CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,137 vulnerabilities with CWE-122
CVE-2016-1762 HIGH
libxml2 <2.9.4 - DoS
CVSS 8.1
CVE-2015-6457 HIGH
Moxa Softcms < 1.3 - Memory Corruption
CVSS 8.8
CVE-2015-3113 CRITICAL KEV
Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow
CVSS 9.8
CVE-2014-9187 CRITICAL
Honeywell Experion PKS <R400 - Buffer Overflow
CVSS 9.8
CVE-2014-9495 HIGH
libpng <1.5.21, <1.6.16 - Buffer Overflow
CVSS 8.8
CVE-2014-0789
Schneider-electric Opc Factory Server Tlxcdlfofs - Memory Corruption
CVE-2014-0781
Yokogawa Centum CS 3000 < r3.09.50 - Memory Corruption
CVE-2013-7354 MEDIUM
libpng <1.5.14rc03 - DoS
CVSS 6.5
CVE-2013-7353 MEDIUM
libpng <1.5.14.08 - DoS
CVSS 6.5
CVE-2013-3245 MEDIUM
VideoLAN VLC Media Player <2.0.7 - DoS
CVSS 6.3
CVE-2006-10003 CRITICAL
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack
CVSS 9.8
CVE-2006-10002 HIGH
XML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crashes
CVSS 7.5
Details
Vulnerabilities 2,137
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits