Vulnerabilities (CVE)

Filtered by CWE-193
Total 139 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-2695 1 Linux 1 Linux Kernel 2025-04-11 4.9 MEDIUM N/A
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsigned integer.
CVE-2011-2852 1 Google 1 Chrome 2025-04-11 6.8 MEDIUM N/A
Off-by-one error in Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2010-3454 3 Apache, Canonical, Debian 3 Openoffice, Ubuntu Linux, Debian Linux 2025-04-11 9.3 HIGH N/A
Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write.
CVE-2013-0897 5 Apple, Google, Linux and 2 more 5 Mac Os X, Chrome, Linux Kernel and 2 more 2025-04-11 4.3 MEDIUM N/A
Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service via a crafted document.
CVE-2010-1773 5 Canonical, Fedoraproject, Google and 2 more 5 Ubuntu Linux, Fedora, Chrome and 2 more 2025-04-11 6.8 MEDIUM 8.8 HIGH
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118.
CVE-2010-2955 4 Canonical, Linux, Opensuse and 1 more 6 Ubuntu Linux, Linux Kernel, Opensuse and 3 more 2025-04-11 2.1 LOW N/A
The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size.
CVE-2006-4574 1 Wireshark 1 Wireshark 2025-04-09 5.0 MEDIUM 7.5 HIGH
Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values.
CVE-2008-3964 1 Libpng 1 Libpng 2025-04-09 4.3 MEDIUM N/A
Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c.
CVE-2008-3535 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2025-04-09 4.9 MEDIUM N/A
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project.
CVE-2007-2052 1 Python 1 Python 2025-04-09 5.0 MEDIUM N/A
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
CVE-2009-1217 1 Microsoft 2 Gdi\+, Windows Xp 2025-04-09 4.3 MEDIUM N/A
Off-by-one error in the GpFont::SetData function in gdiplus.dll in Microsoft GDI+ on Windows XP allows remote attackers to cause a denial of service (stack corruption and application termination) via a crafted EMF file that triggers an integer overflow, as demonstrated by voltage-exploit.emf, aka the "Microsoft GdiPlus EMF GpFont.SetData integer overflow."
CVE-2021-3156 8 Beyondtrust, Debian, Fedoraproject and 5 more 31 Privilege Management For Mac, Privilege Management For Unix\/linux, Debian Linux and 28 more 2025-04-03 7.2 HIGH 7.8 HIGH
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
CVE-2004-0342 1 Wftpd Pro Server Project 1 Wftpd Pro Server 2025-04-03 2.1 LOW 5.5 MEDIUM
WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled, allows local users to cause a denial of service (crash) via a (1) MKD or (2) XMKD command that causes an absolute path of 260 characters to be used, which overwrites a cookie with a null character, possibly due to an off-by-one error.
CVE-2001-0609 1 Infodrom 1 Cfingerd 2025-04-03 10.0 HIGH 9.8 CRITICAL
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function.
CVE-1999-1568 1 Ncftp 1 Ncftpd Server 2025-04-03 5.0 MEDIUM 7.5 HIGH
Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.
CVE-2002-0653 1 Modssl 1 Mod Ssl 2025-04-03 4.6 MEDIUM 7.8 HIGH
Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.
CVE-2001-1496 1 Acme 1 Thttpd 2025-04-03 7.5 HIGH 9.8 CRITICAL
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2002-0083 9 Conectiva, Engardelinux, Immunix and 6 more 11 Linux, Secure Linux, Immunix and 8 more 2025-04-03 10.0 HIGH 9.8 CRITICAL
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVE-2003-0625 1 Hadrons 1 Xfstt 2025-04-03 6.4 MEDIUM 7.5 HIGH
Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response.
CVE-2003-0252 1 Linux-nfs 1 Nfs-utils 2025-04-03 10.0 HIGH 9.8 CRITICAL
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.