Skip to main content

Heap Overflow

1940 CVEs technique

Monthly

CVE-2023-49123 HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Solid Edge Se2023
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-49122 HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Solid Edge Se2023
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-49121 HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Solid Edge Se2023
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-47039 HIGH PATCH This Week

A vulnerability was found in Perl. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Heap Overflow Microsoft Perl +1
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-7104 HIGH POC PATCH This Week

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical.c of the component make alltest Handler. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Sqlite Fedora
NVD VulDB
CVSS 3.1
7.3
EPSS
1.2%
CVE-2023-7158 CRITICAL POC PATCH Act Now

A vulnerability was found in MicroPython up to 1.21.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Micropython
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-47118 CRITICAL Act Now

ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Clickhouse Clickhouse Cloud
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-47038 HIGH PATCH This Week

A vulnerability was found in perl 5.30.0 through 5.38.0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Heap Overflow Perl Fedora Enterprise Linux +2
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-3430 HIGH POC This Week

A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow Openimageio
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-33221 CRITICAL Act Now

When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Sigma Lite Firmware Sigma Extreme Firmware Sigma Wide Firmware +4
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-35639 HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2023-35630 HIGH PATCH This Week

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow Windows 10 1507 Windows 10 1607 +12
NVD
CVSS 3.1
8.8
EPSS
6.1%
CVE-2023-21740 HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2023-28527 MEDIUM This Month

IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow IBM Informix Dynamic Server Informix Dynamic Server On Cloud Pak For Data
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-28526 MEDIUM This Month

IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow IBM Informix Dynamic Server Informix Dynamic Server On Cloud Pak For Data
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-28523 HIGH This Week

IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow IBM Informix Dynamic Server +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-5908 CRITICAL Act Now

KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Industrial Gateway Server Keepserverex Opc Aggregator +5
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2023-41140 HIGH This Week

A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Heap Overflow Autocad +9
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-29073 CRITICAL Act Now

A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Heap Overflow Autocad +9
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-47056 HIGH This Week

Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Heap Overflow Premiere Pro
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-47051 MEDIUM This Month

Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Heap Overflow Audition
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2023-47042 HIGH This Week

Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Heap Overflow Media Encoder
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-36425 HIGH PATCH This Week

Windows Distributed File System (DFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +13
NVD
CVSS 3.1
8.0
EPSS
1.5%
CVE-2023-36423 HIGH PATCH This Week

Microsoft Remote Registry Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +13
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2023-36408 HIGH PATCH This Week

Windows Hyper-V Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-36402 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2023-36400 HIGH PATCH This Week

Windows HMAC Key Derivation Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +9
NVD
CVSS 3.1
8.8
EPSS
4.3%
CVE-2023-36042 MEDIUM PATCH This Month

Visual Studio Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Heap Overflow Visual Studio 2019 Visual Studio 2022
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2023-36036 HIGH KEV PATCH THREAT This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
16.7%
CVE-2023-36028 CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +10
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2023-27882 CRITICAL POC Act Now

A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Heap Overflow Gecko Software Development Kit Cesium Net +1
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2023-25181 CRITICAL POC Act Now

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Heap Overflow Gecko Software Development Kit Cesium Net +1
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-5568 MEDIUM This Month

A heap-based Buffer Overflow flaw was discovered in Samba. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow Samba
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2023-4692 HIGH POC This Week

An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Heap Overflow Grub2 Enterprise Linux
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-5686 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Radare2 Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-27395 HIGH POC PATCH This Week

A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Buffer Overflow RCE Heap Overflow Vpn
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2023-36730 HIGH PATCH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Odbc Driver For Sql Server +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2023-36598 HIGH PATCH This Week

Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +10
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2023-36577 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +10
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2023-36417 HIGH PATCH This Week

Microsoft SQL OLE DB Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Ole Db Driver For Sql Server +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2023-43787 HIGH This Week

A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Libx11 Enterprise Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-5460 MEDIUM This Month

A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Wplsoft
NVD VulDB
CVSS 3.1
5.7
EPSS
0.4%
CVE-2023-3428 MEDIUM This Month

A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow Imagemagick Extra Packages For Enterprise Linux +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-4911 HIGH POC KEV PATCH THREAT Act Now

Local privilege escalation in the GNU C Library (glibc) dynamic loader ld.so allows unprivileged local users on affected Linux distributions to gain root by abusing a heap buffer overflow when ld.so processes the GLIBC_TUNABLES environment variable during execution of SUID binaries. The flaw is confirmed actively exploited (CISA KEV) with publicly available exploit code, and the EPSS score of 71.53% (99th percentile) reflects very high exploitation likelihood across Linux estates.

Heap Overflow Buffer Overflow Bootstrap
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
71.5%
Threat
6.7
CVE-2023-5344 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-4504 HIGH POC This Week

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Heap Overflow Cups Libppd +2
NVD GitHub
CVSS 3.1
7.0
EPSS
0.7%
CVE-2023-32461 MEDIUM This Month

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Dell Heap Overflow Poweredge R660 Firmware Poweredge R760 Firmware +50
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-32643 HIGH This Week

A flaw was found in GLib. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Deserialization Heap Overflow Glib
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-38147 HIGH PATCH This Week

Windows Miracast Wireless Display Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +9
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-38143 HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.8
EPSS
4.4%
CVE-2023-36793 NuGet HIGH PATCH This Week

Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow Net Framework Net +3
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2023-36772 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-36771 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-36770 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-36740 HIGH PATCH This Week

3D Viewer Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Viewer
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-36739 HIGH PATCH This Week

3D Viewer Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Viewer
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-38076 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38071 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-4781 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim Debian Linux macOS
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-4751 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim macOS
NVD GitHub
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-4738 HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim macOS
NVD GitHub
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-4682 MEDIUM POC PATCH This Month

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-4322 CRITICAL POC PATCH Act Now

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Radare2 Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-39947 HIGH This Week

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Fast Dds Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-39946 HIGH This Week

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Fast Dds Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-38212 HIGH PATCH This Week

Adobe Dimension version 3.4.9 is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Adobe Heap Overflow Dimension
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-2905 HIGH POC PATCH This Week

Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Mongoose
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-38170 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-38154 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1809 Windows Server 2019
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-36896 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow 365 Apps +3
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2023-36865 HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow 365 Apps +2
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-36532 HIGH This Week

Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow Rooms Virtual Desktop Infrastructure +1
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-3180 MEDIUM PATCH This Month

A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Buffer Overflow Heap Overflow Qemu Fedora Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-4016 LOW Monitor

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Procps Fedora
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2023-21406 HIGH This Week

Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow A1001 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-3463 CRITICAL Act Now

All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Cimplicity
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-24474 HIGH This Week

Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Experion Server Experion Station Engineering Station +1
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-2763 HIGH This Week

Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow 3Dexperience Solidworks
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-35374 HIGH PATCH This Week

Paint 3D Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow Paint 3D
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-35363 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-35350 HIGH PATCH This Week

Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows Server 2008 +4
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2023-35337 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Heap Overflow Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-35305 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1607 Windows 10 1809 +7
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-35304 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow Windows 10 1607 Windows 10 1809 +7
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2023-35302 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +10
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-33152 HIGH PATCH This Week

Microsoft ActiveX Remote Code Execution Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Heap Overflow Microsoft RCE Buffer Overflow 365 Apps +2
NVD VulDB
CVSS 3.1
7.0
EPSS
1.1%
CVE-2023-32083 MEDIUM PATCH This Month

Microsoft Failover Cluster Information Disclosure Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Microsoft Information Disclosure Heap Overflow Windows Server 2016 +2
NVD
CVSS 3.1
4.9
EPSS
1.6%
CVE-2023-32047 HIGH PATCH This Week

Paint 3D Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow Paint 3D
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-36824 HIGH This Week

Redis is an in-memory database that persists on disk. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Redis Heap Overflow Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
77.4%
CVE-2023-37247 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Solid Edge Se2023
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Solid Edge Se2023
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Solid Edge Se2023
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability was found in Perl. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Heap Overflow +3
NVD
EPSS 1% CVSS 7.3
HIGH POC PATCH This Week

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical.c of the component make alltest Handler. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Sqlite +1
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

A vulnerability was found in MicroPython up to 1.21.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Micropython
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Clickhouse +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A vulnerability was found in perl 5.30.0 through 5.38.0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Heap Overflow Perl +4
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Sigma Lite Firmware +6
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 6% CVSS 8.8
HIGH PATCH This Week

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +14
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Media Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +15
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow IBM +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow IBM +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +3
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Industrial Gateway Server +7
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure +11
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure +11
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe +2
NVD
EPSS 1% CVSS 8.0
HIGH PATCH This Week

Windows Distributed File System (DFS) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.

RCE Buffer Overflow Microsoft +15
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft Remote Registry Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +15
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Hyper-V Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +11
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +14
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Windows HMAC Key Derivation Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +11
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Visual Studio Denial of Service Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Heap Overflow +2
NVD
EPSS 17% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +13
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +12
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Heap Overflow +3
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Heap Overflow +3
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

A heap-based Buffer Overflow flaw was discovered in Samba. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow +1
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Radare2 +1
NVD GitHub
EPSS 2% CVSS 8.1
HIGH POC PATCH This Week

A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +12
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Microsoft SQL OLE DB Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +3
NVD
EPSS 0% CVSS 5.7
MEDIUM This Month

A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Wplsoft
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow +3
NVD
EPSS 72% 6.7 CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

Local privilege escalation in the GNU C Library (glibc) dynamic loader ld.so allows unprivileged local users on affected Linux distributions to gain root by abusing a heap buffer overflow when ld.so processes the GLIBC_TUNABLES environment variable during execution of SUID binaries. The flaw is confirmed actively exploited (CISA KEV) with publicly available exploit code, and the EPSS score of 71.53% (99th percentile) reflects very high exploitation likelihood across Linux estates.

Heap Overflow Buffer Overflow Bootstrap
NVD Exploit-DB
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim +1
NVD GitHub
EPSS 1% CVSS 7.0
HIGH POC This Week

Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Heap Overflow +4
NVD GitHub
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Dell Heap Overflow +52
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A flaw was found in GLib. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Deserialization Heap Overflow +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Windows Miracast Wireless Display Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +11
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +12
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +5
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

3D Viewer Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

3D Viewer Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go +2
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim +2
NVD GitHub VulDB
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim +1
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Gpac
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Radare2 +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Fast Dds +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Fast Dds +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Adobe Dimension version 3.4.9 is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Adobe +2
NVD
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Mongoose
NVD GitHub
EPSS 1% CVSS 7.8
HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +5
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Microsoft Office Visio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft +4
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Buffer Overflow Heap Overflow Qemu +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Procps +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Experion Server +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Paint 3D Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +7
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +6
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Heap Overflow Windows 10 21h2 +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Microsoft Heap Overflow +9
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft +12
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

Microsoft ActiveX Remote Code Execution Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Heap Overflow Microsoft RCE +4
NVD VulDB
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Microsoft Failover Cluster Information Disclosure Vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Microsoft Information Disclosure +4
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Paint 3D Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 77% CVSS 8.8
HIGH This Week

Redis is an in-memory database that persists on disk. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Redis +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Tecnomatix
NVD
Prev Page 16 of 22 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy