Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-193 (Off-by-one错误) — Vulnerability Class 54

54 vulnerabilities classified as CWE-193 (Off-by-one错误). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-40254 FreeRDP: contains_dotdot() off-by-one allows drive channel path traversal via terminal .. — FreeRDP 4.2 Medium2026-04-24
CVE-2026-6861 Emacs: emacs: memory corruption vulnerability when processing svg css — Red Hat Enterprise Linux 10 6.1 Medium2026-04-22
CVE-2026-40312 ImageMagick: Off-by-One in MSL decoder could result in crash — ImageMagick 6.2 Medium2026-04-13
CVE-2026-33997 Moby: Off-by-one error in plugin privilege validation — moby 6.8 Medium2026-03-31
CVE-2026-5123 osrg GoBGP bgp.go DecodeFromBytes off-by-one — GoBGP 3.7 Low2026-03-30
CVE-2026-22593 EVerest has off-by-one stack buffer overflow in IsoMux certificate filename parsing — everest-core 8.4 High2026-03-26
CVE-2026-4887 Gimp: gimp:memory disclosure and denial of service via specially crafted pcx image — Red Hat Enterprise Linux 6 6.1 Medium2026-03-26
CVE-2026-34085 fontconfig 安全漏洞 — fontconfig 5.9 Medium2026-03-25
CVE-2006-10003 XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack — XML::Parser 8.1 -2026-03-19
CVE-2026-28520 arduino-TuyaOpen WiFiMulti Single-Byte Buffer Overflow Remote Code Execution — arduino-TuyaOpen 8.4 High2026-03-15
CVE-2026-31988 yauzl 3.2.0 - Denial of Service via Off-by-One Error in NTFS Timestamp Parser — yauzl 5.3 Medium2026-03-11
CVE-2026-26309 Envoy has an off-by-one write in JsonEscaper::escapeString() — envoy 5.3 Medium2026-03-10
CVE-2026-2703 xlnt-community xlnt Encrypted XLSX File base64.cpp decode_base64 off-by-one — xlnt 3.3 Low2026-02-19
CVE-2026-21870 The BACnet Protocol Stack library has an Off-by-one Stack-based Buffer Overflow in tokenizer_string — bacnet-stack 5.5 Medium2026-02-13
CVE-2025-11215 Google Chrome 安全漏洞 — Chrome 8.8AIHighAI2025-11-06
CVE-2025-54349 iperf 安全漏洞 — iperf3 6.5 Medium2025-08-03
CVE-2025-52497 Mbed TLS 安全漏洞 — mbedtls 4.8 Medium2025-07-04
CVE-2025-47711 Nbdkit: nbdkit-server: off-by-one error when processing block status may lead to a denial of service 6.5 Medium2025-06-09
CVE-2025-43973 GoBGP 安全漏洞 — GoBGP 6.8 Medium2025-04-21
CVE-2025-43971 GoBGP 安全漏洞 — GoBGP 8.6 High2025-04-21
CVE-2025-30742 ATOPHTTPD 安全漏洞 — atophttpd 5.3 Medium2025-03-26
CVE-2024-10442 Synology Replication Service 安全漏洞 — Unified Controller (DSMUC) 10.0 Critical2025-03-19
CVE-2024-57259 DENX Software Engineering Das U-Boot 安全漏洞 — U-Boot 7.1 High2025-02-18
CVE-2024-48854 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform — QNX Software Development Platform (SDP) 5.3 Medium2025-01-14
CVE-2024-51554 off-by-one-error — ASPECT-Enterprise 9.1 Critical2024-12-05
CVE-2024-45796 Suricata defrag: off by one can lead to policy bypass — suricata 5.3 Medium2024-10-16
CVE-2024-32668 bhyve(8) privileged guest escape via USB controller — FreeBSD 8.2 -2024-09-05
CVE-2023-44444 GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability — GIMP 7.8 -2024-05-03
CVE-2024-1441 Libvirt: off-by-one error in udevlistinterfacesbystatus() 5.5 Medium2024-03-11
CVE-2023-46247 Vyper has incorrect storage layout for contracts containing large arrays — vyper 7.5 High2023-12-13

Vulnerabilities classified as CWE-193 (Off-by-one错误) represent 54 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.