Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-122

CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,326 vulnerabilities with CWE-122

CVE-2025-29912 CRITICAL

CryptoLib < 1.4.0 - Heap Buffer Overflow via Telecommand Packet Frame Length Field

CVE-2025-29911 CRITICAL

CryptoLib <= 1.3.3 - Heap-based Buffer Overflow in Crypto_AOS_ProcessSecurity

CVE-2025-2368 MEDIUM

WebAssembly wabt 1.0.36 - Heap-Based Buffer Overflow in BinaryReaderInterp

CVE-2025-2338 MEDIUM

matio 1.5.28 - Heap-Based Buffer Overflow in strdup_vprintf

CVE-2025-2337 MEDIUM

matio 1.5.28 - Heap-Based Buffer Overflow in Mat_VarPrint Function

CVE-2025-2310 MEDIUM

HDF5 1.14.6 - Heap-Based Buffer Overflow in Metadata Attribute Decoder

CVE-2025-2309 MEDIUM

HDF5 1.14.6 - Heap-Based Buffer Overflow in Type Conversion Logic

CVE-2025-2308 MEDIUM

HDF5 1.14.6 - Heap-Based Buffer Overflow in Scale-Offset Filter

CVE-2025-1651 HIGH

Autodesk AutoCAD 2022 < 2022.1.6 - Heap-Based Buffer Overflow via Crafted MODEL File

CVE-2025-1429 HIGH

AutoCAD 2022 < 2022.1.6 - Heap-Based Buffer Overflow via Malicious MODEL File

CVE-2025-2019 HIGH

Ashlar-Vellum Cobalt - Heap-based Buffer Overflow in VC6 File Parser

CVE-2025-27173 HIGH

Substance 3D Modeler < 1.15.0 - Heap-based Buffer Overflow via Malicious File

CVE-2025-27177 HIGH

InDesign Desktop <ID20.1,ID19.5.2 - RCE

CVE-2025-27171 HIGH

InDesign Desktop <ID20.1,ID19.5.2 - RCE

CVE-2025-24453 HIGH

Adobe InDesign < 19.5.3 - Heap-based Buffer Overflow via Malicious File

CVE-2025-24443 HIGH

Substance 3D Sampler < 5.0 - Heap-based Buffer Overflow via Malicious File

CVE-2025-24439 HIGH

Substance3D Sampler < 5.0 - Heap-based Buffer Overflow via Malicious File

CVE-2025-26634 HIGH

Windows 10/11, Server 2016-2022 Authenticated Heap Overflow in Core Messaging

CVE-2025-24995 HIGH

Kernel Streaming WOW Thunk Service Driver - Privilege Escalation

CVE-2025-24993 HIGH KEV

Windows 10 1507-22H2 and Windows 11 22H2 - Unauthenticated Heap-based Buffer Overflow

CVE-2025-24985 HIGH KEV

Windows Fast FAT Driver - Code Injection

CVE-2025-24067 HIGH

Windows 10 1507-22H2, Windows 11 22H2-24H2, Windows Server 2016-2022 - Authenticated Heap-based Buffer Overflow

CVE-2025-24066 HIGH

Windows Kernel-Mode Drivers - Heap-based Buffer Overflow

CVE-2025-24057 HIGH

Microsoft 365 Apps and Office - Heap-based Buffer Overflow

CVE-2025-24056 HIGH

Windows Telephony Server - Remote Code Execution via Heap-based Buffer Overflow

Previous Page 37 of 94 Next

Details

Vulnerabilities 2,326

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy