryTalk Linx versions 6.11 and earlier allows remote unauthenticated attackers to send malicious set attribute re...

A heap buffer overflow vulnerability in QEMU's virtio-snd device allows attackers to write beyond allocated memory boundaries when processing audio in...

CVE-2024-32619 is a heap-based buffer overflow vulnerability in the HDF5 library's H5T_copy_reopen function that can corrupt the instruction pointer, ...

CVE-2024-32613 is a heap-based buffer over-read vulnerability in the HDF5 library's H5HL__fl_deserialize function. This allows attackers to read memor...

This CVE describes a heap buffer overflow vulnerability in HDF5 library versions through 1.14.3. Attackers can exploit this to corrupt the instruction...

This vulnerability in Redis allows authenticated users to trigger a heap overflow by executing specially crafted COMMAND GETKEYS or COMMAND GETKEYSAND...

This vulnerability allows an attacker with local access to exploit a heap-based buffer overflow in Windows Bluetooth drivers to execute arbitrary code...

This vulnerability in the Quram Agif library allows attackers to execute arbitrary code due to improper boundary checking. It affects Samsung mobile d...

A heap-based buffer overflow vulnerability in Windows Hyper-V allows authenticated attackers to execute arbitrary code on the host system. This affect...

A heap-based buffer overflow vulnerability in the image module allows attackers to crash affected systems, potentially causing denial of service. This...

A heap-based buffer overflow vulnerability in Azure Monitor Agent allows unauthorized local attackers to execute arbitrary code on affected systems. T...

This vulnerability in GIMP allows attackers to trigger heap buffer overflows by tricking users into opening specially crafted TGA image files. The fla...

A heap-based buffer overflow vulnerability in giflib's gif2rgb utility allows attackers to execute arbitrary code or cause denial of service by proces...

A heap buffer overflow vulnerability exists in lcms2-2.16's UnrollChunkyBytes function in cmspack.c, which handles color space transformations. This c...

This critical vulnerability in MicroPython 1.23.0 allows remote attackers to execute arbitrary code or cause denial of service via a heap-based buffer...

A critical heap-based buffer overflow vulnerability exists in c-blosc2's ndlz8_decompress function, allowing remote attackers to execute arbitrary cod...

CVE-2024-2212 is a heap buffer overflow vulnerability in Eclipse ThreadX's FreeRTOS compatibility layer. Missing parameter checks in xQueueCreate() an...

CVE-2024-20696 is a heap-based buffer overflow vulnerability in Windows libarchive that allows remote attackers to execute arbitrary code by tricking ...

A heap buffer overflow vulnerability in Samsung Notes' libSPenBase library allows attackers to execute arbitrary code on affected devices. This affect...

This vulnerability in Microsoft Windows Performance Data Helper Library allows remote attackers to execute arbitrary code on affected systems by sendi...

A heap-based buffer overflow vulnerability in Realtek rtl819x Jungle SDK allows arbitrary code execution when processing malicious .dat configuration ...

A heap-based buffer overflow vulnerability in Dell PowerEdge Server BIOS allows local high-privileged attackers to write to unauthorized memory. This ...

This vulnerability allows remote attackers to execute arbitrary code on Windows Active Directory Certificate Services (AD CS) servers by sending speci...

A heap-based buffer overflow vulnerability in Intel SoC Watch software allows privileged users to potentially escalate privileges via local access. Th...