Vulnerabilities > Off-by-one Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-12 | CVE-2018-9860 | Off-by-one Error vulnerability in Botan Project Botan An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. | 7.5 |
| 2018-03-20 | CVE-2018-8828 | Off-by-one Error vulnerability in multiple products A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. | 9.8 |
| 2018-01-22 | CVE-2017-1000416 | Off-by-one Error vulnerability in Axtls Project Axtls 1.5.3 axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year (19)50 of UTCTime being misinterpreted as 2050. | 5.3 |
| 2017-09-21 | CVE-2017-9720 | Off-by-one Error vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur. | 7.8 |
| 2017-09-17 | CVE-2017-14502 | Off-by-one Error vulnerability in Libarchive 3.3.2 read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header. | 7.5 |
| 2017-01-24 | CVE-2016-10160 | Off-by-one Error vulnerability in multiple products Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch. | 9.8 |
| 2016-12-29 | CVE-2015-8701 | Off-by-one Error vulnerability in Qemu QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off-by-one error. | 6.5 |
| 2010-09-24 | CVE-2010-1773 | Off-by-one Error vulnerability in multiple products Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118. | 8.8 |
| 2004-11-23 | CVE-2004-0346 | Off-by-one Error vulnerability in Proftpd 1.2.7/1.2.8/1.2.9 Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command. | 7.8 |
| 2004-11-23 | CVE-2004-0342 | Off-by-one Error vulnerability in Wftpd PRO Server Project Wftpd PRO Server 3.21 WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled, allows local users to cause a denial of service (crash) via a (1) MKD or (2) XMKD command that causes an absolute path of 260 characters to be used, which overwrites a cookie with a null character, possibly due to an off-by-one error. | 5.5 |