CWE-122— Heap-based Buffer Overflow
2,158 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-122page 23 of 44
- CVE-2024-37332HIGHCVSS 8.8EG 8.82024-07-09
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
- CVE-2024-37333HIGHCVSS 8.8EG 8.82024-07-09
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
- CVE-2024-37334HIGHCVSS 8.8EG 8.82024-07-09
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
- CVE-2024-37335HIGHCVSS 8.8EG 8.82024-09-10
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
- CVE-2024-3758MEDIUMCVSS 6.5EG 6.52024-05-07
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow.
- CVE-2024-37601MEDIUMCVSS 4.6EG 5.12025-02-13
An issue was discovered in Mercedes Benz NTG (New Telematics Generation) 6. A possible heap buffer overflow exists in the user data import/export function of NTG 6 head units. To perform this attack, local access to the USB interface of th…
- CVE-2024-37977HIGHCVSS 8.0EG 8.02024-07-09
Secure Boot Security Feature Bypass Vulnerability
- CVE-2024-37987HIGHCVSS 8.0EG 8.02024-07-09
Secure Boot Security Feature Bypass Vulnerability
- CVE-2024-38025HIGHCVSS 7.2EG 7.22024-07-09
Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
- CVE-2024-38032HIGHCVSS 7.1EG 7.12024-07-09
Microsoft Xbox Remote Code Execution Vulnerability
- CVE-2024-38045HIGHCVSS 8.1EG 8.12024-09-10
Windows TCP/IP Remote Code Execution Vulnerability
- CVE-2024-38051HIGHCVSS 7.8EG 7.82024-07-09
Windows Graphics Component Remote Code Execution Vulnerability
- CVE-2024-38054HIGHCVSS 7.8EG 7.82024-07-09
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CVE-2024-38060HIGHCVSS 8.8EG 8.82024-07-09
Windows Imaging Component Remote Code Execution Vulnerability
- CVE-2024-38065MEDIUMCVSS 6.8EG 6.82024-07-09
Secure Boot Security Feature Bypass Vulnerability
- CVE-2024-38076CRITICALCVSS 9.8EG 9.82024-07-09
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
- CVE-2024-38077CRITICALCVSS 9.8EG 9.82024-07-09
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
- CVE-2024-38079HIGHCVSS 7.8EG 7.82024-07-09
Windows Graphics Component Elevation of Privilege Vulnerability
- CVE-2024-38088HIGHCVSS 8.8EG 8.82024-07-09
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
- CVE-2024-38114HIGHCVSS 8.8EG 8.82024-08-13
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
- CVE-2024-38115HIGHCVSS 8.8EG 8.82024-08-13
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
- CVE-2024-38116HIGHCVSS 8.8EG 8.82024-08-13
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
- CVE-2024-38120HIGHCVSS 8.8EG 8.82024-08-13
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-38121HIGHCVSS 8.8EG 8.82024-08-13
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-38130HIGHCVSS 8.8EG 8.82024-08-13
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-38142HIGHCVSS 7.8EG 7.82024-08-13
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
- CVE-2024-38152HIGHCVSS 7.8EG 7.82024-08-13
Windows OLE Remote Code Execution Vulnerability
- CVE-2024-38154HIGHCVSS 8.8EG 8.82024-08-13
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-38160CRITICALCVSS 9.1EG 9.12024-08-13
Windows Network Virtualization Remote Code Execution Vulnerability
- CVE-2024-38161MEDIUMCVSS 6.8EG 6.82024-08-13
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
- CVE-2024-38169HIGHCVSS 7.8EG 7.82024-08-13
Microsoft Office Visio Remote Code Execution Vulnerability
- CVE-2024-38170HIGHCVSS 7.1EG 7.12024-08-13
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2024-38172HIGHCVSS 7.8EG 7.82024-08-13
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2024-38212HIGHCVSS 8.8EG 8.82024-10-08
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-38237HIGHCVSS 7.8EG 7.82024-09-10
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CVE-2024-38238HIGHCVSS 7.8EG 7.82024-09-10
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
- CVE-2024-38242HIGHCVSS 7.8EG 7.82024-09-10
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
- CVE-2024-38255HIGHCVSS 8.8EG 8.82024-11-12
SQL Server Native Client Remote Code Execution Vulnerability
- CVE-2024-38261HIGHCVSS 7.8EG 7.82024-10-08
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-38265HIGHCVSS 8.8EG 8.82024-10-08
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
- CVE-2024-38796MEDIUMCVSS 5.9EG 5.92024-09-27
EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integri…
- CVE-2024-38812CRITICALCVSS 9.8EG 9.8⚠ KEV2024-09-17
The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet …
- CVE-2024-38949MEDIUMCVSS 6.5EG 6.52024-06-26
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc
- CVE-2024-38950MEDIUMCVSS 6.5EG 6.52024-06-26
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to __interceptor_memcpy function.
- CVE-2024-39133MEDIUMCVSS 4.3EG 4.32024-06-27
Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the __zzip_parse_root_directory() function at /zzip/zip.c.
- CVE-2024-39380HIGHCVSS 7.8EG 7.82024-09-13
After Effects versions 23.6.6, 24.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interacti…
- CVE-2024-39392HIGHCVSS 7.8EG 7.82024-08-02
InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in…
- CVE-2024-39518HIGHCVSS 7.5EG 7.52024-07-10
A Heap-based Buffer Overflow vulnerability in the telemetry sensor process (sensord) of Juniper Networks Junos OS on MX240, MX480, MX960 platforms using MPC10E causes a steady increase in memory utilization, ultimately leading to a Denial …
- CVE-2024-39825HIGHCVSS 8.5EG 8.52024-08-14
Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation of privilege via network access.
- CVE-2024-39883HIGHCVSS 8.8EG 8.82024-07-09
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this v…
Map vulnerabilities like CWE-122 to your infrastructure
EchelonGraph correlates every CVE — across CWE-122 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →