CWE-193 · Off-by-one Error

206 CVEs classified under CWE-193 (Off-by-one Error). Browse by severity and year.

Top CVEs for CWE-193
CVESeverityScorePublishedSummary
CVE-2024-10442Critical10.02025-03-19Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified…
CVE-2026-48689Critical9.82026-05-26FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamic_binary_buffer_t class (src/dynamic_binary_buffer.hp…
CVE-2006-10003Critical9.82026-03-19XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will…
CVE-2024-38441Critical9.82024-06-16Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName in afp_mapname in etc/…
CVE-2023-46853Critical9.82023-10-27In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.
CVE-2023-38429Critical9.82023-07-18An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation (because of ksmbd_smb2_ch…
CVE-2023-30546Critical9.82023-04-26Contiki-NG is an operating system for Internet of Things devices. An off-by-one error can be triggered in the Antelope database management system in the Contik…
CVE-2022-34970Critical9.82022-08-04Crow before 1.0+4 has a heap-based buffer overflow via the function qs_parse in query_string.h. On successful exploitation this vulnerability allows attackers…
CVE-2021-21938Critical9.82022-04-14A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to cod…
CVE-2022-24988Critical9.82022-02-14In galois_2p8 before 0.1.2, PrimitivePolynomialField::new has an off-by-one buffer overflow for a vector.
CVE-2021-31875Critical9.82021-04-29In mjs_json.c in Cesanta MongooseOS mJS 1.26, a maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjs_json_parse, which ca…
CVE-2020-14510Critical9.82020-08-25GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as…
CVE-2020-8443Critical9.82020-01-30In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow…
CVE-2020-6835Critical9.82020-01-10An issue was discovered in Bftpd before 5.4. There is a heap-based off-by-one error during file-transfer error checking.
CVE-2019-14532Critical9.82019-08-02An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus ha…
CVE-2019-8272Critical9.82019-03-08UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be ex…
CVE-2019-8268Critical9.82019-03-08UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which…
CVE-2018-14599Critical9.82018-08-24An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server resp…
CVE-2018-8828Critical9.82018-03-20A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. A specially crafted REGISTER message with a malfor…
CVE-2016-10160Critical9.82017-01-24Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial…