Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-122

CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,326 vulnerabilities with CWE-122

CVE-2025-21371 HIGH

Windows 10 1507-24H2 and Windows Server 2008 - Remote Code Execution via Telephony Service Heap Overflow

CVE-2025-21369 HIGH

Windows 10/11, Server 2008 - RCE via Digest Auth Integer Overflow

CVE-2025-21368 HIGH

Windows 10 1507-24H2 and Windows Server 2008 - Remote Code Execution via Digest Authentication

CVE-2025-21208 HIGH

Windows Server RRAS Remote Code Execution (2008, 2012, 2016, 2019, 2022, 2025)

CVE-2025-21200 HIGH

Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow

CVE-2025-21190 HIGH

Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow

CVE-2025-21184 HIGH

Windows 10 1507-24H2 and Windows Server 2016-2019 - Elevation of Privilege via Core Messaging Heap-based Buffer Overflow

CVE-2025-21123 HIGH

Adobe InDesign < 19.5.2 - Heap-based Buffer Overflow via Malicious File

CVE-2025-1176 MEDIUM

GNU Binutils 2.43 - Heap-Based Buffer Overflow in elflink.c _bfd_elf_gc_mark_rsec

CVE-2025-22880 HIGH

Delta Electronics CNCSoft-G2 < 2.1.0.20 - Heap-based Buffer Overflow

CVE-2025-0870 MEDIUM

Bento4 < 1.6.0-641 - Heap-Based Buffer Overflow in AP4_DataBuffer::GetData

CVE-2025-0662 MEDIUM

FreeBSD 14.2-RELEASE - Uninitialized Kernel Memory Exposure via ktrace sockaddr Dump

CVE-2025-0753 MEDIUM

Axiomatic Bento4 <1.6.0 - Buffer Overflow

CVE-2025-0751 MEDIUM

Axiomatic Bento4 <1.6.0 - Buffer Overflow

CVE-2025-0611 HIGH

Google Chrome <132.0.6834.110 - Heap Corruption

CVE-2025-20128 MEDIUM

ClamAV < 1.0.8 - Denial of Service via OLE2 Decryption Routine

CVE-2025-0434 HIGH

Google Chrome <132.0.6834.83 - Memory Corruption

CVE-2025-21139 HIGH

Substance3D Designer < 14.1 - Heap-based Buffer Overflow via Malicious File

CVE-2025-21137 HIGH

Substance3D Designer < 14.1 - Heap-based Buffer Overflow via Malicious File

CVE-2025-21129 HIGH

Substance 3D Stager < 3.1.0 - Heap-based Buffer Overflow via Malicious File

CVE-2025-21417 HIGH

Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow

CVE-2025-21413 HIGH

Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow

CVE-2025-21411 HIGH

Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow

CVE-2025-21409 HIGH

Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow

CVE-2025-21395 HIGH

Microsoft Access - Remote Code Execution via Heap-based Buffer Overflow

Previous Page 39 of 94 Next

Details

Vulnerabilities 2,326

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy