Vulnerabilities > Off-by-one Error

DATE CVE VULNERABILITY TITLE RISK
2024-01-23 CVE-2024-23849 Off-by-one Error vulnerability in Linux Kernel
In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access.
local
low complexity
linux CWE-193
5.5
5.5
2023-12-13 CVE-2023-46247 Off-by-one Error vulnerability in Vyperlang Vyper
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM).
network
low complexity
vyperlang CWE-193
7.5
7.5
2023-10-27 CVE-2023-46853 Off-by-one Error vulnerability in Memcached
In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.
network
low complexity
memcached CWE-193
critical
 9.8
9.8
2023-09-27 CVE-2023-4260 Off-by-one Error vulnerability in Zephyrproject Zephyr
Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system.
network
low complexity
zephyrproject CWE-193
critical
 10.0
10
2023-09-15 CVE-2023-41880 Off-by-one Error vulnerability in Bytecodealliance Wasmtime
Wasmtime is a standalone runtime for WebAssembly.
network
low complexity
bytecodealliance CWE-193
5.3
5.3
2023-07-18 CVE-2022-33064 Off-by-one Error vulnerability in Libsndfile Project Libsndfile 1.1.0
An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspecified impacts.
local
low complexity
libsndfile-project CWE-193
7.8
7.8
2023-07-18 CVE-2023-38429 Off-by-one Error vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 6.3.4.
network
low complexity
linux CWE-193
critical
 9.8
9.8
2023-05-22 CVE-2023-28709 Off-by-one Error vulnerability in multiple products
The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87.
network
low complexity
apache debian netapp CWE-193
7.5
7.5
2023-04-26 CVE-2023-30546 Off-by-one Error vulnerability in Contiki-Ng
Contiki-NG is an operating system for Internet of Things devices.
network
low complexity
contiki-ng CWE-193
7.5
7.5
2023-03-26 CVE-2023-28858 Off-by-one Error vulnerability in Redis Redis-Py
redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request in an off-by-one manner.
network
high complexity
redis CWE-193
3.7
3.7