Skip to main content

Heap Overflow

1938 CVEs technique

Monthly

CVE-2024-3447 MEDIUM POC PATCH CISA This Month

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Heap Overflow Qemu Hci Compute Node
NVD
CVSS 3.1
6.0
EPSS
0.0%
Threat
4.7
CVE-2024-48075 MEDIUM This Month

A Heap buffer overflow in the server-site handshake implementation in Real Time Logic SharkSSL from 09/09/24 and earlier allows a remote attacker to trigger a Denial-of-Service via a malformed TLS. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Microsoft
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-49509 HIGH This Week

InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Indesign
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-49508 HIGH This Week

InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Indesign
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-49507 HIGH This Week

InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Indesign
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-49525 HIGH This Week

Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Substance 3d Painter
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-49517 HIGH This Week

Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Substance 3d Painter
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-47431 HIGH This Week

Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Substance 3d Painter
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-47450 HIGH This Week

Illustrator versions 28.7.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-33505 HIGH This Week

A heap-based buffer overflow in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager version 7.4.0 through 7.4.2, 7.2.0. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Fortinet Privilege Escalation Fortianalyzer +2
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2024-49030 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-49017 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-49015 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-49013 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-49012 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-49011 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-49010 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-49009 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-49008 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-49007 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-49006 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-49005 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-49004 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-49002 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-49001 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-49000 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-48999 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-48998 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-48997 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-48996 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-48995 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-48994 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-48993 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-43627 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-43626 HIGH PATCH This Week

Windows Telephony Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-43622 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-43621 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-43620 HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-43598 PyPI HIGH PATCH This Week

LightGBM Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Heap Overflow Buffer Overflow RCE Lightgbm
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2024-43462 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-38255 HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Sql Server 2016 Sql Server 2017 +1
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-10525 HIGH POC PATCH THREAT This Week

In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow Mosquitto
NVD GitHub
CVSS 4.0
7.2
EPSS
57.9%
CVE-2024-8594 HIGH This Week

A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Information Disclosure RCE Autocad +7
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-8591 HIGH This Week

A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Information Disclosure RCE Autocad +7
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-8587 HIGH This Week

A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Information Disclosure RCE Advance Steel +7
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-43587 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Heap Overflow Google Buffer Overflow Microsoft RCE +1
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2024-43579 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Google Buffer Overflow Microsoft RCE +1
NVD
CVSS 3.1
8.3
EPSS
0.7%
CVE-2024-43578 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Google Buffer Overflow Microsoft RCE +1
NVD
CVSS 3.1
8.3
EPSS
0.7%
CVE-2024-47964 HIGH This Week

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cncsoft G2
NVD
CVSS 4.0
8.4
EPSS
0.3%
CVE-2024-45143 HIGH This Week

Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Substance 3d Stager
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-45139 HIGH This Week

Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Substance 3d Stager
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-47417 HIGH This Week

Animate versions 23.0.7, 24.0.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-43608 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008 +5
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-43607 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008 +5
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-43589 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008 +5
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2024-43564 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008 +5
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-43560 HIGH PATCH This Week

Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2024-43528 HIGH PATCH This Week

Windows Secure Kernel Mode Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft Windows 10 1809 Windows 10 21h2 +8
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-43527 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft Windows 11 24h2
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2024-43522 HIGH PATCH This Week

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Heap Overflow Buffer Overflow Microsoft Windows 11 22h2 Windows 11 23h2
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2024-43518 HIGH PATCH This Week

Windows Telephony Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2024-43517 HIGH PATCH This Week

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +14
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-43480 MEDIUM PATCH This Month

Azure Service Fabric for Linux Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Heap Overflow Buffer Overflow RCE Microsoft Azure Service Fabric
NVD
CVSS 3.1
6.6
EPSS
1.1%
CVE-2024-43453 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008 +5
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-38212 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008 +5
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-41981 HIGH This Week

A vulnerability has been identified in Simcenter Femap V2306 (All versions), Simcenter Femap V2401 (All versions), Simcenter Femap V2406 (All versions). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-6444 MEDIUM This Month

No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Zephyr
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-45872 MEDIUM POC This Month

Bandisoft BandiView 7.05 is vulnerable to Buffer Overflow via sub_0x410d1d. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Bandiview
NVD GitHub
CVSS 3.1
6.3
EPSS
0.4%
CVE-2024-20522 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cisco Denial Of Service Rv042 Firmware +3
NVD
CVSS 3.1
6.8
EPSS
0.5%
CVE-2024-20517 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cisco Denial Of Service Rv042 Firmware +3
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2024-20516 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cisco Denial Of Service Rv042 Firmware +3
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2024-7674 HIGH This Week

A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Navisworks
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-7673 HIGH This Week

A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Navisworks
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-38796 MEDIUM This Month

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). Rated medium severity (CVSS 5.9). No vendor patch available.

Heap Overflow Buffer Overflow
NVD GitHub
CVSS 3.1
5.9
EPSS
0.4%
CVE-2024-46632 PyPI MEDIUM POC This Month

Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::LoadMD5MeshFile function. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Assimp
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-20508 MEDIUM This Month

A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cisco Denial Of Service Apple +1
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-46461 HIGH This Week

VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Denial Of Service
NVD
CVSS 3.1
8.0
EPSS
0.6%
CVE-2024-7018 HIGH POC This Week

Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Google Chrome
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-45679 HIGH PATCH This Week

Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.3 allows a local attacker to execute arbitrary code by importing a specially crafted file into the product. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Assimp
NVD GitHub
CVSS 3.1
8.4
EPSS
0.3%
CVE-2024-8948 PyPI MEDIUM POC PATCH This Month

A vulnerability was found in MicroPython 1.23.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow Micropython
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
1.0%
CVE-2024-8946 PyPI MEDIUM POC PATCH This Month

A vulnerability was found in MicroPython 1.23.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow Micropython
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
1.0%
CVE-2024-38812 CRITICAL KEV THREAT Act Now

The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow VMware RCE Cloud Foundation +1
NVD
CVSS 3.1
9.8
EPSS
54.1%
CVE-2024-6259 MEDIUM POC This Month

BT: HCI: adv_ext_report Improper discarding in adv_ext_report. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Zephyr
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-6135 MEDIUM POC This Month

BT:Classic: Multiple missing buf length checks. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Zephyr
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-6258 MEDIUM POC This Month

BT: Missing length checks of net_buf in rfcomm_handle_data. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Zephyr
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-43756 HIGH This Week

Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Photoshop
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-39380 HIGH This Week

After Effects versions 23.6.6, 24.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE After Effects
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-38242 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2024-38238 HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-38237 HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
3.2%
EPSS 0% 4.7 CVSS 6.0
MEDIUM POC PATCH This Month

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Heap Overflow +2
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A Heap buffer overflow in the server-site handshake implementation in Real Time Logic SharkSSL from 09/09/24 and earlier allows a remote attacker to trigger a Denial-of-Service via a malformed TLS. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Microsoft
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Illustrator versions 28.7.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.3
HIGH This Week

A heap-based buffer overflow in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager version 7.4.0 through 7.4.2, 7.2.0. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Fortinet +4
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +5
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +16
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Telephony Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft +15
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +16
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +16
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Windows Telephony Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +16
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

LightGBM Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

SQL Server Native Client Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 58% CVSS 7.2
HIGH POC PATCH THREAT This Week

In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow Mosquitto
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Information Disclosure +9
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Information Disclosure +9
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Information Disclosure +9
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Heap Overflow Google Buffer Overflow +3
NVD
EPSS 1% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Google Buffer Overflow +3
NVD
EPSS 1% CVSS 8.3
HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Google Buffer Overflow +3
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cncsoft G2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Animate versions 23.0.7, 24.0.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +7
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +7
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +7
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +7
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft +14
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Secure Kernel Mode Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft +10
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Heap Overflow Buffer Overflow Microsoft +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Telephony Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +16
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +16
NVD
EPSS 1% CVSS 6.6
MEDIUM PATCH This Month

Azure Service Fabric for Linux Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +7
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +7
NVD
EPSS 0% CVSS 7.3
HIGH This Week

A vulnerability has been identified in Simcenter Femap V2306 (All versions), Simcenter Femap V2401 (All versions), Simcenter Femap V2406 (All versions). Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Zephyr
NVD GitHub
EPSS 0% CVSS 6.3
MEDIUM POC This Month

Bandisoft BandiView 7.05 is vulnerable to Buffer Overflow via sub_0x410d1d. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Bandiview
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cisco +5
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cisco +5
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cisco +5
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). Rated medium severity (CVSS 5.9). No vendor patch available.

Heap Overflow Buffer Overflow
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::LoadMD5MeshFile function. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Assimp
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cisco +3
NVD
EPSS 1% CVSS 8.0
HIGH This Week

VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Google +1
NVD
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.3 allows a local attacker to execute arbitrary code by importing a specially crafted file into the product. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +1
NVD GitHub
EPSS 1% CVSS 6.9
MEDIUM POC PATCH This Month

A vulnerability was found in MicroPython 1.23.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow Micropython
NVD GitHub VulDB
EPSS 1% CVSS 6.9
MEDIUM POC PATCH This Month

A vulnerability was found in MicroPython 1.23.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow Micropython
NVD GitHub VulDB
EPSS 54% CVSS 9.8
CRITICAL KEV THREAT Act Now

The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow VMware +3
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

BT: HCI: adv_ext_report Improper discarding in adv_ext_report. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Zephyr
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

BT:Classic: Multiple missing buf length checks. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Zephyr
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

BT: Missing length checks of net_buf in rfcomm_handle_data. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Zephyr
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

After Effects versions 23.6.6, 24.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 +12
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 +12
NVD
Prev Page 12 of 22 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy