CWE-122— Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().— MITRE CWE catalog
2,323 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-122page 29 of 47
- CVE-2025-1538HIGHCVSS 8.8EG 8.82025-02-21
A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this vulnerability is the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. The attack can be launched …
- CVE-2025-15533MEDIUMCVSS 5.3EG 5.32026-01-18
A vulnerability was determined in raysan5 raylib up to 909f040. Affected by this vulnerability is the function GenImageFontAtlas of the file src/rtext.c. Executing a manipulation can lead to heap-based buffer overflow. The attack can only …
- CVE-2025-15536MEDIUMCVSS 5.3EG 5.32026-01-18
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is …
- CVE-2025-15537MEDIUMCVSS 5.3EG 5.32026-01-18
A security vulnerability has been detected in Mapnik up to 4.2.0. This issue affects the function mapnik::dbf_file::string_value of the file plugins/input/shape/dbfile.cpp. Such manipulation leads to heap-based buffer overflow. The attack …
- CVE-2025-15666MEDIUMCVSS 5.3EG 5.32026-07-01
A security vulnerability has been detected in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function Assimp::SceneCombiner::Copy of the file code/Common/SceneCombiner.cpp of the component Model File Ha…
- CVE-2025-15668LOWCVSS 3.3EG 3.32026-07-06
A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpd_del_entry of the file src/isomedia/box_code_base.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer over…
- CVE-2025-1651HIGHCVSS 7.8EG 7.82025-03-13
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in th…
- CVE-2025-1656HIGHCVSS 7.8EG 7.82025-04-15
A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrar…
- CVE-2025-1788MEDIUMCVSS 5.3EG 5.32025-03-01
A vulnerability, which was classified as critical, was found in rizinorg rizin up to 0.8.0. This affects the function rz_utf8_encode in the library /librz/util/utf8.c. The manipulation leads to heap-based buffer overflow. An attack has to …
- CVE-2025-1943HIGHCVSS 8.2EG 8.22025-03-04
Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability…
- CVE-2025-20128MEDIUMCVSS 5.3EG 5.32025-01-22
A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a…
- CVE-2025-2019HIGHCVSS 7.8EG 7.82025-03-11
Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction …
- CVE-2025-20260CRITICALCVSS 9.8EG 9.82025-06-18
A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arbitrary code on an affected device. Th…
- CVE-2025-20363CRITICALCVSS 9.0EG 9.02025-09-25
A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow …
- CVE-2025-20672CRITICALCVSS 9.8EG 9.82025-06-02
In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch I…
- CVE-2025-20680CRITICALCVSS 9.8EG 9.82025-07-08
In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch I…
- CVE-2025-20685HIGHCVSS 8.8EG 9.82025-07-08
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for ex…
- CVE-2025-20686HIGHCVSS 8.8EG 9.82025-07-08
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for ex…
- CVE-2025-20712HIGHCVSS 8.8EG 8.82025-10-14
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not need…
- CVE-2025-20720HIGHCVSS 8.8EG 8.82025-10-14
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not need…
- CVE-2025-20726HIGHCVSS 7.5EG 7.52025-11-04
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution p…
- CVE-2025-20728HIGHCVSS 7.8EG 7.82025-11-04
In wlan STA driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID…
- CVE-2025-20729MEDIUMCVSS 4.2EG 4.22025-11-04
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed fo…
- CVE-2025-20731MEDIUMCVSS 5.3EG 5.32025-11-04
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege (when OceReducedNeighborReport is …
- CVE-2025-20733HIGHCVSS 7.8EG 7.82025-11-04
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID:…
- CVE-2025-20734MEDIUMCVSS 5.3EG 5.32025-11-04
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed fo…
- CVE-2025-20735HIGHCVSS 7.8EG 7.82025-11-04
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID:…
- CVE-2025-20741MEDIUMCVSS 6.7EG 6.72025-11-04
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed fo…
- CVE-2025-20742HIGHCVSS 8.0EG 8.02025-11-04
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not need…
- CVE-2025-20774MEDIUMCVSS 6.7EG 6.72025-12-02
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploita…
- CVE-2025-21123HIGHCVSS 7.8EG 7.82025-02-11
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in…
- CVE-2025-21129HIGHCVSS 7.8EG 7.82025-01-14
Substance3D - Stager versions 3.0.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interacti…
- CVE-2025-21137HIGHCVSS 7.8EG 7.82025-01-14
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact…
- CVE-2025-21139HIGHCVSS 7.8EG 7.82025-01-14
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact…
- CVE-2025-21169HIGHCVSS 7.8EG 7.82025-03-11
Substance3D - Designer versions 14.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact…
- CVE-2025-21171HIGHCVSS 7.5EG 7.52025-01-14
.NET Remote Code Execution Vulnerability
- CVE-2025-21172HIGHCVSS 7.5EG 7.52025-01-14
.NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2025-21178HIGHCVSS 8.8EG 8.82025-01-14
Visual Studio Remote Code Execution Vulnerability
- CVE-2025-21180HIGHCVSS 7.8EG 7.82025-03-11
Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.
- CVE-2025-21184HIGHCVSS 7.0EG 7.02025-02-11
Windows Core Messaging Elevation of Privileges Vulnerability
- CVE-2025-21186HIGHCVSS 7.8EG 7.82025-01-14
Microsoft Access Remote Code Execution Vulnerability
- CVE-2025-21190HIGHCVSS 8.8EG 8.82025-02-11
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21200HIGHCVSS 8.8EG 8.82025-02-11
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21205HIGHCVSS 8.8EG 8.82025-04-08
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
- CVE-2025-21208HIGHCVSS 8.8EG 8.82025-02-11
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2025-21221HIGHCVSS 8.8EG 8.82025-04-08
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
- CVE-2025-21222HIGHCVSS 8.8EG 8.82025-04-08
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
- CVE-2025-21223HIGHCVSS 8.8EG 8.82025-01-14
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21233HIGHCVSS 8.8EG 8.82025-01-14
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21236HIGHCVSS 8.8EG 8.82025-01-14
Windows Telephony Service Remote Code Execution Vulnerability
Map vulnerabilities like CWE-122 to your infrastructure
EchelonGraph correlates every CVE — across CWE-122 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →