CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,327 vulnerabilities with CWE-122
CVE-2024-49080 HIGH
Windows IP Routing Management Snapin - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-49072 HIGH
Windows Task Scheduler - Elevation of Privilege via Heap-based Buffer Overflow
CVSS 7.8
CVE-2024-53957 HIGH
Adobe Substance 3D Painter <=10.1.1 - Heap Buffer Overflow Code Execution
CVSS 7.8
CVE-2024-53956 HIGH
Premiere Pro < 24.6.4 - Heap-based Buffer Overflow via Malicious File
CVSS 7.8
CVE-2024-52999 HIGH
Substance 3D Modeler < 1.14.1 - Heap-based Buffer Overflow via Malicious File
CVSS 7.8
CVE-2024-52996 HIGH
Substance3D Sampler < 4.5.2 - Heap-based Buffer Overflow via Malicious File
CVSS 7.8
CVE-2024-52995 HIGH
Substance 3D Sampler < 4.5.2 - Heap-based Buffer Overflow via Malicious File
CVSS 7.8
CVE-2024-49545 HIGH
InDesign Desktop <ID19.5,ID18.5.4 - RCE
CVSS 7.8
CVE-2024-49552 HIGH
Media Encoder <25.0, 24.6.3 - Buffer Overflow
CVSS 7.8
CVE-2024-54094 HIGH
Solid Edge SE2024 <V224.0 Update 5 - Buffer Overflow
CVSS 7.8
CVE-2024-54093 HIGH
Solid Edge SE2024 <V224.0 Update 5 - Buffer Overflow
CVSS 7.8
CVE-2024-11608 HIGH
Autodesk Revit - Heap-based Overflow
CVSS 7.8
CVE-2024-40763 HIGH
SonicWall SMA100 Firmware < 10.2.1.14-75sv - Authenticated Heap-based Buffer Overflow via strcpy
CVSS 7.5
CVE-2024-11933 HIGH
Fuji Electric Monitouch V-SFT - RCE
CVSS 7.8
CVE-2024-11233 MEDIUM
PHP 8.1.0-8.1.30 - Heap-based Buffer Overflow in convert.quoted-printable-decode Filter
CVSS 4.8
CVE-2024-8025 HIGH
Nikon NEF Codec - Heap-based Buffer Overflow in NRW File Parsing
CVSS 7.8
CVE-2024-7508 HIGH
Trimble SketchUp Viewer - Heap-based Buffer Overflow in SKP File Parser
CVSS 7.8
CVE-2024-9743 HIGH
Tungsten Automation Power PDF < 5.1 - Remote Code Execution via PDF File Parsing
CVSS 7.8
CVE-2024-9742 HIGH
Tungsten Automation Power PDF < 5.1 - Remote Code Execution via PSD File Parsing
CVSS 7.8
CVE-2024-9741 HIGH
Tungsten Automation Power PDF < 5.1 - Remote Code Execution via PDF File Parsing
CVSS 7.8
CVE-2024-9734 HIGH
Tungsten Automation Power PDF < 5.1 - Remote Code Execution via PDF File Parsing
CVSS 7.8
CVE-2024-11580 HIGH
Luxion KeyShot < 2024.3 - Remote Code Execution via ABC File Parsing Heap-based Buffer Overflow
CVSS 7.8
CVE-2024-11576 HIGH
Luxion KeyShot < 2024.3 - Remote Code Execution via 3DS File Parsing Heap-based Buffer Overflow
CVSS 7.8
CVE-2024-11518 HIGH
IrfanView - Heap-based Buffer Overflow in RLE File Parsing
CVSS 7.8
CVE-2024-11516 HIGH
IrfanView JPM File Parser - Heap Buffer Overflow Code Execution
CVSS 7.8
Details
Vulnerabilities 2,327
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits