CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,335 vulnerabilities with CWE-122
CVE-2018-14813 CRITICAL
Fuji Electric V-Server <4.0.3.0 - Buffer Overflow
CVSS 9.8
CVE-2018-10606 HIGH
WECON LeviStudio <1.8.44 - Buffer Overflow
CVSS 8.8
CVE-2018-14821 HIGH
Rockwell Automation RSLinx Classic <4.00.01 - DoS
CVSS 7.5
CVE-2018-10893 HIGH
spice - Integer Overflow and Buffer Overflow in LZ Compressed Frame Handling
CVSS 7.6
CVE-2018-14618 HIGH
libcurl < 7.61.1 - Heap Buffer Overflow via NTLM Authentication Password Length
CVSS 7.5
CVE-2018-14290 HIGH
Foxit Reader and PhantomPDF < 9.1.0.5096 - Remote Code Execution via PDF Parsing
CVSS 8.8
CVE-2018-1056 HIGH
advancecomp < 2.1 - Out-of-bounds Read via Crafted ZIP File Processing
CVSS 7.8
CVE-2018-3858 HIGH
Canvas Draw 4.0.0 - Heap-based Buffer Overflow in TIFF Parser
CVSS 7.8
CVE-2018-3857 HIGH
Canvas Draw 4.0.0 - Heap-based Buffer Overflow in TIFF Parsing
CVSS 7.8
CVE-2018-10840 MEDIUM
Linux Kernel - Heap-based Buffer Overflow in ext4_xattr_set_entry
CVSS 6.6
CVE-2018-1120 LOW
Linux Kernel < 4.17 - Denial of Service via FUSE mmap and /proc Read Blocking
CVSS 2.8
CVE-2018-10617 CRITICAL
Delta Industrial Automation DOPSoft < 4.00.04 - Remote Code Execution via .dpa File Heap Buffer Overflow
CVSS 9.8
CVE-2018-4833 HIGH
Siemens Rfid 181-eip Firmware < 5.2.3 - Heap Buffer Overflow
CVSS 8.8
CVE-2018-8871 CRITICAL
Delta Electronics Automation TPEditor <1.89 - Buffer Overflow
CVSS 9.8
CVE-2018-1123 LOW
procps-ng < 3.3.15 - Denial of Service via mmap Buffer Overflow
CVSS 3.9
CVE-2018-1124 HIGH
procps-ng <3.3.15 - Privilege Escalation
CVSS 7.8
CVE-2018-9974 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via Heap-Based Buffer Overflow in ConvertToPDF_x86.dll
CVSS 8.8
CVE-2018-9949 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via TIFF File Parsing
CVSS 8.8
CVE-2018-9947 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via BMP Image Parsing
CVSS 8.8
CVE-2018-10488 HIGH
Foxit Reader and PhantomPDF < 9.0.1.1049 - Remote Code Execution via U3D Texture Width Parsing
CVSS 8.8
CVE-2018-8845 CRITICAL
Advantech WebAccess <8.3.1 - Buffer Overflow
CVSS 9.8
CVE-2018-1089 HIGH
389 Directory Server < 1.3.6.15 - Unauthenticated Denial of Service via LDAP Search Filter
CVSS 7.5
CVE-2018-7507 HIGH
WPLSoft < 2.45.0 - Heap-Based Buffer Overflow via File Read
CVSS 8.8
CVE-2018-8833 HIGH
Advantech WebAccess HMI Designer <2.1.7.32 - Buffer Overflow
CVSS 7.8
CVE-2018-8834 HIGH
Omron CX-One <4.42 - Buffer Overflow
CVSS 7.8
Details
Vulnerabilities 2,335
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits