CWE-369— Divide By Zero
277 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-369page 2 of 6
- CVE-2019-14494HIGHCVSS 7.5EG 7.52019-08-01
An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
- CVE-2019-14498HIGHCVSS 7.8EG 7.82019-08-29
A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file.
- CVE-2019-14535HIGHCVSS 7.8EG 7.82019-08-29
A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file.
- CVE-2019-14981MEDIUMCVSS 6.5EG 6.52019-08-12
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.
- CVE-2019-15133MEDIUMCVSS 6.5EG 6.52019-08-17
In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.
- CVE-2019-15939MEDIUMCVSS 5.9EG 5.92019-09-05
An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.
- CVE-2019-16168MEDIUMCVSS 6.5EG 6.52019-09-09
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
- CVE-2019-16228HIGHCVSS 7.5EG 7.52019-09-11
An issue was discovered in py-lmdb 0.97. There is a divide-by-zero error in the function mdb_env_open2 if mdb_env_read_header obtains a zero value for a certain size field. NOTE: this outcome occurs when accessing a data.mdb file supplied …
- CVE-2019-19888MEDIUMCVSS 6.5EG 6.52019-12-18
jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error.
- CVE-2019-5637HIGHCVSS 7.5EG 7.52019-11-21
When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a malformed UDP packet to the device. This issue affects TwinCAT 2 version 2304 (and prior) and TwinCAT 3.1 v…
- CVE-2019-7156MEDIUMCVSS 6.52019-01-29
In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows division by zero.
- CVE-2019-9084MEDIUMCVSS 4.9EG 4.92019-06-07
In Hoteldruid before 2.3.1, a division by zero was discovered in $num_tabelle in tab_tariffe.php (aka the numtariffa1 parameter) due to the mishandling of non-numeric values, as demonstrated by the /tab_tariffe.php?anno=[YEAR]&numtariffa1=…
- CVE-2020-11145HIGHCVSS 7.5EG 7.52021-01-21
Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indu…
- CVE-2020-12371MEDIUMCVSS 5.5EG 5.52021-02-17
Divide by zero in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.
- CVE-2020-12767MEDIUMCVSS 5.5EG 5.52020-05-09
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
- CVE-2020-14415LOWCVSS 3.3EG 3.32020-08-27
oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.
- CVE-2020-16160HIGHCVSS 7.5EG 7.52020-10-19
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Decompress(). Parsing malicious input can result in a crash.
- CVE-2020-16161HIGHCVSS 7.5EG 7.52020-10-19
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_ScaledData(). Parsing malicious input can result in a crash.
- CVE-2020-16299MEDIUMCVSS 5.5EG 5.52020-08-13
A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16310MEDIUMCVSS 5.5EG 5.52020-08-13
A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-18774MEDIUMCVSS 6.5EG 6.52021-08-23
A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file.
- CVE-2020-20253MEDIUMCVSS 6.5EG 6.52021-05-18
Mikrotik RouterOs before 6.47 (stable tree) suffers from a divison by zero vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error.
- CVE-2020-20264MEDIUMCVSS 6.5EG 6.52021-05-19
Mikrotik RouterOs before 6.47 (stable tree) in the /ram/pckg/advanced-tools/nova/bin/netwatch process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error.
- CVE-2020-20445MEDIUMCVSS 6.5EG 6.52021-05-25
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service.
- CVE-2020-20446MEDIUMCVSS 6.5EG 6.52021-05-25
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service.
- CVE-2020-20448MEDIUMCVSS 6.5EG 6.52021-05-25
FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/ratecontrol.c, which allows a remote malicious user to cause a Denial of Service.
- CVE-2020-20453MEDIUMCVSS 6.5EG 6.52021-05-25
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service
- CVE-2020-20892HIGHCVSS 8.8EG 8.82021-09-20
An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a division by zero.
- CVE-2020-21710MEDIUMCVSS 5.5EG 5.52023-08-22
A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file.
- CVE-2020-23567MEDIUMCVSS 5.5EG 5.52021-11-05
Irfanview v4.53 allows attackers to to cause a denial of service (DoS) via a crafted JPEG 2000 file. Related to "Integer Divide By Zero starting at JPEG2000!ShowPlugInSaveOptions_W+0x00000000000082ea"
- CVE-2020-23903MEDIUMCVSS 5.5EG 5.52021-11-10
A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.
- CVE-2020-25708HIGHCVSS 7.5EG 7.52020-11-27
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a d…
- CVE-2020-27560LOWCVSS 3.3EG 3.32020-10-22
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
- CVE-2020-27661MEDIUMCVSS 6.5EG 6.52021-06-02
A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of servic…
- CVE-2020-27750MEDIUMCVSS 5.5EG 5.52020-12-08
A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range o…
- CVE-2020-27756MEDIUMCVSS 5.5EG 5.52020-12-08
In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick a…
- CVE-2020-27760MEDIUMCVSS 5.5EG 5.52020-12-03
In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability…
- CVE-2020-27763LOWCVSS 3.3EG 3.32020-12-03
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact…
- CVE-2020-27765LOWCVSS 3.3EG 3.32020-12-04
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impac…
- CVE-2020-27773LOWCVSS 3.3EG 3.32020-12-04
A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or divisi…
- CVE-2020-27790MEDIUMCVSS 5.5EG 5.52022-08-18
A floating point exception issue was discovered in UPX in PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of ser…
- CVE-2020-27802MEDIUMCVSS 5.5EG 5.52022-08-25
An floating point exception was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
- CVE-2021-20176MEDIUMCVSS 5.5EG 5.52021-02-06
A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero. The highest…
- CVE-2021-20205MEDIUMCVSS 6.5EG 6.52021-03-10
Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.
- CVE-2021-20241MEDIUMCVSS 5.5EG 5.52021-03-09
A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is t…
- CVE-2021-20243MEDIUMCVSS 5.5EG 5.52021-03-09
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerabili…
- CVE-2021-20244MEDIUMCVSS 5.5EG 5.52021-03-09
A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vul…
- CVE-2021-20245MEDIUMCVSS 5.5EG 5.52021-03-09
A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is …
- CVE-2021-20246MEDIUMCVSS 5.5EG 5.52021-03-09
A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerabi…
- CVE-2021-20309HIGHCVSS 7.5EG 7.52021-05-11
A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using I…
Map vulnerabilities like CWE-369 to your infrastructure
EchelonGraph correlates every CVE — across CWE-369 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →