CWE-122: Heap-based Buffer Overflow

CVE-2024-29157 is a critical heap buffer overflow vulnerability in HDF5 library versions through 1.14.3. Attackers can exploit this to corrupt the ins...

CVE-2024-34249 is a heap buffer overflow vulnerability in wasm3 WebAssembly runtime v0.5.0 that can cause segmentation faults and potentially allow ar...

CVE-2023-26793 is a critical heap-based buffer overflow vulnerability in libmodbus v3.1.10's read_io_status function that allows remote attackers to e...

A buffer overflow vulnerability in Wazuh Manager's analysisd component allows remote code execution when processing Unicode characters from Windows Ev...

A heap overflow vulnerability in the WLAvalancheService component of Ivanti Avalanche allows remote unauthenticated attackers to execute arbitrary com...

This is a critical heap overflow vulnerability in Ivanti Avalanche's WLInfoRailService component that allows unauthenticated remote attackers to execu...

CVE-2024-22857 is a critical heap buffer overflow vulnerability in zlog logging library versions 1.1.0 through 1.2.17. An attacker can exploit this to...

A heap-based buffer overflow vulnerability in libbiosig's .egi file parser allows arbitrary code execution when processing malicious files. This affec...

This vulnerability allows attackers to execute arbitrary code or read sensitive data by tricking users into opening malicious MODEL files in AutoCAD. ...

A heap-based buffer overflow vulnerability in radare2 versions prior to 5.9.0 allows attackers to execute arbitrary code or cause denial of service. T...

CVE-2022-46289 is a critical out-of-bounds write vulnerability in Open Babel's ORCA format parser that allows arbitrary code execution when processing...

CVE-2022-48512 is a critical Use After Free vulnerability in Huawei's Vdecoderservice that allows attackers to execute arbitrary code or cause denial ...

This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted PGM (Pragmatic General M...

A heap-based buffer overflow vulnerability in Fortinet's SSL-VPN implementation allows remote attackers to execute arbitrary code via crafted requests...

A buffer overflow vulnerability in the CPCA Resource Download process of Canon multifunction printers allows network attackers to crash devices or exe...

This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted PGM (Pragmatic General M...

CVE-2022-43634 is a critical heap-based buffer overflow vulnerability in Netatalk's dsi_writeinit function that allows unauthenticated remote attacker...

This CVE describes a heap-based buffer overflow vulnerability in TensorFlow that allows attackers to access memory outside user-controlled bounds. Thi...

This critical vulnerability allows remote attackers to execute arbitrary code on affected systems by sending specially crafted ICMP packets. It affect...

This vulnerability allows remote attackers to execute arbitrary code on systems running Microsoft's Protected Extensible Authentication Protocol (PEAP...

This critical vulnerability in Microsoft's Protected Extensible Authentication Protocol (PEAP) allows remote attackers to execute arbitrary code on af...

CVE-2022-1253 is a heap-based buffer overflow vulnerability in libde265, an open-source H.265/HEVC video codec implementation. This vulnerability allo...

CVE-2022-0631 is a heap-based buffer overflow vulnerability in mruby (a lightweight Ruby implementation) that allows attackers to execute arbitrary co...

CVE-2022-0318 is a heap-based buffer overflow vulnerability in Vim text editor versions prior to 8.2. This allows attackers to execute arbitrary code ...

CVE-2022-0080 is a heap-based buffer overflow vulnerability in mruby, a lightweight implementation of the Ruby programming language. Attackers can exp...

A missing bounds check in WhatsApp's image blurring code allows an attacker to trigger an out-of-bounds write by sending a malicious image. This could...

CVE-2021-3756 is a heap-based buffer overflow vulnerability in libmysofa, a library for reading HRTF (Head-Related Transfer Function) SOFA files. Atta...

This vulnerability allows remote code execution via a heap-based buffer overflow when processing specially crafted XMI files in Xmill 0.7. Attackers c...

CVE-2021-21810 is a critical heap buffer overflow vulnerability in Xmill 0.7's XML parser that allows attackers to execute arbitrary code or cause den...

CVE-2021-21829 is a critical heap-based buffer overflow vulnerability in Xmill 0.7's XML decompression functionality that allows remote code execution...

This CVE describes an integer overflow vulnerability in Facebook's folly library that affects HHVM. An attacker can pass a controlled size when creati...

A heap-based buffer overflow vulnerability in Accusoft ImageGear's PSD parsing allows remote code execution when processing malicious files. This affe...

CVE-2021-26691 is a critical heap overflow vulnerability in Apache HTTP Server that allows remote attackers to execute arbitrary code or cause denial ...

This vulnerability in Siemens SCALANCE industrial switches allows attackers to send specially crafted POST requests that cause heap memory corruption....

This vulnerability allows remote attackers to execute arbitrary code on affected OPC UA Tunneller systems through a heap-based buffer overflow. Attack...

A heap overflow vulnerability in the webserver of Siemens SCALANCE X-200 and X-300 industrial switches allows remote attackers to crash the webserver ...

A heap overflow vulnerability in FactoryTalk Linx versions 6.11 and earlier allows remote, unauthenticated attackers to send malicious port ranges tha...

CVE-2021-3625 is a heap-based buffer overflow vulnerability in Zephyr RTOS's USB Device Firmware Upgrade (DFU) DNLOAD functionality. This allows attac...

A heap overflow vulnerability in CryptoLib's TM protocol processing allows attackers to trigger arbitrary memory overwrites by sending specially craft...

Squid caching proxy versions 6.3 and below contain a heap buffer overflow vulnerability in URN processing that could allow remote attackers to execute...

CVE-2025-62608 is a heap buffer overflow vulnerability in MLX's load() function when parsing malicious NumPy .npy files. Attackers can trigger a 13-by...

A heap-buffer-overflow read vulnerability in PCRE2 library version 10.45 allows attackers to read out-of-bounds memory when processing specific regula...

NVIDIA Triton Inference Server's HTTP server has a heap-based buffer overflow vulnerability (CWE-122) that allows attackers to execute arbitrary code ...

This vulnerability allows attackers to execute arbitrary code or cause denial of service by exploiting a heap-based buffer overflow in OpenEXR image p...

CVE-2023-5908 is a buffer overflow vulnerability in KEPServerEX that could allow attackers to crash the software or leak sensitive information. This a...

CVE-2022-31003 is a heap-based buffer overflow vulnerability in Sofia-SIP library's SDP parsing that allows out-of-bounds memory writes. Attackers can...

A heap-based buffer overflow vulnerability in multiple industrial OPC UA server products allows attackers to crash servers and potentially leak data b...

A heap-based buffer overflow and out-of-bounds read vulnerability in Avast Antivirus for macOS allows local attackers to execute arbitrary code or cau...

This critical vulnerability allows remote attackers to execute arbitrary code with root privileges on affected Cisco devices. Unauthenticated attacker...

CVE-2023-29125 is a heap buffer overflow vulnerability in TCP port 7700 services that allows remote attackers to execute arbitrary code or cause denia...