CWE-122: Heap-based Buffer Overflow

A heap-based buffer overflow vulnerability in Dell PowerEdge Server BIOS allows local high-privileged attackers to write to unauthorized memory. This ...

This vulnerability allows remote attackers to execute arbitrary code on Windows Active Directory Certificate Services (AD CS) servers by sending speci...

A heap-based buffer overflow vulnerability in Intel SoC Watch software allows privileged users to potentially escalate privileges via local access. Th...

CVE-2023-28254 is a heap-based buffer overflow vulnerability in Windows DNS Server that allows remote attackers to execute arbitrary code with SYSTEM ...

CVE-2025-64784 is a heap-based buffer overflow vulnerability in DNG SDK versions 1.7.0 and earlier, allowing attackers to disclose sensitive memory in...

A heap buffer overflow vulnerability in libpng's simplified API allows attackers to execute arbitrary code or cause denial of service by crafting mali...

A heap buffer overflow vulnerability in Chrome's video processing component allows remote attackers to execute arbitrary code via a malicious HTML pag...

A heap buffer overflow vulnerability in Kitware VTK's GLTF file parser allows attackers to execute arbitrary code or cause denial of service by provid...

This CVE describes a heap buffer overflow vulnerability in the Python Pillow library when saving large DDS format images. Attackers could potentially ...

A heap-based buffer overflow vulnerability in RTI Connext Professional Core Libraries allows attackers to overflow variables and tags, potentially lea...

This vulnerability allows remote code execution when a user opens a specially crafted Excel file. Attackers could exploit this to run arbitrary code w...

A heap-based buffer overflow vulnerability in AXIS A1001's OSDP communication handler allows attackers to write data beyond allocated memory boundarie...

This CVE describes a heap buffer overflow vulnerability in Dell BIOS that allows a local attacker with administrative privileges to perform arbitrary ...

CVE-2022-1437 is a heap-based buffer overflow vulnerability in radare2 reverse engineering framework versions prior to 5.7.0. This allows attackers to...

CVE-2022-0713 is a heap-based buffer overflow vulnerability in radare2 reverse engineering framework versions prior to 5.6.4. Attackers can exploit th...

CVE-2020-27752 is a heap buffer overflow vulnerability in ImageMagick's quantum-private.h component. Attackers can exploit this by submitting crafted ...

A heap-based buffer overflow vulnerability in Exim mail servers with certain non-default rate-limit configurations allows remote attackers to potentia...

A heap-based buffer overflow vulnerability in Microsoft Graphics Component allows authenticated attackers to execute arbitrary code with elevated priv...

CVE-2025-49727 is a heap-based buffer overflow vulnerability in the Windows Win32K graphics subsystem that allows an authenticated attacker to execute...

This is a Windows Core Messaging elevation of privilege vulnerability that allows authenticated attackers to gain SYSTEM-level privileges on affected ...

This vulnerability in Windows Core Messaging allows attackers to escalate privileges on affected systems. It affects Windows operating systems and req...

This CVE describes an integer overflow vulnerability in RediSearch, a Redis module for querying and full-text search. Authenticated Redis users can tr...

This vulnerability in RedisTimeSeries allows authenticated users to trigger an integer overflow and heap overflow by sending specially crafted argumen...

A buffer overflow vulnerability in Dell Digital Delivery allows local low-privileged attackers to execute arbitrary code or escalate privileges. This ...

CVE-2022-36764 is a heap buffer overflow vulnerability in EDK2's Tcg2MeasurePeImage() function that allows local network attackers to potentially exec...

A heap buffer overflow vulnerability exists in ClickHouse's T64 codec decompression logic. Unauthenticated attackers can send specially crafted payloa...

This vulnerability in Perl allows an attacker to trigger a heap buffer overflow by providing a malicious regular expression. Systems running affected ...

CVE-2022-24834 is a heap overflow vulnerability in Redis's cjson library that can be triggered via specially crafted Lua scripts. This can lead to hea...

This vulnerability allows remote attackers to execute arbitrary code on affected systems by exploiting a heap-based buffer overflow in Microsoft Activ...

This vulnerability in the Windows Ancillary Function Driver for WinSock allows attackers to escalate privileges from a low-privileged user account to ...

A heap-based buffer overflow vulnerability in Zephyr RTOS's eswifi SPI driver allows attackers to corrupt kernel memory by sending malformed SPI respo...

A buffer overflow vulnerability in the HDC module allows attackers to crash affected systems, potentially causing denial of service. This affects Huaw...

A heap corruption vulnerability in the Advantech TP-3250 printer driver allows attackers with local access to cause application crashes or potentially...

A heap-based buffer overflow vulnerability in ABB Terra AC wallbox charging stations allows attackers to execute arbitrary code or cause denial of ser...

This vulnerability in the DFA module allows attackers to cause denial of service by exploiting insufficient data length verification. It affects Huawe...

This vulnerability in NVIDIA's nvJPEG2000 library allows attackers to execute arbitrary code or tamper with data by sending specially crafted JPEG2000...

This vulnerability allows authenticated administrators on Cisco Small Business routers to send crafted HTTP requests that cause the device to unexpect...

This vulnerability in the Windows Mobile Broadband Driver allows attackers to execute arbitrary code remotely on affected systems. It affects Windows ...

A heap-based buffer overflow vulnerability in Windows Virtualization-Based Security (VBS) Enclave allows authenticated attackers to execute arbitrary ...

This CVE describes an out-of-bounds write vulnerability in MediaTek wlan AP drivers that could allow local privilege escalation. Attackers with initia...

This is a heap-based buffer overflow vulnerability in Parallels Desktop's Toolgate component that allows local attackers to escalate privileges. Attac...

A heap buffer overflow vulnerability in Vim's tag file resolution logic allows attackers to execute arbitrary code or crash the application by exploit...

CVE-2026-21504 is a heap buffer overflow vulnerability in the ToneMap parser of iccDEV color management libraries. This allows attackers to execute ar...

This vulnerability in Windows Wireless Wide Area Network Service (WwanSvc) allows attackers to escalate privileges from a lower-privileged account to ...

ImageMagick versions before 7.1.2-15 and 6.9.13-40 contain an out-of-bounds read vulnerability when processing Huffman-coded data in PCD files due to ...

An integer overflow vulnerability in ImageMagick's SUN decoder allows attackers to trigger an out-of-bounds heap write on 32-bit systems. This can pot...

An integer underflow vulnerability in TeamViewer DEX Client's UDP command handler allows adjacent network attackers to trigger heap-based buffer overf...

CVE-2026-24829 is a heap-based buffer overflow vulnerability in Is-Daouda's is-Engine software that allows attackers to write data beyond allocated me...

A heap overflow vulnerability in GPAC's AVI file parser allows attackers to cause denial of service by providing a specially crafted AVI file. This af...

A heap overflow vulnerability in Live555 Streaming Media allows attackers to cause denial of service by supplying a specially crafted MKV file. This a...