CWE-193 · Off-by-one Error
206 CVEs classified under CWE-193 (Off-by-one Error). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-10442 | Critical | 10.0 | 2025-03-19 | Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified… |
CVE-2026-48689 | Critical | 9.8 | 2026-05-26 | FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamic_binary_buffer_t class (src/dynamic_binary_buffer.hp… |
CVE-2006-10003 | Critical | 9.8 | 2026-03-19 | XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will… |
CVE-2024-38441 | Critical | 9.8 | 2024-06-16 | Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName in afp_mapname in etc/… |
CVE-2023-46853 | Critical | 9.8 | 2023-10-27 | In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n. |
CVE-2023-38429 | Critical | 9.8 | 2023-07-18 | An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/connection.c in ksmbd has an off-by-one error in memory allocation (because of ksmbd_smb2_ch… |
CVE-2023-30546 | Critical | 9.8 | 2023-04-26 | Contiki-NG is an operating system for Internet of Things devices. An off-by-one error can be triggered in the Antelope database management system in the Contik… |
CVE-2022-34970 | Critical | 9.8 | 2022-08-04 | Crow before 1.0+4 has a heap-based buffer overflow via the function qs_parse in query_string.h. On successful exploitation this vulnerability allows attackers… |
CVE-2021-21938 | Critical | 9.8 | 2022-04-14 | A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to cod… |
CVE-2022-24988 | Critical | 9.8 | 2022-02-14 | In galois_2p8 before 0.1.2, PrimitivePolynomialField::new has an off-by-one buffer overflow for a vector. |
CVE-2021-31875 | Critical | 9.8 | 2021-04-29 | In mjs_json.c in Cesanta MongooseOS mJS 1.26, a maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjs_json_parse, which ca… |
CVE-2020-14510 | Critical | 9.8 | 2020-08-25 | GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as… |
CVE-2020-8443 | Critical | 9.8 | 2020-01-30 | In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow… |
CVE-2020-6835 | Critical | 9.8 | 2020-01-10 | An issue was discovered in Bftpd before 5.4. There is a heap-based off-by-one error during file-transfer error checking. |
CVE-2019-14532 | Critical | 9.8 | 2019-08-02 | An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus ha… |
CVE-2019-8272 | Critical | 9.8 | 2019-03-08 | UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be ex… |
CVE-2019-8268 | Critical | 9.8 | 2019-03-08 | UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which… |
CVE-2018-14599 | Critical | 9.8 | 2018-08-24 | An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server resp… |
CVE-2018-8828 | Critical | 9.8 | 2018-03-20 | A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. A specially crafted REGISTER message with a malfor… |
CVE-2016-10160 | Critical | 9.8 | 2017-01-24 | Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial… |