Heap-Buffer-Overflow

A heap-buffer-overflow vulnerability exists in binutils when processing a specially crafted XCOFF object file, potentially leading to arbitrary code execution or denial of service.

ImageMagick versions before 7.1.2-19 and 6.9.13-44 are vulnerable to a heap buffer overflow in the MVG decoder, potentially leading to an out-of-bounds write when processing a crafted image, which can result in denial of service or arbitrary code execution.

CVE-2026-20884 is an integer overflow vulnerability in LibRaw's deflate_dng_load_raw function that leads to a heap buffer overflow when processing crafted DNG files.

A heap-buffer-overflow read vulnerability exists in openFPGALoader 1.1.1 and earlier, allowing out-of-bounds heap memory access via a crafted .pof file, potentially leading to denial of service or information disclosure.

A heap-buffer-overflow read vulnerability exists in FreeRDP versions prior to 3.24.2, specifically in the winpr_aligned_offset_recalloc() function, potentially leading to denial of service or information disclosure.

A heap buffer overflow vulnerability (CVE-2026-4675) exists in Google Chrome's WebGL implementation prior to version 146.0.7680.165, allowing a remote attacker to perform an out-of-bounds memory read via a specially crafted HTML page, potentially leading to information disclosure or arbitrary code execution.