Skip to main content

Heap Overflow

1940 CVEs technique

Monthly

CVE-2024-6383 MEDIUM This Month

The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-29508 LOW Monitor

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Ghostscript
NVD
CVSS 3.1
3.3
EPSS
0.4%
CVE-2024-32229 HIGH POC This Week

FFmpeg 7.0 contains a heap-buffer-overflow at libavfilter/vf_tiltandshift.c:189:5 in copy_column. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Ffmpeg
NVD
CVSS 3.1
8.4
EPSS
0.3%
CVE-2024-39133 MEDIUM POC This Month

Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the __zzip_parse_root_directory() function at /zzip/zip.c. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service Zziplib
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-38950 MEDIUM POC This Month

Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Libde265
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-38949 MEDIUM This Month

Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Libde265
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-23155 HIGH This Week

A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Autocad Autocad Architecture +7
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-23154 HIGH This Week

A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Information Disclosure RCE Autocad +8
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-37001 HIGH This Week

A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Information Disclosure RCE Autocad +8
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-6154 MEDIUM This Month

Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Privilege Escalation RCE Parallels Desktop
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2024-29013 MEDIUM This Month

Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service Sonicos
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-37280 Maven MEDIUM PATCH This Month

A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Elastic Denial Of Service Elasticsearch
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2024-30095 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2024-30094 HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2024-30091 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +11
NVD
CVSS 3.1
7.8
EPSS
4.3%
CVE-2024-30085 HIGH POC PATCH THREAT Act Now

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft Windows 10 1809 Windows 10 21h2 +7
NVD
CVSS 3.1
7.8
EPSS
15.1%
CVE-2024-30077 HIGH PATCH This Week

Windows OLE Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
8.0
EPSS
1.8%
CVE-2024-30075 HIGH PATCH This Week

Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008
NVD
CVSS 3.1
8.0
EPSS
0.9%
CVE-2024-30074 HIGH PATCH This Week

Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE Microsoft Windows Server 2008
NVD
CVSS 3.1
8.0
EPSS
1.2%
CVE-2024-30066 MEDIUM PATCH This Month

Winlogon Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2024-2011 CRITICAL Act Now

A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of service but can be used to execute arbitrary code, which is usually. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Denial Of Service Foxman Un +1
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-5301 HIGH This Week

Kofax Power PDF PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Power Pdf
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2024-36843 HIGH POC This Week

libmodbus v3.1.6 was discovered to contain a heap overflow via the modbus_mapping_free() function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Libmodbus
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2024-22058 HIGH This Week

A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and older. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Ivanti Endpoint Manager
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2024-35434 HIGH POC This Week

Irontec Sngrep v1.8.1 was discovered to contain a heap buffer overflow via the function rtp_check_packet at /sngrep/src/rtp.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service Sngrep
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-5228 HIGH This Week

TP-Link Omada ER605 Comexe DDNS Response Handling Heap-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE TP-Link Omada Er605 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-4323 CRITICAL POC PATCH THREAT Act Now

A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow RCE Information Disclosure Denial Of Service +1
NVD GitHub
CVSS 3.1
9.8
EPSS
28.3%
CVE-2024-30288 HIGH This Week

Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Adobe RCE Framemaker
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-30294 HIGH This Week

Animate versions 24.0.2, 23.0.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Animate
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-27243 MEDIUM This Month

Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Denial Of Service Buffer Overflow Meeting Software Development Kit Workplace +2
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-30051 HIGH KEV PATCH THREAT This Week

Windows DWM Core Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
7.8
EPSS
5.7%
CVE-2024-30038 HIGH POC Act Now

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2024-30020 HIGH This Week

Windows Cryptographic Services Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +13
NVD
CVSS 3.1
8.1
EPSS
1.3%
CVE-2024-30017 HIGH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2024-34771 HIGH This Week

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Solid Edge Se2024
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-33489 HIGH This Week

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Solid Edge Se2024
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-33877 HIGH This Week

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__conv_struct_opt in H5Tconv.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2024-33873 HIGH This Week

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2024-32624 HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__ref_mem_setnull in H5Tref.c (called from H5T__conv_ref in H5Tconv.c), resulting in the corruption of the instruction pointer. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
7.4
EPSS
0.6%
CVE-2024-32623 HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VM_array_fill in H5VM.c (called from H5S_select_elements in H5Spoint.c). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2024-32621 CRITICAL Act Now

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HG_read in H5HG.c (called from H5VL__native_blob_get in H5VLnative_blob.c), resulting in the corruption of the instruction. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-32620 HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5F_addr_decode_len in H5Fint.c, resulting in the corruption of the instruction pointer. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2024-32619 HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the instruction pointer. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2024-32618 HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__get_native_type in H5Tnative.c, resulting in the corruption of the instruction pointer. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2024-32617 HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MM_xstrdup in H5MM.c (called from H5G__ent_to_link in H5Glink.c). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-32616 HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5O__dtype_encode_helper in H5Odtype.c. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
7.4
EPSS
0.3%
CVE-2024-32613 HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in the function H5HL__fl_deserialize in H5HLcache.c, a different vulnerability than CVE-2024-32612. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2024-32612 HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5HL__fl_deserialize in H5HLcache.c, resulting in the corruption of the instruction pointer, a different vulnerability than. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
7.4
EPSS
0.3%
CVE-2024-32605 HIGH This Week

HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_memcpyvv in H5VM.c (called from H5D__compact_readvv in H5Dcompact.c). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2024-29165 HIGH This Week

HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_fletcher32, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE Denial Of Service Hdf5
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2024-29163 HIGH This Week

HDF5 through 1.14.3 contains a heap buffer overflow in H5T__bit_find, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE Denial Of Service Hdf5
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2024-29162 HIGH This Week

HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in H5HG_read, resulting in denial of service or potential code execution. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE Denial Of Service Hdf5
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2024-29161 HIGH This Week

HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Denial Of Service Hdf5
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2024-29160 HIGH This Week

HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_heap_deserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE Denial Of Service Hdf5
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2024-29158 HIGH This Week

HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE Denial Of Service Hdf5
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2024-29157 CRITICAL Act Now

HDF5 through 1.14.3 contains a heap buffer overflow in H5HG_read, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Denial Of Service Hdf5
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-3758 HIGH This Week

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Openharmony
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-34250 MEDIUM POC This Month

A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasm_loader_check_br". Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service Webassembly Micro Runtime
NVD GitHub
CVSS 3.1
6.2
EPSS
0.3%
CVE-2024-34249 PyPI CRITICAL POC Act Now

wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3_compile.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Wasm3
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-34408 MEDIUM POC PATCH This Month

Tencent libpag through 4.3.51 has an integer overflow in DecodeStream::checkEndOfFile() in codec/utils/DecodeStream.cpp via a crafted PAG (Portable Animated Graphics) file. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow Libpag
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-33429 HIGH POC This Week

Buffer-Overflow vulnerability at pcm_convert.h:513 of phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via a crafted .wav file. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow RCE Phiola
NVD GitHub
CVSS 3.1
7.1
EPSS
1.1%
CVE-2024-33428 HIGH POC This Week

Buffer-Overflow vulnerability at conv.c:68 of stsaz phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via the a crafted .wav file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow RCE Phiola
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2024-25048 HIGH This Week

IBM MQ Appliance 9.3 CD and LTS are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Heap Overflow Buffer Overflow RCE IBM Mq Appliance
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2024-31036 MEDIUM POC This Month

A heap-buffer-overflow vulnerability in the read_byte function in NanoMQ v.0.21.7 allows attackers to cause a denial of service via transmission of crafted hexstreams. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service Nanomq
NVD GitHub
CVSS 3.1
6.8
EPSS
0.3%
CVE-2024-32038 CRITICAL Act Now

Wazuh is a free and open source platform used for threat prevention, detection, and response. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Wazuh Microsoft
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-29204 CRITICAL Act Now

A Heap Overflow vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Ivanti Avalanche
NVD
CVSS 3.1
9.8
EPSS
4.3%
CVE-2024-24996 CRITICAL Act Now

A Heap overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Ivanti Avalanche
NVD
CVSS 3.1
9.8
EPSS
32.2%
CVE-2024-0257 LOW Monitor

RoboDK v5.5.4 is vulnerable to heap-based buffer overflow while processing a specific project file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-31580 PyPI MEDIUM PATCH This Month

PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow Denial Of Service Pytorch
NVD GitHub
CVSS 3.1
4.0
EPSS
0.2%
CVE-2024-29985 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29984 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29983 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29982 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29048 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29047 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Sql Server 2019 +1
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29046 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29044 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28943 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Odbc Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28941 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Odbc Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2024-28940 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28937 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Odbc Driver For Sql Server +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2024-28935 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Odbc Driver For Sql Server +4
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28932 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Odbc Driver For Sql Server +4
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28927 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28926 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2024-28915 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2024-28914 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28913 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2024-28912 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2024-28911 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.2%
EPSS 1% CVSS 5.3
MEDIUM This Month

The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Ghostscript
NVD
EPSS 0% CVSS 8.4
HIGH POC This Week

FFmpeg 7.0 contains a heap-buffer-overflow at libavfilter/vf_tiltandshift.c:189:5 in copy_column. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Ffmpeg
NVD
EPSS 1% CVSS 4.3
MEDIUM POC This Month

Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the __zzip_parse_root_directory() function at /zzip/zip.c. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Libde265
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Libde265
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +9
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Information Disclosure +10
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Information Disclosure +10
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Elastic +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +15
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +15
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 +13
NVD
EPSS 15% CVSS 7.8
HIGH POC PATCH THREAT Act Now

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft +9
NVD
EPSS 2% CVSS 8.0
HIGH PATCH This Week

Windows OLE Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

Heap Overflow Buffer Overflow RCE +15
NVD
EPSS 1% CVSS 8.0
HIGH PATCH This Week

Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 1% CVSS 8.0
HIGH PATCH This Week

Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Winlogon Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Windows 10 1507 +12
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of service but can be used to execute arbitrary code, which is usually. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Kofax Power PDF PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

libmodbus v3.1.6 was discovered to contain a heap overflow via the modbus_mapping_free() function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Libmodbus
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and older. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

Irontec Sngrep v1.8.1 was discovered to contain a heap buffer overflow via the function rtp_check_packet at /sngrep/src/rtp.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

TP-Link Omada ER605 Comexe DDNS Response Handling Heap-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 28% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow RCE +3
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Adobe +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Animate versions 24.0.2, 23.0.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Denial Of Service Buffer Overflow +4
NVD
EPSS 6% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows DWM Core Library Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Heap Overflow Buffer Overflow Microsoft +11
NVD
EPSS 3% CVSS 7.8
HIGH POC Act Now

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Windows 10 1507 +12
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Windows Cryptographic Services Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE +15
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +13
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Solid Edge Se2024
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Solid Edge Se2024
NVD
EPSS 1% CVSS 8.8
HIGH This Week

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__conv_struct_opt in H5Tconv.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 1% CVSS 8.8
HIGH This Week

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 1% CVSS 7.4
HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__ref_mem_setnull in H5Tref.c (called from H5T__conv_ref in H5Tconv.c), resulting in the corruption of the instruction pointer. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 1% CVSS 8.8
HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VM_array_fill in H5VM.c (called from H5S_select_elements in H5Spoint.c). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HG_read in H5HG.c (called from H5VL__native_blob_get in H5VLnative_blob.c), resulting in the corruption of the instruction. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 0% CVSS 7.4
HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5F_addr_decode_len in H5Fint.c, resulting in the corruption of the instruction pointer. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 0% CVSS 7.4
HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the instruction pointer. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 0% CVSS 7.4
HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__get_native_type in H5Tnative.c, resulting in the corruption of the instruction pointer. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 1% CVSS 8.8
HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MM_xstrdup in H5MM.c (called from H5G__ent_to_link in H5Glink.c). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 0% CVSS 7.4
HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5O__dtype_encode_helper in H5Odtype.c. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 0% CVSS 7.4
HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in the function H5HL__fl_deserialize in H5HLcache.c, a different vulnerability than CVE-2024-32612. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 0% CVSS 7.4
HIGH This Week

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5HL__fl_deserialize in H5HLcache.c, resulting in the corruption of the instruction pointer, a different vulnerability than. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 1% CVSS 8.8
HIGH This Week

HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_memcpyvv in H5VM.c (called from H5D__compact_readvv in H5Dcompact.c). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Hdf5
NVD
EPSS 0% CVSS 7.4
HIGH This Week

HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_fletcher32, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 7.4
HIGH This Week

HDF5 through 1.14.3 contains a heap buffer overflow in H5T__bit_find, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 7.4
HIGH This Week

HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in H5HG_read, resulting in denial of service or potential code execution. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 7.4
HIGH This Week

HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_heap_deserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 7.4
HIGH This Week

HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

HDF5 through 1.14.3 contains a heap buffer overflow in H5HG_read, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD
EPSS 0% CVSS 6.2
MEDIUM POC This Month

A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasm_loader_check_br". Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3_compile.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Wasm3
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Tencent libpag through 4.3.51 has an integer overflow in DecodeStream::checkEndOfFile() in codec/utils/DecodeStream.cpp via a crafted PAG (Portable Animated Graphics) file. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow Libpag
NVD GitHub
EPSS 1% CVSS 7.1
HIGH POC This Week

Buffer-Overflow vulnerability at pcm_convert.h:513 of phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via a crafted .wav file. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

Buffer-Overflow vulnerability at conv.c:68 of stsaz phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via the a crafted .wav file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow RCE +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

IBM MQ Appliance 9.3 CD and LTS are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Heap Overflow Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 6.8
MEDIUM POC This Month

A heap-buffer-overflow vulnerability in the read_byte function in NanoMQ v.0.21.7 allows attackers to cause a denial of service via transmission of crafted hexstreams. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Denial Of Service +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Wazuh is a free and open source platform used for threat prevention, detection, and response. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Wazuh +1
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL Act Now

A Heap Overflow vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Ivanti +1
NVD
EPSS 32% CVSS 9.8
CRITICAL Act Now

A Heap overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Ivanti +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

RoboDK v5.5.4 is vulnerable to heap-based buffer overflow while processing a specific project file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow
NVD
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.

Heap Overflow Buffer Overflow Denial Of Service +1
NVD GitHub
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +3
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +6
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +6
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +6
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE +4
NVD
Prev Page 14 of 22 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy