Vulnerabilities > Off-by-one Error
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-05-03 | CVE-2022-48672 | Off-by-one Error vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") forgot to fix up the depth check in the loop body in unflatten_dt_nodes() which makes it possible to overflow the nps[] buffer... Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. | 7.8 |
2024-01-23 | CVE-2024-23849 | Off-by-one Error vulnerability in Linux Kernel In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access. | 5.5 |
2023-12-13 | CVE-2023-46247 | Off-by-one Error vulnerability in Vyperlang Vyper Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). | 7.5 |
2023-10-27 | CVE-2023-46853 | Off-by-one Error vulnerability in Memcached In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n. | 9.8 |
2023-09-27 | CVE-2023-4260 | Off-by-one Error vulnerability in Zephyrproject Zephyr Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system. | 10.0 |
2023-09-15 | CVE-2023-41880 | Off-by-one Error vulnerability in Bytecodealliance Wasmtime Wasmtime is a standalone runtime for WebAssembly. | 5.3 |
2023-07-18 | CVE-2022-33064 | Off-by-one Error vulnerability in Libsndfile Project Libsndfile 1.1.0 An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspecified impacts. | 7.8 |
2023-07-18 | CVE-2023-38429 | Off-by-one Error vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 6.3.4. | 9.8 |
2023-05-22 | CVE-2023-28709 | Off-by-one Error vulnerability in multiple products The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. | 7.5 |
2023-04-26 | CVE-2023-30546 | Off-by-one Error vulnerability in Contiki-Ng Contiki-NG is an operating system for Internet of Things devices. | 7.5 |