Vulnerabilities > Off-by-one Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-24 | CVE-2020-3969 | Off-by-one Error vulnerability in VMWare products VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. | 7.8 |
| 2020-06-05 | CVE-2020-10062 | Off-by-one Error vulnerability in Zephyrproject Zephyr An off-by-one error in the Zephyr project MQTT packet length decoder can result in memory corruption and possible remote code execution. | 9.8 |
| 2020-05-15 | CVE-2019-19721 | Off-by-one Error vulnerability in Videolan VLC Media Player An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service (memory corruption) via a crafted image file. | 7.8 |
| 2020-04-15 | CVE-2019-12521 | Off-by-one Error vulnerability in multiple products An issue was discovered in Squid through 4.7. | 5.9 |
| 2020-04-14 | CVE-2020-11765 | Off-by-one Error vulnerability in multiple products An issue was discovered in OpenEXR before 2.4.1. | 5.5 |
| 2020-02-27 | CVE-2020-3840 | Off-by-one Error vulnerability in Apple products An off by one issue existed in the handling of racoon configuration files. | 7.8 |
| 2020-01-30 | CVE-2020-8443 | Off-by-one Error vulnerability in Ossec In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted). | 9.8 |
| 2020-01-16 | CVE-2020-7044 | Off-by-one Error vulnerability in multiple products In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. | 7.5 |
| 2020-01-10 | CVE-2020-6835 | Off-by-one Error vulnerability in Bftpd Project Bftpd An issue was discovered in Bftpd before 5.4. | 9.8 |
| 2020-01-02 | CVE-2014-8182 | Off-by-one Error vulnerability in multiple products An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. | 7.5 |