CWE-122— Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().— MITRE CWE catalog
2,323 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-122page 37 of 47
- CVE-2025-59504HIGHCVSS 7.3EG 7.32025-11-11
Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally.
- CVE-2025-59938MEDIUMCVSS 6.5EG 6.52025-09-27
Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions starting from 3.8.0 to before 4.11.0, wazuh-analysisd is vulnerable to a heap buffer overflow when parsing XML elements from Windows …
- CVE-2025-60468MEDIUMCVSS 5.5EG 5.52026-06-24
GPAC Multimedia Open Source Project GPAC Project/MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affected by: Buffer Overflow. The impact is: cause a denial of service (local). The component is: filter_core/filter_pid.c (L:574-580): function g…
- CVE-2025-60714HIGHCVSS 7.8EG 7.82025-11-11
Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally.
- CVE-2025-60715HIGHCVSS 8.0EG 8.02025-11-11
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
- CVE-2025-60724CRITICALCVSS 9.8EG 9.82025-11-11
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
- CVE-2025-61154MEDIUMCVSS 6.5EG 6.52026-03-12
Heap buffer overflow vulnerability in LibreDWG versions v0.13.3.7571 up to v0.13.3.7835 allows a crafted DWG file to cause a Denial of Service (DoS) via the function decompress_R2004_section at decode.c.
- CVE-2025-6120MEDIUMCVSS 5.3EG 5.32025-06-16
A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function read_meshes in the library assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulatio…
- CVE-2025-61553HIGHCVSS 8.2EG 8.22025-10-16
An out-of-bounds write in VirtIO network device emulation in BitVisor from commit 108df6 (2020-05-20) to commit 480907 (2025-07-06) allows local attackers to cause a denial of service (host hypervisor crash) via a crafted PCI configuration…
- CVE-2025-61804HIGHCVSS 7.8EG 7.82025-10-15
Animate versions 23.0.13, 24.0.10 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction…
- CVE-2025-61816HIGHCVSS 7.8EG 7.82025-11-11
InCopy versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in t…
- CVE-2025-61819HIGHCVSS 7.8EG 7.82025-11-11
Photoshop Desktop versions 26.8.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction…
- CVE-2025-61820HIGHCVSS 7.8EG 7.82025-11-11
Illustrator versions 28.7.10, 29.8.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact…
- CVE-2025-61824HIGHCVSS 7.8EG 7.82025-11-11
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera…
- CVE-2025-61827HIGHCVSS 7.8EG 7.82025-11-11
Illustrator on iPad versions 3.0.9 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio…
- CVE-2025-61829HIGHCVSS 7.8EG 7.82025-11-11
Illustrator on iPad versions 3.0.9 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio…
- CVE-2025-61832HIGHCVSS 7.8EG 7.82025-11-11
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user intera…
- CVE-2025-61837HIGHCVSS 7.8EG 7.82025-11-11
Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in …
- CVE-2025-61838HIGHCVSS 7.8EG 7.82025-11-11
Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in …
- CVE-2025-61944HIGHCVSS 8.0EG 8.02026-02-03
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet con…
- CVE-2025-61983HIGHCVSS 8.0EG 8.02026-02-03
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet con…
- CVE-2025-62201HIGHCVSS 7.8EG 7.82025-11-11
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-62220HIGHCVSS 8.8EG 8.82025-11-11
Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network.
- CVE-2025-62404HIGHCVSS 8.0EG 8.02026-02-03
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet who…
- CVE-2025-62405HIGHCVSS 8.0EG 8.02026-02-03
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet con…
- CVE-2025-62452HIGHCVSS 8.0EG 8.02025-11-11
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
- CVE-2025-62454HIGHCVSS 7.8EG 7.82025-12-09
Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
- CVE-2025-62456HIGHCVSS 8.8EG 8.82025-12-09
Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network.
- CVE-2025-62458HIGHCVSS 7.8EG 7.82025-12-09
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- CVE-2025-62470HIGHCVSS 7.8EG 7.82025-12-09
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- CVE-2025-62526HIGHCVSS 7.8EG 7.92025-10-22
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially exec…
- CVE-2025-62601HIGHCVSS 7.5EG 7.52026-02-03
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an …
- CVE-2025-62602HIGHCVSS 7.5EG 7.52026-02-03
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an …
- CVE-2025-62608CRITICALCVSS 9.1EG 9.12025-11-21
MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a heap buffer overflow in mlx::core::load() when parsing malicious NumPy .npy files. Attacker-controlled file causes 13-byte out-of-bounds r…
- CVE-2025-62624HIGHCVSS 8.8EG 8.82026-05-13
A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
- CVE-2025-62673HIGHCVSS 8.0EG 8.02026-02-03
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tdpserver modules) allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a mali…
- CVE-2025-62689HIGHCVSS 7.5EG 7.52025-11-10
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet…
- CVE-2025-6269MEDIUMCVSS 5.3EG 5.32025-06-19
A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5C__reconstruct_cache_entry of the file H5Cimage.c. The manipulation leads to heap-based buffer overflow. Attacking loca…
- CVE-2025-6270MEDIUMCVSS 5.3EG 5.32025-06-19
A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FS__sect_find_node of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is poss…
- CVE-2025-62799CRITICALCVSS 9.8EG 9.82026-02-03
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATA_FRAG receive path. An un…
- CVE-2025-63701MEDIUMCVSS 6.8EG 6.82025-11-14
A heap corruption vulnerability exists in the Advantech TP-3250 printer driver's DrvUI_x64_ADVANTECH.dll (v0.3.9200.20789) when DocumentPropertiesW() is called with a valid dmDriverExtra value but an undersized output buffer. The driver in…
- CVE-2025-63927MEDIUMCVSS 4.0EG 4.02025-11-12
A heap-use-after-free vulnerability exists in airpig2011 IEC104 thru Commit be6d841 (2019-07-08). During multi-threaded client execution, the function Iec10x_Scheduled can access memory that has already been freed, potentially causing prog…
- CVE-2025-64330HIGHCVSS 7.5EG 7.52025-11-26
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.ale…
- CVE-2025-64524MEDIUMCVSS 5.5EG 3.32025-11-20
cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In versions 2.0.1 and prior, a heap-buffer-overflow vulnerability in the rastertopclx filt…
- CVE-2025-64678HIGHCVSS 8.8EG 8.82025-12-09
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-64679HIGHCVSS 7.8EG 7.82025-12-09
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2025-64680HIGHCVSS 7.8EG 7.82025-12-09
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2025-64693CRITICALCVSS 9.8EG 9.82025-11-25
Security Point (Windows) of MaLion and MaLionCloud contains a heap-based buffer overflow vulnerability in processing Content-Length. Receiving a specially crafted request from a remote unauthenticated attacker could lead to arbitrary code …
- CVE-2025-64784HIGHCVSS 7.1EG 7.12025-12-09
DNG SDK versions 1.7.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure or application denial of service. An attacker could leverage this vulnerability to disclose sensitive memory i…
- CVE-2025-6490LOWCVSS 3.3EG 3.32025-06-22
A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833 and classified as problematic. This issue affects the function hashmap_set_with_hash of the file gumbo-parser/src/hashmap.c. The manipulation lead…
Map vulnerabilities like CWE-122 to your infrastructure
EchelonGraph correlates every CVE — across CWE-122 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →