Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-122

CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,326 vulnerabilities with CWE-122

CVE-2025-24051 HIGH

Windows RRAS - Remote Code Execution via Heap-based Buffer Overflow

CVE-2025-24050 HIGH

Windows 10/11, Server 2016-2025 Privilege Escalation via Heap Overflow

CVE-2025-24048 HIGH

Windows 10/11, Server 2016-2025 Privilege Escalation via Heap Overflow

CVE-2025-21180 HIGH

Windows exFAT File System - Heap-based Buffer Overflow

CVE-2025-21169 HIGH

Substance 3D Designer < 14.1.1 - Heap-based Buffer Overflow via Malicious File

CVE-2025-2153 MEDIUM

HDF5 1.14.6 - Heap-Based Buffer Overflow in H5SM_delete Function

CVE-2025-2152 MEDIUM

Open Asset Import Library Assimp 5.4.3 - Buffer Overflow

CVE-2025-1943 HIGH

Firefox < 136.0 - Heap-based Buffer Overflow

CVE-2025-1788 MEDIUM

rizinorg rizin <0.8.0 - Buffer Overflow

CVE-2025-22881 HIGH

Delta Electronics CNCSoft-G2 < 2.1.0.20 - Heap-based Buffer Overflow

CVE-2025-1538 HIGH

D-Link DAP-1320 1.00 - Heap-Based Buffer Overflow via set_ws_action Function

CVE-2025-27091 HIGH

OpenH264 < 2.5.1 - Heap-based Buffer Overflow via SPS and non-IDR NAL Unit Race Condition

CVE-2025-1426 HIGH

Google Chrome < 133.0.6943.126 - Heap-based Buffer Overflow in GPU via Crafted HTML Page

CVE-2025-0999 HIGH

Google Chrome < 133.0.6943.126 - Heap-based Buffer Overflow in V8

CVE-2025-0633 MEDIUM

iniparser 3.1-4.2.6 - Heap-based Buffer Overflow in iniparser_dumpsection_ini()

CVE-2025-22920 MEDIUM

FFmpeg - Heap-based Buffer Overflow in avformat Tile Grid Group Stream Processing

CVE-2025-1052 HIGH

Mintty 3.7.5 Sixel Image Parser - Heap Buffer Overflow Code Execution

CVE-2025-0903 HIGH

PDF-XChange Editor < 10.4.2.390 - Remote Code Execution via RTF File Parsing Heap-based Buffer Overflow

CVE-2025-21418 HIGH KEV

Windows Ancillary Function Driver for WinSock - Elevation of Privilege

CVE-2025-21414 HIGH

Windows 10 1507-22H2 and Windows 11 22H2-24H2 - Elevation of Privilege via Core Messaging Heap-based Buffer Overflow

CVE-2025-21410 HIGH

Windows Server RRAS Remote Code Execution (2008, 2012, 2016, 2019, 2022, 2025)

CVE-2025-21407 HIGH

Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow

CVE-2025-21390 HIGH

Microsoft Excel - Remote Code Execution via Heap-based Buffer Overflow

CVE-2025-21376 HIGH

Windows LDAP - Remote Code Execution via Race Condition

CVE-2025-21375 HIGH

Windows 10/11, Server 2008 - Elevation of Privilege via Kernel Streaming WOW Thunk Driver

Previous Page 38 of 94 Next

Details

Vulnerabilities 2,326

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy