Vulnerabilities > Off-by-one Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2021-31875 | Off-by-one Error vulnerability in Cesanta Mongooseos MJS 1.26 In mjs_json.c in Cesanta MongooseOS mJS 1.26, a maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjs_json_parse, which can potentially lead to redirection of control flow. | 9.8 |
| 2021-03-20 | CVE-2020-27171 | Off-by-one Error vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.8. | 6.0 |
| 2021-01-26 | CVE-2021-3156 | Off-by-one Error vulnerability in multiple products Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. local low complexity sudo-project fedoraproject debian netapp mcafee synology beyondtrust oracle CWE-193 | 7.8 |
| 2020-11-24 | CVE-2020-29040 | Off-by-one Error vulnerability in XEN An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data leak, or possibly gain privileges because of an off-by-one error. | 8.8 |
| 2020-08-25 | CVE-2020-14508 | Off-by-one Error vulnerability in Secomea Gatemanager 8250 Firmware 9.2C GateManager versions prior to 9.2c, The affected product is vulnerable to an off-by-one error, which may allow an attacker to remotely execute arbitrary code or cause a denial-of-service condition. | 9.8 |
| 2020-06-24 | CVE-2020-3969 | Off-by-one Error vulnerability in VMWare products VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. | 7.8 |
| 2020-06-05 | CVE-2020-10062 | Off-by-one Error vulnerability in Zephyrproject Zephyr An off-by-one error in the Zephyr project MQTT packet length decoder can result in memory corruption and possible remote code execution. | 9.8 |
| 2020-05-15 | CVE-2019-19721 | Off-by-one Error vulnerability in Videolan VLC Media Player An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service (memory corruption) via a crafted image file. | 7.8 |
| 2020-04-15 | CVE-2019-12521 | Off-by-one Error vulnerability in multiple products An issue was discovered in Squid through 4.7. | 5.9 |
| 2020-04-14 | CVE-2020-11765 | Off-by-one Error vulnerability in multiple products An issue was discovered in OpenEXR before 2.4.1. | 5.5 |