CWE-122— Heap-based Buffer Overflow
2,151 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-122page 12 of 44
- CVE-2023-1170MEDIUMCVSS 6.6EG 7.82023-03-03
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.
- CVE-2023-1448MEDIUMCVSS 5.3EG 7.82023-03-17
A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulation leads to heap-based buffer overflow. …
- CVE-2023-1570LOWCVSS 3.3EG 5.52023-03-22
A vulnerability, which was classified as problematic, has been found in syoyo tinydng. Affected by this issue is the function __interceptor_memcpy of the file tiny_dng_loader.h. The manipulation leads to heap-based buffer overflow. Local a…
- CVE-2023-1655HIGHCVSS 7.8EG 7.82023-03-27
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.
- CVE-2023-1906MEDIUMCVSS 5.5EG 5.52023-04-12
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allo…
- CVE-2023-20029MEDIUMCVSS 4.4EG 7.82023-03-23
A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root level privileges on an affected device. This vulnerability is due to insufficient memory protection in the …
- CVE-2023-20081MEDIUMCVSS 6.8EG 5.92023-03-23
A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remot…
- CVE-2023-2137HIGHCVSS 8.8EG 8.82023-04-19
Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2023-21406HIGHCVSS 7.1EG 7.12023-07-25
Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which is handling the OSDP communication allowing to write outside of th…
- CVE-2023-21528HIGHCVSS 7.8EG 7.82023-02-14
Microsoft SQL Server Remote Code Execution Vulnerability
- CVE-2023-21560MEDIUMCVSS 6.6EG 6.62023-01-10
Windows Boot Manager Security Feature Bypass Vulnerability
- CVE-2023-2157MEDIUMCVSS 5.5EG 5.52023-06-06
A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing.
- CVE-2023-21587HIGHCVSS 7.8EG 7.82023-01-13
Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires …
- CVE-2023-21594HIGHCVSS 7.8EG 7.82023-01-13
Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires u…
- CVE-2023-21605HIGHCVSS 7.8EG 7.82023-01-18
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of …
- CVE-2023-21689CRITICALCVSS 9.8EG 9.82023-02-14
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
- CVE-2023-21690CRITICALCVSS 9.8EG 9.82023-02-14
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
- CVE-2023-21692CRITICALCVSS 9.8EG 9.82023-02-14
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
- CVE-2023-21694MEDIUMCVSS 6.8EG 6.82023-02-14
Windows Fax Service Remote Code Execution Vulnerability
- CVE-2023-21695HIGHCVSS 7.5EG 7.52023-02-14
Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
- CVE-2023-21727HIGHCVSS 8.8EG 8.82023-04-11
Remote Procedure Call Runtime Remote Code Execution Vulnerability
- CVE-2023-21733HIGHCVSS 7.0EG 7.02023-01-10
Windows Bind Filter Driver Elevation of Privilege Vulnerability
- CVE-2023-21737HIGHCVSS 7.8EG 7.82023-01-10
Microsoft Office Visio Remote Code Execution Vulnerability
- CVE-2023-21738HIGHCVSS 7.8EG 7.12023-01-10
Microsoft Office Visio Remote Code Execution Vulnerability
- CVE-2023-21740HIGHCVSS 7.8EG 7.82023-12-12
Windows Media Remote Code Execution Vulnerability
- CVE-2023-21780HIGHCVSS 7.8EG 7.82023-01-10
3D Builder Remote Code Execution Vulnerability
- CVE-2023-21781HIGHCVSS 7.8EG 7.82023-01-10
3D Builder Remote Code Execution Vulnerability
- CVE-2023-21782HIGHCVSS 7.8EG 7.82023-01-10
3D Builder Remote Code Execution Vulnerability
- CVE-2023-21783HIGHCVSS 7.8EG 7.82023-01-10
3D Builder Remote Code Execution Vulnerability
- CVE-2023-21785HIGHCVSS 7.8EG 7.82023-01-10
3D Builder Remote Code Execution Vulnerability
- CVE-2023-21786HIGHCVSS 7.8EG 7.82023-01-10
3D Builder Remote Code Execution Vulnerability
- CVE-2023-21787HIGHCVSS 7.8EG 7.82023-01-10
3D Builder Remote Code Execution Vulnerability
- CVE-2023-21790HIGHCVSS 7.8EG 7.82023-01-10
3D Builder Remote Code Execution Vulnerability
- CVE-2023-21791HIGHCVSS 7.8EG 7.82023-01-10
3D Builder Remote Code Execution Vulnerability
- CVE-2023-21792HIGHCVSS 7.8EG 7.82023-01-10
3D Builder Remote Code Execution Vulnerability
- CVE-2023-21793HIGHCVSS 7.8EG 7.82023-01-10
3D Builder Remote Code Execution Vulnerability
- CVE-2023-21799HIGHCVSS 8.8EG 8.82023-02-14
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
- CVE-2023-21804HIGHCVSS 7.8EG 7.82023-02-14
Windows Graphics Component Elevation of Privilege Vulnerability
- CVE-2023-21812HIGHCVSS 7.8EG 7.82023-02-14
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- CVE-2023-22236HIGHCVSS 7.8EG 7.82023-02-17
Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue re…
- CVE-2023-2241MEDIUMCVSS 5.3EG 5.32023-04-22
A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to b…
- CVE-2023-22660HIGHCVSS 7.0EG 7.82023-04-05
A heap-based buffer overflow vulnerability exists in the way Ichitaro version 2022 1.0.1.57600 processes certain LayoutBox stream record types. A specially crafted document can cause a buffer overflow, leading to memory corruption, which c…
- CVE-2023-23376HIGHCVSS 7.8EG 9.0⚠ KEV2023-02-14
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- CVE-2023-23377HIGHCVSS 7.8EG 7.82023-02-14
3D Builder Remote Code Execution Vulnerability
- CVE-2023-23378HIGHCVSS 7.8EG 7.82023-02-14
Print 3D Remote Code Execution Vulnerability
- CVE-2023-23381HIGHCVSS 7.8EG 8.42023-02-14
Visual Studio Remote Code Execution Vulnerability
- CVE-2023-23384HIGHCVSS 7.3EG 7.32023-04-11
Microsoft SQL Server Remote Code Execution Vulnerability
- CVE-2023-23390HIGHCVSS 7.8EG 7.82023-02-14
3D Builder Remote Code Execution Vulnerability
- CVE-2023-23400HIGHCVSS 7.2EG 7.22023-03-14
Windows DNS Server Remote Code Execution Vulnerability
- CVE-2023-23403HIGHCVSS 8.8EG 8.82023-03-14
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Map vulnerabilities like CWE-122 to your infrastructure
EchelonGraph correlates every CVE — across CWE-122 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →