CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,327 vulnerabilities with CWE-122
CVE-2024-49011 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-49010 HIGH
SQL Server 2016-2019 Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-49009 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-49008 HIGH
SQL Server 2016-2019 Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-49007 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-49006 HIGH
SQL Server 2016-2019 Remote Code Execution via Native Client Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-49005 HIGH
SQL Server 2016-2019 Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-49004 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-49002 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-49001 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Native Client
CVSS 8.8
CVE-2024-49000 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-48999 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-48998 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-48997 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-48996 HIGH
SQL Server 2016-2019 Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-48995 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-48994 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-48993 HIGH
SQL Server 2016/2017/2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-43627 HIGH
Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-43626 HIGH
Windows Telephony Service - Elevation of Privilege via Heap-based Buffer Overflow
CVSS 7.8
CVE-2024-43622 HIGH
Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-43621 HIGH
Windows Telephony Service - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
CVE-2024-43620 HIGH
Windows 10 1507-22H2 and Windows 11 22H2 - Remote Code Execution via Telephony Service Heap Overflow
CVSS 8.8
CVE-2024-43598 HIGH
LightGBM < 4.6.0 - Remote Code Execution
CVSS 8.1
CVE-2024-43462 HIGH
SQL Server 2016, 2017, 2019 - Remote Code Execution via Heap-based Buffer Overflow
CVSS 8.8
Details
Vulnerabilities 2,327
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits