CWE-122
Heap-based Buffer Overflow
MITRENo catalog description on file. The MITRE CWE site has the canonical reference.
Recent CVEs
showing 50 of 113- CVE-2025-8351High· 7.8EPSS 0%13 h ago
Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avira Antivirus engine when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antiviru
- CVE-2026-47952High· 7.8EPSS 0%17 h ago
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires
- CVE-2026-12030High· 8.3EPSS 0%18 h ago
Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity:
- CVE-2026-47289High· 8.8EPSS 0%18 h ago
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
- CVE-2026-12010High· 8.3EPSS 0%19 h ago
Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity:
- CVE-2026-44808High· 7.8EPSS 0%19 h ago
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2026-44811High· 7.8EPSS 0%19 h ago
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2026-44814Medium· 5.5EPSS 0%19 h ago
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
- CVE-2023-36036High· 7.8KEVEPSS 2%19 h ago
Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability
- CVE-2021-21017High· 8.8KEVEPSS 90%19 h ago
Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability
- CVE-2025-32706High· 7.8KEVEPSS 1%19 h ago
Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
- CVE-2025-21418High· 7.8KEVEPSS 10%19 h ago
Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability
- CVE-2025-21333High· 7.8KEVEXPLOITEPSS 79%19 h ago
Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability
- CVE-2019-3568Critical· 9.8KEVEPSS 47%19 h ago
WhatsApp VOIP Stack Buffer Overflow Vulnerability
- CVE-2024-30051High· 7.8KEVEPSS 51%19 h ago
Microsoft DWM Core Library Privilege Escalation Vulnerability
- CVE-2025-24985High· 7.8KEVEPSS 2%19 h ago
Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability
- CVE-2021-35395Critical· 9.8KEVEPSS 94%19 h ago
Realtek AP-Router SDK Buffer Overflow Vulnerability
- CVE-2022-26318Critical· 9.8KEVEXPLOITEPSS 93%19 h ago
WatchGuard Firebox and XTM Appliances Arbitrary Code Execution
- CVE-2022-31199Critical· 9.8KEVEPSS 6%19 h ago
Netwrix Auditor Insecure Object Deserialization Vulnerability
- CVE-2023-4911High· 7.8KEVEXPLOITEPSS 65%19 h ago
GNU C Library Buffer Overflow Vulnerability
- CVE-2021-3156High· 7.8KEVEXPLOITEPSS 93%19 h ago
Sudo Heap-Based Buffer Overflow Vulnerability
- CVE-2021-30632High· 8.8KEVEPSS 84%19 h ago
Google Chromium V8 Out-of-Bounds Write Vulnerability
- CVE-2021-30551High· 8.8KEVEPSS 82%19 h ago
Google Chromium V8 Type Confusion Vulnerability
- CVE-2021-21220High· 8.8KEVEXPLOITEPSS 91%19 h ago
Google Chromium V8 Improper Input Validation Vulnerability
- CVE-2021-1647High· 7.8KEVEPSS 76%19 h ago
Microsoft Defender Remote Code Execution Vulnerability
- CVE-2023-23376High· 7.8KEVEPSS 15%19 h ago
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
- CVE-2022-3723High· 8.8KEVEPSS 1%19 h ago
Google Chromium V8 Type Confusion Vulnerability
- CVE-2021-30563High· 8.8KEVEPSS 3%19 h ago
Google Chromium V8 Type Confusion Vulnerability
- CVE-2024-49138High· 7.8KEVEXPLOITEPSS 87%19 h ago
Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
- CVE-2023-28252High· 7.8KEVEXPLOITEPSS 62%19 h ago
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
- CVE-2021-21148High· 8.8KEVEPSS 22%19 h ago
Google Chromium V8 Heap Buffer Overflow Vulnerability
- CVE-2021-38003High· 8.8KEVEPSS 64%19 h ago
Google Chromium V8 Memory Corruption Vulnerability
- CVE-2022-2294High· 8.8KEVEPSS 1%19 h ago
WebRTC Heap Buffer Overflow Vulnerability
- CVE-2025-24993High· 7.8KEVEPSS 3%19 h ago
Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability
- CVE-2024-38812Critical· 9.8KEVEPSS 78%19 h ago
VMware vCenter Server Heap-Based Buffer Overflow Vulnerability
- CVE-2022-4262High· 8.8KEVEPSS 9%19 h ago
Google Chromium V8 Type Confusion Vulnerability
- CVE-2023-27997Critical· 9.8KEVEPSS 91%19 h ago
Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
- CVE-2021-21166High· 8.8KEVEPSS 38%19 h ago
Google Chromium Race Condition Vulnerability
- CVE-2026-48914Medium· 6.7EPSS 0%20 h ago
A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submi
- CVE-2026-45653High· 7.0EPSS 0%1 d ago
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
- CVE-2026-48994Medium· 5.9EPSS 0%1 d ago
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit s
- CVE-2026-53465Medium· 6.2EPSS 0%1 d ago
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, a crafted multi-frame can result in a heap buffer over-write when encoding it with the SF3 encoder. This issue has bee
- CVE-2026-46692Medium· 4.1EPSS 0%1 d ago
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in
- CVE-2026-46520High· 7.5EPSS 0%1 d ago
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issu
- CVE-2026-44824High· 7.8EPSS 0%1 d ago
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2026-44819High· 7.8EPSS 0%1 d ago
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2026-45469High· 7.8EPSS 0%1 d ago
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-47635High· 8.4EPSS 0%1 d ago
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
- CVE-2026-45636High· 7.8EPSS 0%1 d ago
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
- CVE-2026-45638High· 7.8EPSS 0%1 d ago
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.