CWE-122— Heap-based Buffer Overflow
2,158 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-122page 32 of 44
- CVE-2025-2914LOWCVSS 3.3EG 3.32025-03-28
A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Lo…
- CVE-2025-2915LOWCVSS 3.3EG 3.32025-03-28
A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5F__accum_free of the file src/H5Faccum.c. The manipulation of the argument overlap_size leads to heap-based buffer overflow…
- CVE-2025-2923LOWCVSS 3.3EG 3.32025-03-28
A vulnerability, which was classified as problematic, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5F_addr_encode_len of the file src/H5Fint.c. The manipulation of the argument pp leads to heap-based buffer …
- CVE-2025-2924LOWCVSS 3.3EG 3.32025-03-28
A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overfl…
- CVE-2025-29769MEDIUMCVSS 5.5EG 5.52025-04-07
libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, k…
- CVE-2025-29811HIGHCVSS 7.8EG 7.82025-04-08
Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.
- CVE-2025-29911CRITICALCVSS 9.8EG 9.82025-03-17
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critic…
- CVE-2025-29912CRITICALCVSS 9.8EG 9.82025-03-17
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versi…
- CVE-2025-29962HIGHCVSS 8.8EG 8.82025-05-13
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
- CVE-2025-29963HIGHCVSS 8.8EG 8.82025-05-13
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
- CVE-2025-29964HIGHCVSS 8.8EG 8.82025-05-13
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
- CVE-2025-29966HIGHCVSS 8.8EG 8.82025-05-13
Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.
- CVE-2025-29967HIGHCVSS 8.8EG 8.82025-05-13
Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
- CVE-2025-29979HIGHCVSS 7.8EG 7.82025-05-13
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-30216CRITICALCVSS 9.4EG 9.42025-03-25
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versi…
- CVE-2025-30295HIGHCVSS 7.8EG 7.82025-04-08
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user inte…
- CVE-2025-30299HIGHCVSS 7.8EG 7.82025-04-08
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user inte…
- CVE-2025-30317HIGHCVSS 7.8EG 7.82025-06-10
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in…
- CVE-2025-30330HIGHCVSS 7.8EG 7.82025-05-13
Illustrator versions 29.3, 28.7.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction…
- CVE-2025-30376HIGHCVSS 7.8EG 7.82025-05-13
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-30388HIGHCVSS 7.8EG 7.82025-05-13
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
- CVE-2025-30644HIGHCVSS 7.5EG 7.52025-04-09
A Heap-based Buffer Overflow vulnerability in the flexible PIC concentrator (FPC) of Juniper Networks Junos OS on EX2300, EX3400, EX4100, EX4300, EX4300MP, EX4400, EX4600, EX4650-48Y, and QFX5k Series allows an attacker to send a specific …
- CVE-2025-31164MEDIUMCVSS 6.6EG 6.62025-03-28
heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via create_line_with_spline.
- CVE-2025-31177MEDIUMCVSS 5.5EG 6.22025-05-07
gnuplot is affected by a heap buffer overflow at function utf8_copy_one.
- CVE-2025-31280HIGHCVSS 7.8EG 7.82025-07-30
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted file may lead to heap corruption.
- CVE-2025-31344HIGHCVSS 7.3EG 7.32025-04-14
Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2.
- CVE-2025-3158MEDIUMCVSS 5.3EG 5.32025-04-03
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of the file code/AssetLib/LWO/LWOAnimation.…
- CVE-2025-3159MEDIUMCVSS 5.3EG 5.32025-04-03
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASE::Parser::ParseLV4MeshBonesVertices of the file code/AssetLib/ASE/ASEParser.cpp of the component A…
- CVE-2025-32318HIGHCVSS 8.8EG 8.82025-09-05
In Skia, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2025-32325HIGHCVSS 7.8EG 7.82025-09-04
In appendFrom of Parcel.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploit…
- CVE-2025-32396HIGHCVSS 7.5EG 7.52025-05-07
An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet.
- CVE-2025-32397HIGHCVSS 7.5EG 7.52025-05-07
An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet.
- CVE-2025-32400HIGHCVSS 7.5EG 7.52025-05-07
An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet.
- CVE-2025-32401MEDIUMCVSS 4.8EG 4.82025-05-07
An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet.
- CVE-2025-32713HIGHCVSS 7.8EG 7.82025-06-10
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- CVE-2025-32717HIGHCVSS 8.4EG 8.42025-06-11
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- CVE-2025-32718HIGHCVSS 7.8EG 7.82025-06-10
Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally.
- CVE-2025-3277CRITICALCVSS 9.8EG 9.82025-04-14
An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated si…
- CVE-2025-32990MEDIUMCVSS 6.5EG 6.52025-07-10
A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB)…
- CVE-2025-33064HIGHCVSS 8.8EG 8.82025-06-10
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
- CVE-2025-33066HIGHCVSS 8.8EG 8.82025-06-10
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
- CVE-2025-3320HIGHCVSS 8.1EG 8.12025-08-06
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause th…
- CVE-2025-3354HIGHCVSS 8.1EG 8.12025-08-06
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause th…
- CVE-2025-34164CRITICALCVSS 9.3EG 0.02025-08-30
A heap-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or execute arbitrary code.
- CVE-2025-34522CRITICALCVSS 9.8EG 9.82025-08-27
A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified Data Protection (UDP). This flaw can be triggered without authentication by sending specially crafted input to the target system. Improper bou…
- CVE-2025-34523CRITICALCVSS 9.8EG 9.82025-08-27
A heap-based buffer overflow vulnerability exists in the network-facing input handling routines of Arcserve Unified Data Protection (UDP). This flaw is reachable without authentication and results from improper bounds checking when process…
- CVE-2025-3512MEDIUMCVSS 4.8EG 0.02025-04-11
There is a Heap-based Buffer Overflow vulnerability in QTextMarkdownImporter. This requires an incorrectly formatted markdown file to be passed to QTextMarkdownImporter to trigger the overflow.This issue affects Qt from 6.8.0 to 6.8.4. Ver…
- CVE-2025-3548MEDIUMCVSS 5.3EG 5.32025-04-14
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h of the component File Handler. The manip…
- CVE-2025-3549MEDIUMCVSS 5.3EG 5.32025-04-14
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/AssetLib/MD3/MD3Loader.cpp of the component…
- CVE-2025-35984HIGHCVSS 8.8EG 8.82025-08-25
A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .pcx file, a heap-based buffer overflow can occur which allow…
Map vulnerabilities like CWE-122 to your infrastructure
EchelonGraph correlates every CVE — across CWE-122 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →