Skip to main content

Heap Overflow

memory HIGH

A heap overflow occurs when a program writes data beyond the bounds of a buffer allocated in the heap memory region.

How It Works

A heap overflow occurs when a program writes data beyond the bounds of a buffer allocated in the heap memory region. Unlike stack overflows that target the call stack, heap overflows corrupt dynamically allocated memory managed by functions like malloc() or new. When a program allocates heap memory without properly validating input size, an attacker can supply excessive data that spills into adjacent heap chunks, corrupting heap metadata structures or neighboring objects.

Exploitation typically targets heap management metadata (chunk headers containing size and status information) or data in adjacent allocations. Attackers can overwrite function pointers stored in heap objects, C++ vtable pointers, or critical data fields to redirect program execution. Modern heap implementations use inline metadata, making them vulnerable to carefully crafted overflows that manipulate allocation structures to achieve arbitrary write primitives.

The attack difficulty varies by heap implementation. Attackers must understand the specific allocator's layout (glibc malloc, Windows heap, etc.) and often need information leaks to defeat ASLR. Heap feng shui techniques arrange heap allocations in predictable patterns, placing attacker-controlled data adjacent to target objects to maximize exploitation reliability.

Impact

  • Arbitrary code execution: Overwrite function pointers or vtables to redirect control flow to attacker-supplied shellcode
  • Memory corruption: Corrupt critical data structures, causing crashes or logic manipulation to bypass security checks
  • Privilege escalation: Modify authorization flags or user context stored in heap objects
  • Information disclosure: Trigger controlled crashes that leak sensitive data through error messages or core dumps
  • Heap spray payloads: Combined with other vulnerabilities, create reliable exploitation paths across multiple platforms

Real-World Examples

The WhatsApp video call vulnerability (CVE-2019-11931) exploited a heap overflow in video decoding, allowing remote code execution through a malicious video file without user interaction. Attackers could compromise devices by simply calling targets.

The OpenSSL Heartbleed bug (CVE-2014-0160), while primarily an information disclosure issue, demonstrated heap-related vulnerabilities by allowing attackers to read arbitrary heap memory. Similar heap overflow issues in TLS implementations have enabled complete server compromise.

The sudo heap overflow (CVE-2021-3156) allowed local privilege escalation on Unix systems by overflowing a heap buffer through carefully crafted command-line arguments, giving unprivileged users root access on affected systems.

Mitigation

  • Memory-safe languages: Use Rust, Go, or managed languages that eliminate manual memory management vulnerabilities
  • Hardened heap allocators: Deploy jemalloc, PartitionAlloc, or Scudo with guard pages and randomization features
  • Address Space Layout Randomization (ASLR): Randomize heap base addresses to make exploitation non-deterministic
  • Bounds checking: Validate all input sizes before heap operations and use safe string functions (strncpy, snprintf)
  • Heap integrity checks: Enable heap consistency verification in production environments
  • Compiler mitigations: Use AddressSanitizer during development and fortify source options at compile time
  • Size limits: Enforce maximum allocation sizes and reject excessive input

Recent CVEs (1940)

EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

For certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when processing the groups out of order the decoder can perform an out of bounds copy of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Libjxl
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

libmysofa is vulnerable to Heap-based Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Libmysofa +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

vim is vulnerable to Heap-based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim +2
NVD GitHub
EPSS 8% CVSS 7.5
HIGH POC This Week

Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow 750 8214 Firmware +27
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

vim is vulnerable to Heap-based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim +2
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Webaccess
NVD
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

vim is vulnerable to Heap-based Buffer Overflow. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim +1
NVD GitHub
EPSS 1% CVSS 10.0
CRITICAL POC Act Now

A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Eufy Homebase 2 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability has been identified in SINUMERIK 808D (All versions), SINUMERIK 828D (All versions < V4.95). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Sinumerik 808D Firmware +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Heap Overflow +2
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Heap Overflow +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

User controlled parameters related to SMTP notifications are not correctly validated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Heap Overflow Axis Os +3
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Buffer overflow in Zephyr USB DFU DNLOAD. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Zephyr
NVD GitHub
EPSS 15% CVSS 8.8
HIGH PATCH This Week

Redis is an open source, in-memory database that persists on disk. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Redis Heap Overflow +6
NVD GitHub
EPSS 5% CVSS 7.8
HIGH PATCH This Week

XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Heap Overflow RCE +2
NVD
EPSS 12% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +7
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Adobe svg-native-viewer 8182d14dfad5d1e10f53ed830328d7d9a3cfa96d and earlier versions are affected by a heap buffer overflow vulnerability due to insecure handling of a malicious .svg file,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Heap Overflow Suitelink
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco +4
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Dopsoft
NVD
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

vim is vulnerable to Heap-based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim +3
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the Ark_DigPathA function parsed a file path. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Ark Library
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

vim is vulnerable to Heap-based Buffer Overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Vim +2
NVD GitHub
EPSS 67% CVSS 8.8
HIGH This Week

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +5
NVD
EPSS 10% CVSS 8.8
HIGH This Week

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Heap-based buffer overflow vulnerability in the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +5
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge version 11.1 (and earlier) is affected by a heap-based buffer overflow vulnerability when parsing a crafted .SGI file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Heap Overflow Adobe +1
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 21.2.10 (and earlier) and 22.4.3 (and earlier) are affected by a heap-based buffer overflow vulnerability that could result in arbitrary code execution in the context of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 4% CVSS 5.5
MEDIUM PATCH This Month

XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Heap Overflow RCE +2
NVD
EPSS 4% CVSS 3.3
LOW PATCH Monitor

XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in local application denial of service in the context of the current user. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Heap Overflow Denial Of Service +2
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Heap Overflow RCE +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A heap-based buffer overflow in Delta Electronics TPEditor: v1.98.06 and prior may be exploited by processing a specially crafted project file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Adobe Animate version 21.0.6 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

Adobe Animate version 21.0.6 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 5% CVSS 7.8
HIGH This Week

Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 5% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Heap-based Buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +3
NVD
EPSS 5% CVSS 7.8
HIGH This Week

Adobe Bridge version 11.0.2 (and earlier) are affected by a Heap-based Buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A memory corruption vulnerability exists in the XML-parsing ParseAttribs functionality of AT&T Labs’ Xmill 0.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Xmill
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

A heap-based buffer overflow vulnerability exists in the XML Decompression LabelDict::Load functionality of AT&T Labs’ Xmill 0.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution.07.22.00.80.5, all. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Heap Overflow RCE +2
NVD GitHub
EPSS 2% CVSS 7.8
HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go +2
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go +2
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go +2
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go +2
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go +1
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go +1
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Dell BIOSConnect feature contains a buffer overflow vulnerability. Rated high severity (CVSS 7.5). No vendor patch available.

Buffer Overflow Heap Overflow Dell +129
NVD
EPSS 1% CVSS 7.8
HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava!. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava!. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava!. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Dell +12
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Heap Overflow RCE +13
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A heap-based buffer overflow vulnerability exists in the PSD read_icc_icCurve_data functionality of Accusoft ImageGear 19.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Imagegear
NVD
EPSS 0% CVSS 6.7
MEDIUM POC This Month

A heap overflow in LzmaUefiDecompressGetInfo function in EDK II. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Edk2
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An improper input validation vulnerability in scmn_mfal_read() in libsapeextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 68% CVSS 9.8
CRITICAL PATCH Act Now

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Heap Overflow Apache +8
NVD
EPSS 2% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Synology Heap Overflow +4
NVD
EPSS 3% CVSS 7.8
HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Heap Overflow RCE +2
NVD GitHub
EPSS 3% CVSS 7.8
HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 0% CVSS 8.2
HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 0% CVSS 8.2
HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Heap Overflow Siemens +29
NVD
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow RCE +3
NVD GitHub
EPSS 1% CVSS 8.8
HIGH PATCH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Heap Overflow Netgear +44
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An improper input validation vulnerability in libswmfextractor library prior to SMR APR-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 8% CVSS 7.8
HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Due to incorrect string size calculations inside the preg_quote function, a large input string passed to the function can trigger an integer overflow leading to a heap overflow.56.3, all versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Heap Overflow Hhvm
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL Act Now

Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow C Controller Module Setting And Monitoring Tool +40
NVD
EPSS 86% CVSS 8.8
HIGH KEV THREAT This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +5
NVD
EPSS 2% CVSS 7.8
HIGH POC This Week

A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow RCE +2
NVD
EPSS 6% CVSS 8.6
HIGH This Week

Adobe Photoshop version 22.1 (and earlier) is affected by a heap buffer overflow vulnerability when handling a specially crafted font file. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

NHIServiSignAdapter fails to verify the length of digital credential files’ path which leads to a heap overflow loophole. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Nhiservisignadapter
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A flaw was found in xorg-x11-server before 1.20.10. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Privilege Escalation Heap Overflow +2
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Medtronic MyCareLink Smart 25000 is vulnerable when an authenticated attacker runs a debug command, which can be sent to the patient reader and cause a heap overflow event within the MCL Smart. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Mycarelink Smart Model 25000 Firmware
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A heap-based buffer overflow vulnerability exists within the WECON LeviStudioU Release Build 2019-09-21 and prior when processing project files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Levistudiou
NVD
EPSS 1% CVSS 7.1
HIGH POC This Week

A flaw was found in ImageMagick in MagickCore/quantum-private.h. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Imagemagick
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Imagemagick +1
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Imagemagick
NVD
Prev Page 20 of 22 Next

Quick Facts

Typical Severity
HIGH
Category
memory
Total CVEs
1940

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy