CWE-122: Heap-based Buffer Overflow

A buffer overflow vulnerability in MongoDB's C driver library (libbson) allows attackers to cause segmentation faults and application crashes by creat...

A heap-based buffer overflow vulnerability in Assimp versions before 5.4.3 allows local attackers to execute arbitrary code by importing a specially c...

A heap-based buffer overflow vulnerability in 7-Zip's NTFS handler allows attackers to write two bytes beyond allocated buffer boundaries when process...

A heap buffer overflow vulnerability in the dfs_v2 dfs_file component of RT-Thread allows attackers to execute arbitrary code or cause denial of servi...

A heap buffer overflow vulnerability in RT-Thread's command shell components allows attackers to execute arbitrary code or cause denial of service. Th...

CVE-2024-27209 is a heap buffer overflow vulnerability in Android that allows local privilege escalation without user interaction. Attackers can explo...

A heap-based buffer overflow in glibc's syslog functions allows attackers to crash applications or potentially escalate privileges locally. This affec...

This vulnerability in AMI's SPx BMC allows attackers on adjacent networks to trigger heap memory corruption via CWE-122 (Heap-based Buffer Overflow). ...

This vulnerability in AMI's SPx BMC allows attackers on adjacent networks to cause heap memory corruption, potentially leading to remote code executio...

This vulnerability in ImageMagick allows attackers to trigger an integer overflow when processing large UHDR images, leading to heap buffer overflow a...

This vulnerability allows local attackers to trigger an out-of-bounds write in BitVisor's VirtIO network device emulation, potentially causing hypervi...

CVE-2025-1943 is a heap-based buffer overflow vulnerability in Firefox and Thunderbird that could allow memory corruption. Attackers could potentially...

A heap-based buffer overflow vulnerability in BMC firmware for specific Intel server boards allows privileged users to escalate privileges via local a...

This vulnerability in Chrome's V8 JavaScript engine allows object corruption that could lead to heap corruption when processing malicious HTML pages. ...

CVE-2023-39946 is a heap overflow vulnerability in eprosima Fast DDS that allows remote attackers to crash any Fast-DDS process by sending a specially...

This CVE describes a heap-based buffer overflow vulnerability in the USB device class implementation in Zephyr RTOS. Attackers could exploit this to e...

This is a heap-based buffer overflow vulnerability in Parallels Desktop's IDE virtual device that allows local attackers with high-privileged code exe...

A heap-based buffer overflow vulnerability in libbiosig's Nicolet WFT file parser allows arbitrary code execution when processing malicious .wft files...

A buffer overflow vulnerability in Qsync Central allows authenticated remote attackers to modify memory or crash processes. This affects all Qsync Cen...

A heap buffer overflow vulnerability in ImageMagick's XBM image decoder allows attackers to write controlled data beyond allocated memory boundaries w...

A heap-based buffer overflow vulnerability in multiple Fortinet products allows attackers to execute arbitrary code or commands via specially crafted ...

A heap-based buffer overflow vulnerability in Avast Antivirus for macOS allows local attackers to execute arbitrary code or cause denial of service by...

A heap buffer overflow vulnerability in Google Chrome's Sync component allows remote attackers to perform out-of-bounds memory reads via a crafted HTM...

CVE-2025-3320 is a heap-based buffer overflow vulnerability in IBM Tivoli Monitoring that allows remote attackers to execute arbitrary code or crash t...

This vulnerability allows remote attackers to execute arbitrary code on Windows systems running vulnerable LDAP implementations. Attackers can exploit...

CVE-2024-6873 is a heap-based buffer overflow vulnerability in ClickHouse's native interface that allows unauthenticated attackers to crash the server...

This vulnerability in Windows Cryptographic Services allows remote attackers to execute arbitrary code on affected systems by sending specially crafte...

CVE-2023-5400 is a heap overflow vulnerability in Honeywell products where a malformed message with specific key values can cause memory corruption. T...

A heap buffer overflow vulnerability exists in texlive-bin's ttfdump tool via the ttfLoadHDMX function. Attackers can exploit this by providing a spec...

CVE-2022-26098 is a heap-based buffer overflow vulnerability in the sheifd_create function of Samsung's libsimba library that allows remote attackers ...

A heap-based buffer overflow vulnerability in the parser_iloc function of Samsung's libsimba library allows remote attackers to execute arbitrary code...

This vulnerability allows remote attackers to execute arbitrary code on affected Samsung devices through a heap-based buffer overflow in the libsimba ...

A heap-based buffer overflow vulnerability in the parser_ipma function of Samsung's libsimba library allows remote attackers to execute arbitrary code...

CVE-2021-21962 is a heap-based buffer overflow vulnerability in the OTA Update functionality of Sealevel Systems SeaConnect 370W. Attackers can exploi...

This vulnerability is a heap-based buffer overflow in the SuiteLink server when processing commands 0x05/0x06. It allows remote attackers to execute a...

This vulnerability is a heap-based buffer overflow in dnsmasq before version 2.83 that occurs during DNSSEC validation of RRSets. An attacker who can ...

A heap-based buffer overflow vulnerability in TP-Link Archer AX53 v1.0 routers allows attackers on the same network to crash the device or potentially...

A heap-based buffer overflow vulnerability in TP-Link Archer AX53 v1.0 routers allows authenticated attackers on the same network to crash the device ...

A heap-based buffer overflow vulnerability in TP-Link Archer AX53 v1.0 routers allows authenticated attackers on the same network to crash the device ...

A heap-based buffer overflow vulnerability in TP-Link Archer AX53 v1.0 routers allows authenticated attackers on the same network to crash the device ...

A heap-based buffer overflow in TP-Link Archer AX53 v1.0's tmpserver modules allows authenticated attackers on the same network to crash the device or...

A heap-based buffer overflow in TP-Link Archer AX53 v1.0's tmpserver modules allows authenticated attackers on the same network to crash the device or...

A heap-based buffer overflow vulnerability in TP-Link Archer AX53 v1.0 routers allows authenticated attackers on the same network to crash the device ...

A heap-based buffer overflow vulnerability in TP-Link Archer AX53 v1.0 routers allows authenticated attackers on the same network to crash the device ...

This CVE describes a heap-based buffer overflow in the tmpserver modules of TP-Link Archer AX53 v1.0 routers. Authenticated attackers on the same loca...

This CVE describes a heap buffer overflow vulnerability in the NrmmDecoder component of Android's media framework. An attacker could exploit this to e...

A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allows authenticated attackers to execute arbitrary cod...

A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allows authenticated attackers to execute arbitrary cod...

This CVE describes a critical vulnerability in MediaTek WLAN AP drivers where an incorrect bounds check allows out-of-bounds write. Attackers within w...

A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allows authenticated attackers to execute arbitrary cod...