VYPR

CWE-122

Heap-based Buffer Overflow

VariantDraftLikelihood: High

Description

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-92

CVEs mapped to this weakness (568)

page 6 of 29
  • CVE-2026-40363HigMay 12, 2026
    risk 0.55cvss 8.4epss 0.00

    Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

  • CVE-2026-32221HigApr 14, 2026
    risk 0.55cvss 8.4epss 0.00

    Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally.

  • CVE-2025-49697HigJul 8, 2025
    risk 0.55cvss 8.4epss 0.00

    Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

  • CVE-2025-49696HigJul 8, 2025
    risk 0.55cvss 8.4epss 0.01

    Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

  • CVE-2025-49850HigJun 17, 2025
    risk 0.55cvss epss 0.00

    A Heap-based Buffer Overflow vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end…

  • CVE-2025-47162HigJun 10, 2025
    risk 0.55cvss 8.4epss 0.01

    Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

  • CVE-2023-52168HigJul 3, 2024
    risk 0.55cvss 8.4epss 0.00

    The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9, i=10, i=11, etc.

  • CVE-2026-12030HigJun 11, 2026
    risk 0.54cvss 8.3epss 0.00

    Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12010HigJun 11, 2026
    risk 0.54cvss 8.3epss 0.00

    Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-10949HigJun 4, 2026
    risk 0.54cvss 8.3epss 0.00

    Heap buffer overflow in Video in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10929HigJun 4, 2026
    risk 0.54cvss 8.3epss 0.00

    Heap buffer overflow in ANGLE in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9926HigMay 28, 2026
    risk 0.54cvss 8.3epss 0.00

    Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9924HigMay 28, 2026
    risk 0.54cvss 8.3epss 0.00

    Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9915HigMay 28, 2026
    risk 0.54cvss 8.3epss 0.00

    Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8525HigMay 14, 2026
    risk 0.54cvss 8.3epss 0.00

    Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7900HigMay 6, 2026
    risk 0.54cvss 8.3epss 0.00

    Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7353HigApr 28, 2026
    risk 0.54cvss 8.3epss 0.00

    Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-6361HigApr 15, 2026
    risk 0.54cvss 8.3epss 0.00

    Heap buffer overflow in PDFium in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)

  • CVE-2018-1124HigMay 23, 2018
    risk 0.54cvss 7.8epss 0.02

    procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or…

  • CVE-2026-47652HigJun 9, 2026
    risk 0.53cvss 8.2epss 0.00

    Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.