HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Z__nbit_decompress_one_byte in H5Znbit.c, caused by the earlier use of an initialized pointer.

CVE-2024-32616HIGHCVSS 7.4EG 7.4

2024-05-14

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5O__dtype_encode_helper in H5Odtype.c.

CVE-2024-32617HIGHCVSS 8.8EG 8.8

2024-05-14

HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MM_xstrdup in H5MM.c (called from H5G__ent_to_link in H5Glink.c).

CVE-2024-32618HIGHCVSS 7.4EG 7.4

2024-05-14

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__get_native_type in H5Tnative.c, resulting in the corruption of the instruction pointer.

CVE-2024-32619HIGHCVSS 7.4EG 7.4

2024-05-14

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the instruction pointer.

CVE-2024-32620HIGHCVSS 7.4EG 7.4

2024-05-14

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5F_addr_decode_len in H5Fint.c, resulting in the corruption of the instruction pointer.

CVE-2024-32621CRITICALCVSS 9.8EG 9.8

2024-05-14

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HG_read in H5HG.c (called from H5VL__native_blob_get in H5VLnative_blob.c), resulting in the corruption of the instruction pointer.

CVE-2024-32623HIGHCVSS 8.8EG 8.8

2024-05-14

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VM_array_fill in H5VM.c (called from H5S_select_elements in H5Spoint.c).

CVE-2024-32624HIGHCVSS 7.4EG 7.4

2024-05-14

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__ref_mem_setnull in H5Tref.c (called from H5T__conv_ref in H5Tconv.c), resulting in the corruption of the instruction pointer.

CVE-2024-32664MEDIUMCVSS 5.3EG 5.3

2024-05-07

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability …

CVE-2024-32671CRITICALCVSS 9.8EG 9.8

2024-07-29

Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows Overflow Buffers.This issue affects Escargot: 4.0.0.

CVE-2024-32763HIGHCVSS 8.8EG 8.8

2024-09-06

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already …

CVE-2024-33428HIGHCVSS 8.8EG 8.8

2024-05-01

Buffer-Overflow vulnerability at conv.c:68 of stsaz phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via the a crafted .wav file.

CVE-2024-33429HIGHCVSS 7.1EG 7.1

2024-05-01

Buffer-Overflow vulnerability at pcm_convert.h:513 of phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via a crafted .wav file.

CVE-2024-33489HIGHCVSS 7.8EG 7.8

2024-05-14

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute cod…

CVE-2024-33505MEDIUMCVSS 5.6EG 5.6

2024-11-12

A heap-based buffer overflow in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0…

CVE-2024-33698CRITICALCVSS 9.8EG 9.8

2024-09-10

A vulnerability has been identified in Opcenter Quality (All versions < V2406), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versi…

CVE-2024-33873HIGHCVSS 8.8EG 8.8

2024-05-14

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c.

CVE-2024-33877HIGHCVSS 8.8EG 8.8

2024-05-14

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__conv_struct_opt in H5Tconv.c.

CVE-2024-34199HIGHCVSS 8.6EG 8.6

2024-05-14

TinyWeb 1.94 and below allows unauthenticated remote attackers to cause a denial of service (Buffer Overflow) when sending excessively large elements in the request line.

CVE-2024-34249CRITICALCVSS 9.8EG 9.8

2024-05-06

wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3_compile.c.

CVE-2024-34250MEDIUMCVSS 6.2EG 6.2

2024-05-06

A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasm_loader_check_br" function in core/iwasm/interpreter/wasm_…

CVE-2024-34408MEDIUMCVSS 5.3EG 5.3

2024-05-03

Tencent libpag through 4.3.51 has an integer overflow in DecodeStream::checkEndOfFile() in codec/utils/DecodeStream.cpp via a crafted PAG (Portable Animated Graphics) file.

CVE-2024-34459HIGHCVSS 7.5EG 7.5

2024-05-14

An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.

CVE-2024-3447MEDIUMCVSS 6.0EG 6.0

2024-11-14

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use…

CVE-2024-34771HIGHCVSS 7.8EG 7.8

2024-05-14

A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 2). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute cod…

CVE-2024-3516MEDIUMCVSS 6.5EG 8.8

2024-04-10

Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-35256HIGHCVSS 8.8EG 8.8

2024-07-09

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVE-2024-35271HIGHCVSS 8.8EG 8.8

2024-07-09

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVE-2024-35272HIGHCVSS 8.8EG 8.8

2024-07-09

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVE-2024-35434HIGHCVSS 7.5EG 7.5

2024-05-29

Irontec Sngrep v1.8.1 was discovered to contain a heap buffer overflow via the function rtp_check_packet at /sngrep/src/rtp.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SIP packet.

CVE-2024-36702HIGHCVSS 7.4EG 7.4

2024-06-11

libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at /asn1/ber_encoder.c.

CVE-2024-36843HIGHCVSS 7.5EG 7.5

2024-05-31

libmodbus v3.1.6 was discovered to contain a heap overflow via the modbus_mapping_free() function.

CVE-2024-37001HIGHCVSS 7.8EG 8.8

2024-06-25

A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arb…

CVE-2024-37041HIGHCVSS 7.2EG 7.2

2024-11-22

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute cod…

CVE-2024-37079CRITICALCVSS 9.8EG 9.8⚠ KEV

2024-06-18

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potent…

CVE-2024-37080CRITICALCVSS 9.8EG 9.8

2024-06-18

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potent…

CVE-2024-37280MEDIUMCVSS 4.9EG 4.9

2024-06-13

A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverf…

CVE-2024-37310CRITICALCVSS 9.0EG 9.0

2024-07-10

EVerest is an EV charging software stack. An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. This vulnerability is fixed in 2024.3.1 and …

CVE-2024-37318HIGHCVSS 8.8EG 8.8

2024-07-09

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVE-2024-37319HIGHCVSS 8.8EG 8.8

2024-07-09

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVE-2024-37321HIGHCVSS 8.8EG 8.8

2024-07-09

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVE-2024-37322HIGHCVSS 8.8EG 8.8

2024-07-09

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability