Monthly
Heap-based buffer overflow in GIMP's PSP (Paint Shop Pro) file parser enables remote code execution when processing malicious PSP image files. Unauthenticated attackers can execute arbitrary code with user privileges by convincing targets to open crafted PSP files. CVSS 7.8 (High) reflects local attack vector requiring user interaction. No public exploit identified at time of analysis. Vulnerability tracked as ZDI-CAN-28874 by Zero Day Initiative.
Heap-based buffer overflow in GIMP's JP2 image parser enables unauthenticated remote code execution when users open crafted JPEG 2000 files. The vulnerability stems from insufficient validation of user-supplied data length before copying to heap memory, allowing attackers to execute arbitrary code with user privileges. Exploitation requires social engineering to convince targets to open malicious JP2 files. No public exploit identified at time of analysis.
Heap buffer overflow in HDF5 library versions 1.14.1-2 and earlier allows local attackers to trigger a write-based overflow in the H5T__ref_mem_setnull method by crafting malicious HDF5 files, leading to denial-of-service and potential remote code execution depending on heap exploitation complexity. Attack requires local file access and user interaction to parse a malicious file. No public exploit code identified at time of analysis.
wolfSSL versions before 5.9.1 contain a heap buffer overflow in the X.509 date parsing functions wolfSSL_X509_notAfter and wolfSSL_X509_notBefore when processing crafted certificates through the compatibility layer API. The vulnerability has a CVSS score of 2.3 with attack vector requiring adjacent network access and persistence, affecting only direct API calls and not standard TLS or certificate verification operations. No public exploit code or active exploitation has been identified at the time of analysis.
Heap buffer overflow in wolfSSL DTLS 1.3 ACK message handler allows unauthenticated remote attackers to achieve integrity and availability impacts via crafted network packets. The vulnerability triggers memory corruption during ACK message processing in DTLS 1.3 sessions, enabling potential arbitrary code execution or denial of service. No public exploit identified at time of analysis, though low observed exploitation activity noted.
Heap buffer overflow in wolfSSL's CertFromX509 function allows remote attackers to cause information disclosure through malformed X.509 certificates containing oversized AuthorityKeyIdentifier extensions. The vulnerability requires a persistent attacker (AT:P per CVSS 4.0) but no authentication, affecting wolfSSL across all versions until patched. EPSS exploitation probability and active exploitation status cannot be determined from available data; no public exploit code has been independently confirmed.
Heap out-of-bounds write in wolfSSL's DecodeObjectId() function in wolfcrypt/src/asn.c allows authenticated remote attackers to trigger memory corruption through two distinct mechanisms: insufficient bounds checking when outSz equals 1, and confusion between buffer byte size and element count across multiple callers, permitting crafted OIDs with 33+ arcs to overflow a 32-arc buffer. CVSS 2.3 reflects low impact (data modification only, no confidentiality loss), but the vulnerability affects cryptographic certificate and message parsing across all wolfSSL versions up to 5.9.0. No public exploit identified at time of analysis.
Heap buffer overflow in WebML (a web markup language component) in Google Chrome prior to version 147.0.7727.55 allows remote attackers to obtain potentially sensitive information from process memory by serving a crafted HTML page. The vulnerability requires no user authentication and can be triggered through normal web browsing, though exploitation has a low probability (EPSS 0.03%) and no public exploit code has been identified.
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Heap buffer overflow in WebML component of Google Chrome prior to version 147.0.7727.55 allows unauthenticated remote attackers to read sensitive information from process memory via a specially crafted HTML page. The vulnerability requires no user authentication and only user interaction (page visit), with a CVSS score of 6.5 reflecting confidentiality impact and limited availability risk. No public exploit code or active exploitation has been confirmed at time of analysis, though a vendor patch is available.
Heap-based buffer overflow in GIMP's PSP (Paint Shop Pro) file parser enables remote code execution when processing malicious PSP image files. Unauthenticated attackers can execute arbitrary code with user privileges by convincing targets to open crafted PSP files. CVSS 7.8 (High) reflects local attack vector requiring user interaction. No public exploit identified at time of analysis. Vulnerability tracked as ZDI-CAN-28874 by Zero Day Initiative.
Heap-based buffer overflow in GIMP's JP2 image parser enables unauthenticated remote code execution when users open crafted JPEG 2000 files. The vulnerability stems from insufficient validation of user-supplied data length before copying to heap memory, allowing attackers to execute arbitrary code with user privileges. Exploitation requires social engineering to convince targets to open malicious JP2 files. No public exploit identified at time of analysis.
Heap buffer overflow in HDF5 library versions 1.14.1-2 and earlier allows local attackers to trigger a write-based overflow in the H5T__ref_mem_setnull method by crafting malicious HDF5 files, leading to denial-of-service and potential remote code execution depending on heap exploitation complexity. Attack requires local file access and user interaction to parse a malicious file. No public exploit code identified at time of analysis.
wolfSSL versions before 5.9.1 contain a heap buffer overflow in the X.509 date parsing functions wolfSSL_X509_notAfter and wolfSSL_X509_notBefore when processing crafted certificates through the compatibility layer API. The vulnerability has a CVSS score of 2.3 with attack vector requiring adjacent network access and persistence, affecting only direct API calls and not standard TLS or certificate verification operations. No public exploit code or active exploitation has been identified at the time of analysis.
Heap buffer overflow in wolfSSL DTLS 1.3 ACK message handler allows unauthenticated remote attackers to achieve integrity and availability impacts via crafted network packets. The vulnerability triggers memory corruption during ACK message processing in DTLS 1.3 sessions, enabling potential arbitrary code execution or denial of service. No public exploit identified at time of analysis, though low observed exploitation activity noted.
Heap buffer overflow in wolfSSL's CertFromX509 function allows remote attackers to cause information disclosure through malformed X.509 certificates containing oversized AuthorityKeyIdentifier extensions. The vulnerability requires a persistent attacker (AT:P per CVSS 4.0) but no authentication, affecting wolfSSL across all versions until patched. EPSS exploitation probability and active exploitation status cannot be determined from available data; no public exploit code has been independently confirmed.
Heap out-of-bounds write in wolfSSL's DecodeObjectId() function in wolfcrypt/src/asn.c allows authenticated remote attackers to trigger memory corruption through two distinct mechanisms: insufficient bounds checking when outSz equals 1, and confusion between buffer byte size and element count across multiple callers, permitting crafted OIDs with 33+ arcs to overflow a 32-arc buffer. CVSS 2.3 reflects low impact (data modification only, no confidentiality loss), but the vulnerability affects cryptographic certificate and message parsing across all wolfSSL versions up to 5.9.0. No public exploit identified at time of analysis.
Heap buffer overflow in WebML (a web markup language component) in Google Chrome prior to version 147.0.7727.55 allows remote attackers to obtain potentially sensitive information from process memory by serving a crafted HTML page. The vulnerability requires no user authentication and can be triggered through normal web browsing, though exploitation has a low probability (EPSS 0.03%) and no public exploit code has been identified.
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Heap buffer overflow in WebML component of Google Chrome prior to version 147.0.7727.55 allows unauthenticated remote attackers to read sensitive information from process memory via a specially crafted HTML page. The vulnerability requires no user authentication and only user interaction (page visit), with a CVSS score of 6.5 reflecting confidentiality impact and limited availability risk. No public exploit code or active exploitation has been confirmed at time of analysis, though a vendor patch is available.