CWE-122
Heap-based Buffer Overflow
Description
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-92
CVEs mapped to this weakness (568)
page 28 of 29| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-55004 | 0.00 | — | 0.01 | Aug 13, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in… | |||
| CVE-2025-48071 | — | 0.00 | — | 0.00 | Jul 31, 2025 | OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep… | ||
| CVE-2025-48379 | 0.00 | — | 0.00 | Jul 1, 2025 | Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only… | |||
| CVE-2025-21172 | — | 0.00 | — | 0.02 | Jan 14, 2025 | .NET and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2025-21171 | 0.00 | — | 0.02 | Jan 14, 2025 | .NET Remote Code Execution Vulnerability | |||
| CVE-2024-43598 | — | 0.00 | — | 0.01 | Nov 12, 2024 | LightGBM Remote Code Execution Vulnerability | ||
| CVE-2024-46488 | — | 0.00 | — | 0.00 | Sep 25, 2024 | sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npy_token_next function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | ||
| CVE-2024-8948 | 0.00 | — | 0.01 | Sep 17, 2024 | A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected by this issue is the function mpz_as_bytes of the file py/objint.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed… | |||
| CVE-2024-8946 | 0.00 | — | 0.01 | Sep 17, 2024 | A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mp_vfs_umount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack… | |||
| CVE-2024-37280 | 0.00 | — | 0.01 | Jun 13, 2024 | A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and… | |||
| CVE-2024-30045 | 0.00 | — | 0.01 | May 14, 2024 | .NET and Visual Studio Remote Code Execution Vulnerability | |||
| CVE-2024-34249 | 0.00 | — | 0.01 | May 6, 2024 | wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3_compile.c. | |||
| CVE-2024-31580 | 0.00 | — | 0.00 | Apr 17, 2024 | PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||
| CVE-2023-50572 | — | 0.00 | — | 0.00 | Dec 29, 2023 | An issue in the component GroovyEngine.execute of jline-groovy v3.24.1 allows attackers to cause an OOM (OutofMemory) error. | ||
| CVE-2023-40889 | — | 0.00 | — | 0.02 | Aug 29, 2023 | A heap-based buffer overflow exists in the qr_reader_match_centers function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or… | ||
| CVE-2023-24897 | 0.00 | — | 0.01 | Jun 14, 2023 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | |||
| CVE-2023-25664 | 0.00 | — | 0.00 | Mar 24, 2023 | TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1. | |||
| CVE-2023-25668 | 0.00 | — | 0.01 | Mar 24, 2023 | TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and… | |||
| CVE-2022-43171 | — | 0.00 | — | 0.01 | Nov 17, 2022 | A heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind function of LIEF v0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted MachO file. | ||
| CVE-2022-24795 | — | 0.00 | — | 0.03 | Apr 5, 2022 | yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of `yajl` contain an integer overflow which leads to subsequent heap memory corruption when dealing with large (~2GB) inputs. The reallocation logic at `yajl_buf.c#L64`… |
- CVE-2025-55004Aug 13, 2025risk 0.00cvss —epss 0.01
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in…
- CVE-2025-48071Jul 31, 2025risk 0.00cvss —epss 0.00
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep…
- CVE-2025-48379Jul 1, 2025risk 0.00cvss —epss 0.00
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only…
- CVE-2025-21172Jan 14, 2025risk 0.00cvss —epss 0.02
.NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2025-21171Jan 14, 2025risk 0.00cvss —epss 0.02
.NET Remote Code Execution Vulnerability
- CVE-2024-43598Nov 12, 2024risk 0.00cvss —epss 0.01
LightGBM Remote Code Execution Vulnerability
- CVE-2024-46488Sep 25, 2024risk 0.00cvss —epss 0.00
sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npy_token_next function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.
- CVE-2024-8948Sep 17, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected by this issue is the function mpz_as_bytes of the file py/objint.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed…
- CVE-2024-8946Sep 17, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mp_vfs_umount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack…
- CVE-2024-37280Jun 13, 2024risk 0.00cvss —epss 0.01
A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and…
- CVE-2024-30045May 14, 2024risk 0.00cvss —epss 0.01
.NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2024-34249May 6, 2024risk 0.00cvss —epss 0.01
wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3_compile.c.
- CVE-2024-31580Apr 17, 2024risk 0.00cvss —epss 0.00
PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2023-50572Dec 29, 2023risk 0.00cvss —epss 0.00
An issue in the component GroovyEngine.execute of jline-groovy v3.24.1 allows attackers to cause an OOM (OutofMemory) error.
- CVE-2023-40889Aug 29, 2023risk 0.00cvss —epss 0.02
A heap-based buffer overflow exists in the qr_reader_match_centers function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or…
- CVE-2023-24897Jun 14, 2023risk 0.00cvss —epss 0.01
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
- CVE-2023-25664Mar 24, 2023risk 0.00cvss —epss 0.00
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1.
- CVE-2023-25668Mar 24, 2023risk 0.00cvss —epss 0.01
TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and…
- CVE-2022-43171Nov 17, 2022risk 0.00cvss —epss 0.01
A heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind function of LIEF v0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted MachO file.
- CVE-2022-24795Apr 5, 2022risk 0.00cvss —epss 0.03
yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of `yajl` contain an integer overflow which leads to subsequent heap memory corruption when dealing with large (~2GB) inputs. The reallocation logic at `yajl_buf.c#L64`…