Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-122

CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,312 vulnerabilities with CWE-122

CVE-2026-23533 CRITICAL

FreeRDP < 3.21.0 - Heap-based Buffer Overflow in RDPGFX ClearCodec Decode Path

CVE-2026-23532 CRITICAL

FreeRDP < 3.21.0 - Heap-based Buffer Overflow in gdi_SurfaceToSurface

CVE-2026-23531 CRITICAL

FreeRDP < 3.21.0 - Heap-based Buffer Overflow via RDPGFX Surface Updates

CVE-2026-23530 CRITICAL

FreeRDP < 3.21.0 - Heap-based Buffer Overflow in Planar Bitmap Decompression

CVE-2026-1145 MEDIUM

quickjs-ng quickjs < 0.11.0 - Heap-Based Buffer Overflow in js_typed_array_constructor_ta

CVE-2026-22854 CRITICAL

FreeRDP < 3.20.1 - Heap-based Buffer Overflow via Drive Read IRP Output Stream

CVE-2026-21304 HIGH

Adobe InDesign < 20.5.1 - Heap-based Buffer Overflow via Malicious File

CVE-2026-21283 HIGH

Adobe Bridge 15.1.2 and <=16.0 - Heap-based Buffer Overflow via Malicious File

CVE-2026-21281 HIGH

Adobe InCopy < 20.5.1 - Heap-based Buffer Overflow via Malicious File

CVE-2026-21277 HIGH

Adobe InDesign < 20.5.1 - Heap-based Buffer Overflow via Malicious File

CVE-2026-20957 HIGH

Microsoft Office Excel - Code Injection

CVE-2026-20922 HIGH

Windows 10 1607-22H2, Windows 11 23H2-25H2, Windows Server 2008-2016 - Authenticated Heap-based Buffer Overflow

CVE-2026-20876 MEDIUM

Windows VBS Enclave - Privilege Escalation

CVE-2026-20868 HIGH

Windows RRAS - Heap-based Buffer Overflow

CVE-2026-20864 HIGH

Connected Devices Platform Service - Privilege Escalation

CVE-2026-20840 HIGH

Windows 10 1607-25H2 and Windows Server 2008-2016 - Authenticated Heap-based Buffer Overflow

CVE-2026-20837 HIGH

Microsoft Windows Media - Heap-based Buffer Overflow

CVE-2026-20820 HIGH

Windows Common Log File System Driver - Buffer Overflow

CVE-2026-20809 HIGH

Windows Kernel Memory - Privilege Escalation

CVE-2026-0822 MEDIUM

quickjs-ng quickjs < 0.11.0 - Heap-Based Buffer Overflow in js_typed_array_sort

CVE-2026-0821 HIGH

quickjs-ng quickjs < 0.11.0 - Heap-Based Buffer Overflow in js_typed_array_constructor

CVE-2026-22697 HIGH

CryptoLib < 1.4.3 - Heap-based Buffer Overflow via Base64 Decoding

CVE-2026-22027 MEDIUM

CryptoLib < 1.4.3 - Heap-based Buffer Overflow in MariaDB SA Interface

CVE-2026-21682 HIGH

iccDEV < 2.3.1.2 - Heap-based Buffer Overflow in CIccXmlArrayType::ParseText()

CVE-2026-21678 HIGH

iccdev < 2.3.1.2 - Heap-based Buffer Overflow in IccTagXml()

Previous Page 17 of 93 Next

Details

Vulnerabilities 2,312

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy