CWE-193
Off-by-one Error
Description
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (91)
page 5 of 5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-35893 | — | 0.00 | — | 0.01 | Dec 31, 2020 | An issue was discovered in the simple-slab crate before 0.3.3 for Rust. remove() has an off-by-one error, causing memory leakage and a drop of uninitialized memory. | ||
| CVE-2018-14599 | Cri | 0.00 | 9.8 | 0.05 | Aug 24, 2018 | An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact. | ||
| CVE-2017-2618 | Med | 0.00 | 5.5 | 0.00 | Jul 27, 2018 | A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. | ||
| CVE-2014-5388 | 0.00 | — | 0.00 | Nov 15, 2014 | Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption. | |||
| CVE-2013-0897 | 0.00 | — | 0.01 | Feb 23, 2013 | Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service via a crafted document. | |||
| CVE-2011-2852 | 0.00 | — | 0.01 | Sep 19, 2011 | Off-by-one error in Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-2695 | 0.00 | — | 0.00 | Jul 28, 2011 | Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest… | |||
| CVE-2011-1027 | 0.00 | — | 0.04 | Mar 20, 2011 | Off-by-one error in the convert_query_hexchar function in html.c in cgit.cgi in cgit before 0.8.3.5 allows remote attackers to cause a denial of service (infinite loop) via a string composed of a % (percent) character followed by invalid hex characters, as demonstrated by a %gg… | |||
| CVE-2010-2955 | 0.00 | — | 0.00 | Sep 8, 2010 | The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in… | |||
| CVE-2008-3964 | 0.00 | — | 0.03 | Sep 11, 2008 | Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function… | |||
| CVE-2008-3535 | 0.00 | — | 0.01 | Aug 8, 2008 | Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by… |
- CVE-2020-35893Dec 31, 2020risk 0.00cvss —epss 0.01
An issue was discovered in the simple-slab crate before 0.3.3 for Rust. remove() has an off-by-one error, causing memory leakage and a drop of uninitialized memory.
- risk 0.00cvss 9.8epss 0.05
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
- risk 0.00cvss 5.5epss 0.00
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.
- CVE-2014-5388Nov 15, 2014risk 0.00cvss —epss 0.00
Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption.
- CVE-2013-0897Feb 23, 2013risk 0.00cvss —epss 0.01
Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service via a crafted document.
- CVE-2011-2852Sep 19, 2011risk 0.00cvss —epss 0.01
Off-by-one error in Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-2695Jul 28, 2011risk 0.00cvss —epss 0.00
Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest…
- CVE-2011-1027Mar 20, 2011risk 0.00cvss —epss 0.04
Off-by-one error in the convert_query_hexchar function in html.c in cgit.cgi in cgit before 0.8.3.5 allows remote attackers to cause a denial of service (infinite loop) via a string composed of a % (percent) character followed by invalid hex characters, as demonstrated by a %gg…
- CVE-2010-2955Sep 8, 2010risk 0.00cvss —epss 0.00
The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in…
- CVE-2008-3964Sep 11, 2008risk 0.00cvss —epss 0.03
Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function…
- CVE-2008-3535Aug 8, 2008risk 0.00cvss —epss 0.01
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by…