CWE-122— Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().— MITRE CWE catalog
2,323 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-122page 35 of 47
- CVE-2025-50168HIGHCVSS 7.8EG 7.82025-08-12
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
- CVE-2025-50176HIGHCVSS 7.8EG 7.82025-08-12
Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally.
- CVE-2025-50343CRITICALCVSS 9.8EG 9.82025-12-30
An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in Mat_VarCreateStruct() when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invali…
- CVE-2025-50360HIGHCVSS 8.4EG 8.42025-12-03
A heap buffer overflow in compiler.c and compiler.h in Pepper language 0.1.1commit 961a5d9988c5986d563310275adad3fd181b2bb7. Malicious execution of a pepper source file(.pr) could lead to arbitrary code execution or Denial of Service.
- CVE-2025-5040HIGHCVSS 7.8EG 7.82025-07-10
A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the co…
- CVE-2025-5043HIGHCVSS 7.8EG 7.82025-07-29
A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbi…
- CVE-2025-50617HIGHCVSS 7.5EG 7.52025-08-13
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046ed68 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wps_set in the payload, which can cau…
- CVE-2025-51005HIGHCVSS 7.5EG 7.52025-09-23
A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at do_checksum_math_liveplay in …
- CVE-2025-51089MEDIUMCVSS 6.5EG 6.52025-07-24
Tenda AC8V4 V16.03.34.06` was discovered to contain heap overflow at /goform/GetParentControlInfo.The manipulation of the argument `mac` leads to heap-based buffer overflow.
- CVE-2025-52584HIGHCVSS 7.8EG 7.82025-08-18
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing XE files. This could lead to a heap-based buffer overflow…
- CVE-2025-52868HIGHCVSS 8.1EG 8.12026-02-11
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in …
- CVE-2025-52869HIGHCVSS 8.1EG 8.12026-02-11
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in …
- CVE-2025-52870HIGHCVSS 8.1EG 8.12026-02-11
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in …
- CVE-2025-53085HIGHCVSS 8.8EG 8.82025-08-25
A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .psd file, a heap-based buffer overflow can occur which al…
- CVE-2025-53131HIGHCVSS 8.8EG 8.82025-08-12
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
- CVE-2025-53149HIGHCVSS 7.8EG 7.82025-08-12
Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
- CVE-2025-53155HIGHCVSS 7.8EG 7.82025-08-12
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
- CVE-2025-53179MEDIUMCVSS 6.5EG 6.52025-07-07
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53180MEDIUMCVSS 6.5EG 6.52025-07-07
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53181MEDIUMCVSS 6.5EG 6.52025-07-07
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53182MEDIUMCVSS 6.5EG 6.52025-07-07
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53183MEDIUMCVSS 6.5EG 6.52025-07-07
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53184MEDIUMCVSS 6.5EG 6.52025-07-07
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
- CVE-2025-53511CRITICALCVSS 9.8EG 9.82025-08-25
A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pro…
- CVE-2025-53557CRITICALCVSS 9.8EG 9.82025-08-25
A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can pro…
- CVE-2025-53630HIGHCVSS 8.9EG 8.92025-07-10
llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the gguf_init_from_file_impl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900…
- CVE-2025-53720HIGHCVSS 8.0EG 8.02025-08-12
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
- CVE-2025-53723HIGHCVSS 7.8EG 7.82025-08-12
Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
- CVE-2025-53732HIGHCVSS 7.8EG 7.82025-08-12
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2025-53737HIGHCVSS 7.8EG 7.82025-08-12
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-53741HIGHCVSS 7.8EG 7.82025-08-12
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-53766CRITICALCVSS 9.8EG 9.82025-08-12
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
- CVE-2025-53783HIGHCVSS 7.5EG 7.52025-08-12
Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network.
- CVE-2025-53816HIGHCVSS 7.5EG 7.52025-07-17
7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. Version 25.0.0 contains a fix for the issu…
- CVE-2025-53853CRITICALCVSS 9.8EG 9.82025-08-25
A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted ISHNE ECG annotations file can lead to arbitrary code execution. A…
- CVE-2025-54091HIGHCVSS 7.8EG 7.82025-09-09
Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
- CVE-2025-54113HIGHCVSS 8.8EG 8.82025-09-09
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-54209HIGHCVSS 7.8EG 7.82025-08-12
InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera…
- CVE-2025-54211HIGHCVSS 7.8EG 7.82025-08-12
InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera…
- CVE-2025-54212HIGHCVSS 7.8EG 7.82025-08-12
InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera…
- CVE-2025-54217HIGHCVSS 7.8EG 7.82025-08-12
InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in t…
- CVE-2025-54219HIGHCVSS 7.8EG 7.82025-08-12
InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in t…
- CVE-2025-54220HIGHCVSS 7.8EG 7.82025-08-12
InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in t…
- CVE-2025-54244HIGHCVSS 7.8EG 7.82025-09-09
Substance3D - Viewer versions 0.25.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact…
- CVE-2025-54268HIGHCVSS 7.8EG 7.82025-10-15
Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in…
- CVE-2025-54278MEDIUMCVSS 5.5EG 5.52025-10-15
Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exp…
- CVE-2025-54282HIGHCVSS 7.8EG 7.82025-10-14
Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user inte…
- CVE-2025-54329HIGHCVSS 7.5EG 7.52025-11-04
An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function u…
- CVE-2025-54462CRITICALCVSS 9.8EG 9.82025-08-25
A heap-based buffer overflow vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted .nex file can lead to arbitrary code execution. An attacker can prov…
- CVE-2025-54496HIGHCVSS 7.8EG 7.82025-11-04
A maliciously crafted project file may cause a heap-based buffer overflow in Fuji Electric Monitouch V-SFT-6, which may allow the attacker to execute arbitrary code.
Map vulnerabilities like CWE-122 to your infrastructure
EchelonGraph correlates every CVE — across CWE-122 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →