CWE-122: Heap-based Buffer Overflow

A heap-based buffer overflow vulnerability exists in Tenda AC8V4 routers via the /goform/GetParentControlInfo endpoint when manipulating the 'mac' arg...

This CVE describes a heap-buffer-overflow vulnerability in GnuTLS's certtool utility when parsing template files. An attacker can trigger memory corru...

A null pointer dereference vulnerability in the PDF preview module could cause application crashes or instability when processing malicious PDF files....

A null pointer dereference vulnerability in the PDF preview module could cause application crashes or denial of service. This affects systems using Hu...

A null pointer dereference vulnerability in the PDF preview module could cause application crashes or denial of service. This affects systems running ...

This vulnerability allows attackers to execute arbitrary code or cause denial of service on WINSTAR WN572HP3 devices by exploiting a heap overflow in ...

A buffer overflow vulnerability in Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers allows authenticated users to cause denial of servi...

CVE-2024-38950 is a heap buffer overflow vulnerability in Libde265 v1.0.15 that allows attackers to crash applications via crafted payloads to the __i...

This vulnerability allows a local attacker to execute arbitrary code with Trusted Computing Base (TCB) privileges through a heap buffer overflow in Op...

This vulnerability allows an attacker to write data beyond allocated heap memory boundaries in the pacparser library used by Zscaler Client Connector ...

A critical heap-based buffer overflow vulnerability in FFmpeg's fill_audiodata function allows remote attackers to execute arbitrary code or cause den...

A critical heap-based buffer overflow vulnerability exists in FFmpeg's PNM image decoder (pnm_decode_frame function). Attackers can exploit this remot...

A heap buffer overflow vulnerability in the cp_stored() function of hicolor v0.5.0 allows attackers to cause Denial of Service (DoS) by providing a sp...

A heap buffer overflow vulnerability in the png_quantize() function of hicolor v0.5.0 allows attackers to cause Denial of Service (DoS) by providing a...

A heap buffer over-read vulnerability in iccDEV library versions before 2.3.1.2 allows attackers to potentially leak heap memory contents and cause ap...

A heap buffer overflow vulnerability in iccDEV library's CIccTagLut8::Validate() function allows attackers to execute arbitrary code or cause denial o...

A heap buffer overflow vulnerability in iccDEV library's CIccTagLut16::Validate() function allows attackers to execute arbitrary code or cause denial ...

A buffer overflow vulnerability in iccDEV's CIccTagTextDescription function allows attackers to execute arbitrary code or crash applications by proces...

This vulnerability in Suricata allows an attacker to trigger a large buffer overflow via specially crafted TCP streams, potentially leading to denial ...

This vulnerability in EDK2's PeCoffLoaderRelocateImage() function allows memory corruption via a heap-based buffer overflow when processing specially ...

An unauthenticated remote attacker can bypass security policies or cause denial of service on Cisco IOS XE devices with UTD Snort IPS Engine by sendin...

CVE-2025-40929 is an integer buffer overflow vulnerability in Cpanel::JSON::XS Perl module versions before 4.40. When parsing malicious JSON input, it...

A heap buffer overflow vulnerability exists in OpenJPEG's opj_decompress utility when specific options are used. This can cause application crashes or...

A heap overflow vulnerability in GPAC's ghi_dmx_declare_opid_bin() function allows attackers to cause Denial of Service (DoS) through specially crafte...

A heap overflow vulnerability in GPAC's uncv_parse_config() function allows attackers to cause Denial of Service (DoS) by providing a specially crafte...

A heap overflow vulnerability in GPAC's vorbis_to_intern() function allows attackers to cause Denial of Service (DoS) by processing a malicious .ogg f...

A buffer overflow vulnerability in OpenVPN's ovpn-dco-win kernel driver allows local user processes to send oversized control messages, causing system...

CVE-2025-31177 is a heap buffer overflow vulnerability in gnuplot's utf8_copy_one function that could allow attackers to execute arbitrary code or cau...

A heap buffer overflow vulnerability in libvips' heifsave operation when processing specially crafted TIFF images with 4 channels. This could cause ap...

A buffer overflow vulnerability in Effectmatrix Total Video Converter Command Line (TVCC) version 2.50 allows attackers to execute arbitrary code or c...

CVE-2024-30066 is a Winlogon elevation of privilege vulnerability in Windows that allows authenticated attackers to gain SYSTEM privileges. This affec...

A heap-based buffer overflow vulnerability in Realtek AmebaD devices' WLAN driver defragment function allows attackers to potentially execute arbitrar...

A heap-based buffer overflow vulnerability in FortiGate's SSL VPN daemon allows remote attackers with valid SSL VPN credentials to crash the service b...

A critical heap-based buffer overflow vulnerability in PJSIP's H.264 unpacketizer allows remote attackers to execute arbitrary code or cause denial of...

This vulnerability in MediaTek wlan AP driver allows local privilege escalation through an out-of-bounds write due to incorrect bounds checking. An at...

This vulnerability in MediaTek wlan AP driver allows local privilege escalation via an out-of-bounds write when a malicious actor already has System p...

A heap-based buffer overflow vulnerability in Dell PowerProtect Data Domain with DD OS allows unauthenticated remote attackers to cause denial of serv...

A heap buffer overflow vulnerability in SharkSSL's TLS server-side handshake implementation allows remote attackers to cause denial-of-service by send...

A heap buffer overflow vulnerability in MongoDB C Driver's bson_string_append function could allow memory corruption when processing BSON strings. Thi...

ImageMagick versions prior to 7.1.2-15 and 6.9.13-40 contain a heap buffer over-read vulnerability when processing raw image formats. Attackers can tr...

CVE-2025-0662 is a kernel memory leak vulnerability in FreeBSD's ktrace facility that allows unprivileged userspace programs to read up to 14 bytes of...

Capstone disassembly framework versions 6.0.0-Alpha5 and prior contain a heap buffer overflow vulnerability in the disassembly path. An attacker can t...

This CVE describes a heap-buffer-overflow vulnerability in Unbound's cfg_mark_ports function that could allow memory corruption. According to the orig...

A Time-of-Check Time-of-Use (TOCTOU) vulnerability in Lenovo PC Manager, Lenovo Browser, and Lenovo App Store could allow a local attacker to cause a ...

A heap buffer overflow vulnerability exists in the user data import/export function of Mercedes Benz NTG 6 head units. Attackers with physical access ...

CVE-2025-47814 is a heap-based buffer overflow vulnerability in GNU PSPP's libpspp-core.a library that occurs when processing specially crafted ZIP fi...

A heap buffer overflow vulnerability in Vim text editor occurs when cursor position becomes invalid and points beyond line boundaries, potentially cau...

This vulnerability in Cisco IOS XE Software allows authenticated local attackers to gain root privileges by exploiting insufficient memory protection ...

This CVE describes an out-of-bounds write vulnerability in MediaTek wlan AP drivers due to incorrect bounds checking. It allows local privilege escala...

A heap-based buffer overflow vulnerability in Fortinet FortiOS allows authenticated attackers to escalate privileges via specially crafted CLI command...