CWE-193

Off-by-one Error

Parent: CWE-682 - Incorrect Calculation

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

198 vulnerabilities with CWE-193
CVE-2018-5800 MEDIUM
LibRaw < 0.18.7 - Heap-Based Buffer Overflow via kodak_ycbcr_load_raw Off-by-One Error
CVSS 6.5
CVE-2018-14599 CRITICAL
libX11 < 1.6.5 - Off-by-one Error in XListExtensions
CVSS 9.8
CVE-2018-14682 HIGH
libmspack <0.7alpha - Buffer Overflow
CVSS 8.8
CVE-2018-14679 MEDIUM
libmspack - Denial of Service via CHM PMGI/PMGL Chunk Number Validity Check
CVSS 6.5
CVE-2018-9860 HIGH
Botan 1.11.32-2.x < 2.6.0 - Denial of Service via TLS-CBC Ciphertext Processing
CVSS 7.5
CVE-2018-8828 CRITICAL
Kamailio <4.4.7, 5.0.x <5.0.6, 5.1.x <5.1.2 - Buffer Overflow
CVSS 9.8
CVE-2018-7329 HIGH
Wireshark 2.2.0-2.2.12 - Infinite Loop via Off-by-one Error in S7COMM Dissector
CVSS 7.5
CVE-2017-2618 MEDIUM
Linux Kernel <4.9.10 - Use After Free
CVSS 5.5
CVE-2017-1000416 MEDIUM
axtls 1.5.3 - Off-by-one Error in ASN.1 UTCTime Parser
CVSS 5.3
CVE-2017-9720 HIGH
Android < 8.0 - Off-by-one Error in Camera Driver
CVSS 7.8
CVE-2017-14502 HIGH
libarchive 3.3.2 - Out-of-bounds Read in RAR Archive UTF-16 Name Handling
CVSS 7.5
CVE-2016-10160 CRITICAL
PHP <5.6.30, <7.0.15 - Memory Corruption
CVSS 9.8
CVE-2015-0841 HIGH
monopd < 0.9.8 - Denial of Service via Long Line in readBuf Function
CVSS 7.5
CVE-2015-8701 MEDIUM
QEMU < 2.5.1.1 - Off-by-one Error in Rocker Switch Emulation
CVSS 6.5
CVE-2014-8182 HIGH
OpenLDAP 2.4 - Denial of Service via DNS SRV Message Processing
CVSS 7.5
CVE-2014-5388
QEMU < 2.1.3 - Off-by-one Error in ACPI PCI Hotplug Interface
CVE-2013-0897
Google Chrome <25.0.1364.97-25.0.1364.99 - DoS
CVE-2011-2852
Google Chrome < 14.0.835.163 - Off-by-one Error in V8
CVE-2011-2695
Linux Kernel < 3.0 - Denial of Service via Ext4 Sparse File Write
CVE-2011-1027
cgit < 0.8.3.5 - Denial of Service via Invalid Hex Character Sequence
CVE-2010-5331 HIGH
Linux kernel <2.6.34 - Buffer Overflow
CVSS 7.8
CVE-2010-3454
Apache OpenOffice 2.0.0-3.2.1 - Off-by-one Error in WW8DopTypography::ReadFromMem
CVE-2010-1773 HIGH
Google Chrome < 5.0.375.70 - Off-by-one Error in RenderListMarker
CVSS 8.8
CVE-2010-2955
Linux kernel <2.6.36-rc3-next-20100831 - Info Disclosure
CVE-2009-1217
Microsoft GDI+ - Denial of Service via Crafted EMF File
Details
Vulnerabilities 198
Links
MITRE CWE Entry Search this CWE With Exploits