CWE-122: Heap-based Buffer Overflow

A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allows authenticated attackers to execute arbitrary cod...

A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allows authenticated attackers to execute arbitrary cod...

A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allows authenticated attackers to execute arbitrary cod...

A heap-based buffer overflow vulnerability in Windows Media allows attackers on the same network to execute arbitrary code on vulnerable systems. This...

A heap buffer overflow vulnerability in the image processing component of Volkswagen MIB3 infotainment systems allows attackers to execute arbitrary c...

A heap-based buffer overflow vulnerability in Microsoft Remote Desktop Client allows authenticated attackers to execute arbitrary code remotely by sen...

CVE-2024-46461 is an integer overflow vulnerability in VLC media player that allows denial of service or arbitrary code execution when processing mali...

This Secure Boot vulnerability allows attackers to bypass security features and execute unauthorized code during the boot process. It affects systems ...

This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted packets to the Link Laye...

CVE-2024-30077 is a remote code execution vulnerability in Windows OLE (Object Linking and Embedding) technology. Attackers can exploit this by tricki...

This CVE describes a heap-based buffer overflow vulnerability in BlueZ's Phone Book Access Profile that allows network-adjacent attackers to execute a...

A buffer overflow vulnerability in FFmpeg's config_eq_output function allows local attackers to execute arbitrary code. This affects systems running v...

A buffer overflow vulnerability in FFmpeg's de_stereo component allows local attackers to execute arbitrary code or cause denial of service. This affe...

CVE-2021-3968 is a heap-based buffer overflow vulnerability in Vim text editor that allows attackers to execute arbitrary code by tricking users into ...

CVE-2025-62526 is a heap buffer overflow vulnerability in OpenWrt's ubusd daemon that allows attackers to execute arbitrary code with ubus daemon priv...

This CVE describes a heap-based buffer overflow vulnerability in GIMP's ICNS file parser that allows remote code execution. Attackers can exploit this...

This CVE describes a heap buffer overflow vulnerability in HDF5 software that allows attackers to trigger denial-of-service conditions through special...

This CVE describes a heap-based buffer overflow vulnerability in Adobe InDesign that could allow an attacker to execute arbitrary code with the privil...

A heap-based buffer overflow vulnerability in Microsoft Office Excel allows local attackers to execute arbitrary code with elevated privileges. This a...

A heap-based buffer overflow vulnerability in Microsoft Graphics Component allows authenticated attackers to execute arbitrary code with elevated priv...

A heap-based buffer overflow vulnerability in the Windows Kernel allows authenticated attackers to execute arbitrary code with elevated privileges. Th...

A heap-based buffer overflow vulnerability in the Windows Kernel allows authenticated attackers to execute arbitrary code with elevated privileges. Th...

A heap-based buffer overflow vulnerability in Simcenter Femap and Simcenter Nastran allows attackers to execute arbitrary code by tricking users into ...

A heap-based buffer overflow vulnerability in SOLIDWORKS eDrawings allows attackers to execute arbitrary code when users open malicious EPRT files. Th...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious PSP files in GIMP. The heap-based buffer...

Adobe Bridge versions 15.1.2, 16.0 and earlier contain a heap-based buffer overflow vulnerability that could allow arbitrary code execution when a use...

CVE-2026-21304 is a heap-based buffer overflow vulnerability in Adobe InDesign that could allow attackers to execute arbitrary code when a user opens ...

This CVE describes a heap-based buffer overflow vulnerability in Adobe InDesign that could allow attackers to execute arbitrary code when a user opens...

A heap-based buffer overflow vulnerability in Adobe InCopy allows arbitrary code execution when a user opens a malicious file. This affects users runn...

An integer underflow vulnerability in Microsoft Office Excel allows attackers to execute arbitrary code on affected systems by opening specially craft...

A heap-based buffer overflow vulnerability in Windows NTFS allows authenticated attackers to execute arbitrary code locally on affected systems. This ...

This vulnerability is a heap-based buffer overflow in the Connected Devices Platform Service (Cdpsvc) on Windows systems. It allows an authenticated a...

A heap-based buffer overflow vulnerability in Windows NTFS allows authenticated attackers to execute arbitrary code locally on affected systems. This ...

A heap-based buffer overflow vulnerability in Windows Media allows local attackers to execute arbitrary code on affected systems. This affects Windows...

This vulnerability is a heap-based buffer overflow in the Windows Common Log File System Driver that allows an authenticated attacker to execute arbit...

A Time-of-Check Time-of-Use (TOCTOU) race condition vulnerability in the Windows Kernel Memory allows authenticated attackers to escalate privileges l...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious SGI image files in FontForge. Attackers ...

A heap-based buffer overflow vulnerability in FontForge's BMP file parsing allows remote attackers to execute arbitrary code when users open malicious...

This vulnerability in GIMP allows remote attackers to execute arbitrary code by tricking users into opening malicious JP2 image files. The flaw exists...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious EXR image files. It affects systems runn...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious EXR image files. It affects systems runn...

This is a heap-based buffer overflow vulnerability in Academy Software Foundation OpenEXR's EXR file parsing. Attackers can execute arbitrary code by ...

This is a heap-based buffer overflow vulnerability in NSF Unidata NetCDF-C library that allows remote code execution when processing malicious files. ...

A memory corruption vulnerability in Autodesk products allows arbitrary code execution when parsing malicious PRT files. Attackers can exploit this to...

This vulnerability allows attackers to exploit a heap-based buffer overflow when Autodesk products parse malicious CATPRODUCT files. Successful exploi...

A heap-based buffer overflow vulnerability in Windows Desktop Window Manager (DWM) Core Library allows authenticated attackers to execute arbitrary co...

CVE-2025-64680 is a heap-based buffer overflow vulnerability in the Windows Desktop Window Manager (DWM) Core Library that allows authenticated attack...

A heap-based buffer overflow vulnerability in Fortinet FortiClient for Windows allows authenticated local IPSec users to execute arbitrary code or com...

Format Plugins versions 1.1.1 and earlier contain a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code when a us...

Format Plugins versions 1.1.1 and earlier contain a heap-based buffer overflow vulnerability that could allow arbitrary code execution when a user ope...