Vulnerabilities > Off-by-one Error

DATE CVE VULNERABILITY TITLE RISK
2020-02-27 CVE-2020-3840 Off-by-one Error vulnerability in Apple products
An off by one issue existed in the handling of racoon configuration files.
local
low complexity
apple CWE-193
7.8
2020-01-30 CVE-2020-8443 Off-by-one Error vulnerability in Ossec
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted).
network
low complexity
ossec CWE-193
critical
9.8
2020-01-16 CVE-2020-7044 Off-by-one Error vulnerability in multiple products
In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash.
network
low complexity
wireshark fedoraproject opensuse oracle CWE-193
7.5
2020-01-10 CVE-2020-6835 Off-by-one Error vulnerability in Bftpd Project Bftpd
An issue was discovered in Bftpd before 5.4.
network
low complexity
bftpd-project CWE-193
critical
9.8
2020-01-02 CVE-2014-8182 Off-by-one Error vulnerability in multiple products
An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages.
network
low complexity
openldap debian CWE-193
7.5
2019-12-19 CVE-2019-19906 Off-by-one Error vulnerability in multiple products
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet.
7.5
2019-12-09 CVE-2015-0841 Off-by-one Error vulnerability in Monopd Project Monopd
Off-by-one error in the readBuf function in listener.cpp in libcapsinetwork and monopd before 0.9.8, allows remote attackers to cause a denial of service (crash) via a long line.
network
low complexity
monopd-project CWE-193
7.5
2019-10-31 CVE-2019-18423 Off-by-one Error vulnerability in multiple products
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall.
network
low complexity
xen debian fedoraproject CWE-193
8.8
2019-08-02 CVE-2019-14532 Off-by-one Error vulnerability in multiple products
An issue was discovered in The Sleuth Kit (TSK) 4.6.6.
network
low complexity
sleuthkit fedoraproject CWE-193
critical
9.8
2019-07-28 CVE-2019-14323 Off-by-one Error vulnerability in Simple Service Discovery Protocol Responder Project Simple Service Discovery Protocol Responder
SSDP Responder 1.x through 1.5 mishandles incoming network messages, leading to a stack-based buffer overflow by 1 byte.
7.5