CWE-122
High likelihoodHeap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
2,315 vulnerabilities with CWE-122
CVE-2025-68469
LOW
ImageMagick < 7.1.1-14 - Heap-based Buffer Overflow via Crafted TIFF File
CVSS 3.3
CVE-2025-67873
MEDIUM
capstone < 6.0.0 - Heap-based Buffer Overflow via Skipdata Callback
CVSS 4.8
CVE-2025-9457
HIGH
Autodesk <version> - Memory Corruption
CVSS 7.8
CVE-2025-10881
HIGH
Autodesk Shared Components < 2026.5 and 1.8.0.7-1.9.0.7 - Heap-Based Buffer Overflow via CATPRODUCT File Parsing
CVSS 7.8
CVE-2025-14673
HIGH
gmg137 snap7-rs < 1.142.1 - Heap-Based Buffer Overflow in S7Client::as_ct_write
CVSS 7.3
CVE-2025-14672
HIGH
gmg137 snap7-rs < 1.142.1 - Heap-Based Buffer Overflow in TSnap7MicroClient::opWriteArea
CVSS 7.3
CVE-2025-67896
HIGH
exim < 4.99.1 - Heap-based Buffer Overflow via Database Record Casting
CVSS 7.0
CVE-2025-36923
HIGH
Android - Heap-based Buffer Overflow in NrmmDecoder::DecodeSORTransparentContext
CVSS 8.0
CVE-2025-64784
HIGH
DNG SDK < 1.7.0 - Heap-based Buffer Overflow via Malicious File
CVSS 7.1
CVE-2025-64680
HIGH
Windows 10/11, Server 2016 - Privilege Escalation via DWM Core Library Heap Overflow
CVSS 7.8
CVE-2025-64679
HIGH
Windows DWM Core Library - Authenticated Heap-based Buffer Overflow
CVSS 7.8
CVE-2025-64678
HIGH
Windows 10 1607-22H2, Windows 11 23H2-25H2, Windows Server 2008-2016 - Remote Code Execution via RRAS Heap Overflow
CVSS 8.8
CVE-2025-62470
HIGH
Windows Common Log File System Driver - Authenticated Heap-based Buffer Overflow
CVSS 7.8
CVE-2025-62458
HIGH
Windows Win32K GRFX Heap-based Buffer Overflow
CVSS 7.8
CVE-2025-62456
HIGH
Windows ReFS - Heap-based Buffer Overflow
CVSS 8.8
CVE-2025-62454
HIGH
Windows Cloud Files Mini Filter Driver - Authenticated Heap-based Buffer Overflow
CVSS 7.8
CVE-2025-48592
HIGH
Android - Out-of-bounds Read in C2SoftDav1dDec.cpp
CVSS 7.5
CVE-2025-50360
HIGH
Pepper language 0.1.1 - Buffer Overflow
CVSS 8.4
CVE-2025-11788
CRITICAL
Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 - Heap-based Buffer Overflow via Unbounded Meter Parameter
CVSS 9.8
CVE-2025-11778
CRITICAL
Circutor SGE-PLC1000/SGE-PLC50 v0.9.2 - Stack-based Buffer Overflow in TACACSPLUS read_packet()
CVSS 9.8
CVE-2025-20774
MEDIUM
Android - Heap-based Buffer Overflow in Display Component
CVSS 6.7
CVE-2025-65406
MEDIUM
Live555 Streaming Media - Heap-based Buffer Overflow in MatroskaFile::createRTPSinkForTrackNumber()
CVSS 6.5
CVE-2025-8351
HIGH
Avast Antivirus <8.3.70.98 - Buffer Overflow
CVSS 7.8
CVE-2025-66217
HIGH
AIS-catcher <0.64 - Buffer Overflow/DoS/RCE
CVSS 7.5
CVE-2025-64330
HIGH
Suricata < 7.0.13 - Denial of Service via Heap-based Buffer Overflow in Alert Logging
CVSS 7.5
Details
Vulnerabilities
2,315
Exploit Likelihood
High