VYPR

CWE-122

Heap-based Buffer Overflow

VariantDraftLikelihood: High

Description

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-92

CVEs mapped to this weakness (568)

page 20 of 29
  • CVE-2026-45252MedMay 21, 2026
    risk 0.36cvss 5.5epss 0.00

    When a fusefs file system implements extended attributes, the kernel may send a FUSE_LISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. …

  • CVE-2026-45130MedMay 8, 2026
    risk 0.36cvss 6.6epss 0.00

    Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound…

  • CVE-2026-27301MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    Adobe Framemaker versions 2022.8 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user…

  • CVE-2026-27286MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires…

  • CVE-2026-27285MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or disrupt its functionality. Exploitation of…

  • CVE-2025-7208MedJul 9, 2025
    risk 0.36cvss 5.5epss 0.01

    A vulnerability was found in 9fans plan9port up to 9da5b44. It has been classified as critical. This affects the function edump in the library /src/plan9port/src/libsec/port/x509.c. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the…

  • CVE-2024-53310MedFeb 13, 2025
    risk 0.36cvss 5.5epss 0.00

    A Structured Exception Handler based buffer overflow vulnerability exists in Effectmatrix Total Video Converter Command Line (TVCC) 2.50 when a specially crafted file is passed to the -ff parameter. The vulnerability occurs due to improper handling of file input with overly long…

  • CVE-2026-9149MedMay 21, 2026
    risk 0.35cvss 6.5epss 0.00

    A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. This leads to an undersized memory allocation and a subsequent out-of-bounds…

  • CVE-2026-32624MedApr 17, 2026
    risk 0.35cvss 6.5epss 0.00

    xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in its logon processing. In environments where domain_user_separator is configured in xrdp.ini, an unauthenticated remote attacker can send a crafted, excessively long…

  • CVE-2026-41981MedJun 9, 2026
    risk 0.34cvss 5.3epss 0.00

    Out-of-bounds write vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability.

  • CVE-2026-4391MedMay 27, 2026
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able…

  • CVE-2026-9541MedMay 26, 2026
    risk 0.34cvss 5.3epss 0.00

    A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access.…

  • CVE-2026-48135MedMay 26, 2026
    risk 0.34cvss 5.3epss 0.03

    A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation.

  • CVE-2026-9500MedMay 25, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read_2004_compressed_section of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with…

  • CVE-2026-32961MedApr 20, 2026
    risk 0.34cvss 5.3epss 0.01

    SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data processing of sx_smpd. Processing a crafted packet may cause a temporary denial-of-service (DoS) condition.

  • CVE-2026-6491MedApr 17, 2026
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function im_minpos_vec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. An attack…

  • CVE-2026-5474MedApr 3, 2026
    risk 0.34cvss 6.3epss 0.00

    A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFE_MSG_GetSize of the file apps/to_lab/fsw/src/to_lab_passthru_encode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must…

  • CVE-2026-5236MedMar 31, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument n_presentations leads to heap-based buffer overflow. The attack…

  • CVE-2026-5235MedMar 31, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was determined in Axiomatic Bento4 up to 1.6.0-641. This impacts the function AP4_BitReader::ReadCache of the file Ap4Dac4Atom.cpp of the component MP4 File Parser. This manipulation causes heap-based buffer overflow. The attack needs to be launched locally. The…

  • CVE-2026-5185MedMar 31, 2026
    risk 0.34cvss 5.3epss 0.00

    A security flaw has been discovered in Nothings stb_image up to 2.30. This affects the function stbi__gif_load_next of the file stb_image.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local…