heap overflow

A newly disclosed high‑severity vulnerability in Chromium’s PDF rendering engine, PDFium, has been assigned CVE‑2026‑2648 and patched upstream in Chrome 145.0.7632.109 (and sibling builds). The flaw is a heap buffer overflow that — when triggered by a specially crafted PDF — can result in...

A heap‑based buffer overflow in the widely used giflib library — tracked as CVE‑2025‑31344 — has been publicly disclosed and fixed upstream after reports that the gif2rgb utility can be made to write past an allocated heap buffer when presented with a specially crafted GIF, creating crash and...

A heap buffer overflow in GNU Debugger’s PE/COFF reader can crash the tool and, in narrow circumstances, may allow more serious memory corruption—CVE-2023-39130 exposes that weakness in the pe_as16() function inside coff-pe-read.c and underlines why even command‑line developer tools must be...

A heap‑based buffer overflow in libjpeg‑turbo’s merged upsampling code — tracked as CVE‑2023‑2804 — remains a practical reminder that long‑tail, niche JPEG features can produce high‑impact crashes and information‑security headaches across desktop, server and embedded ecosystems. The flaw is...

Microsoft’s Security Response Center has registered CVE-2026-21259 as a heap‑based buffer overflow in Microsoft Excel that can be turned into a local elevation‑of‑privilege (EoP) condition — a serious class of vulnerability that demands immediate attention from patch and security teams even...

A heap-based buffer overflow has been disclosed in the HDF5 library that can be triggered while flushing object messages: the flaw exists in the function H5O_msg_flush in src/H5Omessage.c (tracked as CVE‑2025‑2912) and affects HDF5 releases up to and including 1.14.6. The issue can be provoked...

A newly assigned CVE (CVE-2025-14178) discloses a heap buffer overflow in PHP’s array_merge that can be triggered when a sequence of packed arrays causes integer overflow while precomputing element counts — a defect patched in PHP 8.1.34, 8.2.30, 8.3.29, 8.4.16 and 8.5.1 and now tracked across...

A heap‑based buffer overflow has been publicly disclosed in HDF5 1.14.6: the flaw resides in the free‑space serialization callback H5FS__sinfo_serialize_node_cb within src/H5FScache.c and can be triggered when an application processes crafted or corrupted .h5 files, producing a one‑byte...

A heap-based buffer overflow has been publicly disclosed in HDF5 1.14.6 — tracked as CVE-2025-6818 — rooted in the H5O__chunk_protect routine inside src/H5Ochunk.c, creating a locally exploitable crash and potential memory‑corruption vector that defenders must treat seriously in any environment...

A heap-based buffer overflow in HDF5’s object-header serialization has been publicly documented and fixed, and defenders need to treat it as a practical risk for any service or product that opens untrusted .h5 files: CVE‑2025‑6816 affects HDF5 1.14.6 in the function H5O__fsinfo_encode (file...

A critical heap‑based buffer overflow affecting HDF5's cache reconstruction routine — tracked as CVE‑2025‑6269 — was disclosed in mid‑June 2025 and affects HDF5 releases up to and including 1.14.6; the flaw lives in the function H5C__reconstruct_cache_entry inside H5Cimage.c and can be triggered...

A heap-based buffer overflow in the HDF5 library’s free-space serialization code (tracked as CVE‑2025‑2914) has been publicly disclosed and reproducible proof‑of‑concept material is available: the bug can be triggered when HDF5 v1.14.6 (and earlier, where present) processes crafted free‑space...

A heap‑buffer overflow in HDF5’s heap-list deserialization routine — H5HL__fl_deserialize in src/H5HLcache.c — was disclosed in March 2025 as CVE‑2025‑2924; the flaw can cause out‑of‑bounds reads and heap corruption when the library processes crafted .h5 files, a proof‑of‑concept was published...

A heap‑buffer overflow in a core HDF5 routine has thrown scientific-computing teams and Linux packagers into an urgent triage cycle: CVE‑2025‑44904 identifies a heap buffer overflow in HDF5 v1.14.6 rooted in the H5VM_memcpyvv function, and public proof‑of‑concept material and vendor tracking...

HDF5 1.14.6 contains a heap buffer overflow in the Scale‑Offset filter (H5Z__filter_scaleoffset) that can be triggered by malformed HDF5 files and has been assigned CVE‑2025‑44905, creating a realistic denial‑of‑service and memory‑corruption risk for any software or service that reads untrusted...

Microsoft’s security index added CVE-2025-64680 on December 9, 2025 — a high‑impact elevation‑of‑privilege flaw in the Windows Desktop Window Manager (DWM) Core Library that vendors and multiple public trackers classify as a heap‑based buffer overflow with a CVSS v3.1 base score of 7.8 (High)...

Microsoft’s security trackers list a newly published ReFS vulnerability — CVE-2025-62456 — as a high‑severity, heap‑based buffer‑overflow that can lead to remote code execution when the Resilient File System (ReFS) processes specially crafted inputs, and operators should treat the advisory as...

Microsoft disclosed a high‑severity heap‑based buffer overflow in the Windows Subsystem for Linux GUI (WSLg) that can allow code execution via crafted inputs; the flaw was recorded as CVE‑2025‑62220 with a CVSS v3.1 base score of 8.8 and was publicly posted on November 11, 2025. Immediate vendor...

Microsoft has recorded CVE-2025-58725 as an elevation-of-privilege vulnerability in the Windows COM+ Event System (Inbox COM) / COM-based handler family that can allow a locally authorized attacker to escalate privileges on affected Windows hosts; administrators should treat this as a...

CVE-2025-55697 is a newly catalogued heap‑based buffer overflow in an Azure local component that allows an authorized local user to elevate privileges on an affected host; Microsoft assigned a high severity rating (CVSS 3.1 base score 7.8) and published vendor guidance that administrators should...