CWE-369
AllowedDivide By Zero
Abstraction: Base · Status: Draft
The product divides a value by zero.
577 vulnerabilities reference this CWE, most recent first.
GHSA-H26V-QGM2-W7J4
Vulnerability from github – Published: 2023-12-26 15:30 – Updated: 2024-07-11 18:31A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon pnm_binary_read_image() of load-pnm.c line 527.
{
"affected": [],
"aliases": [
"CVE-2023-51104"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-26T15:15:08Z",
"severity": "HIGH"
},
"details": "A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon pnm_binary_read_image() of load-pnm.c line 527.",
"id": "GHSA-h26v-qgm2-w7j4",
"modified": "2024-07-11T18:31:11Z",
"published": "2023-12-26T15:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51104"
},
{
"type": "WEB",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=707621"
},
{
"type": "WEB",
"url": "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md"
},
{
"type": "WEB",
"url": "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=0c06a4e51519515615f6ab2d5b1f25da6771e1f4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H3X9-7XX2-W832
Vulnerability from github – Published: 2022-05-13 01:28 – Updated: 2022-05-13 01:28** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications "need to be prepared to handle a wide variety of exceptions."
{
"affected": [],
"aliases": [
"CVE-2017-18207"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-01T05:29:00Z",
"severity": "MODERATE"
},
"details": "** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications \"need to be prepared to handle a wide variety of exceptions.\"",
"id": "GHSA-h3x9-7xx2-w832",
"modified": "2022-05-13T01:28:47Z",
"published": "2022-05-13T01:28:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18207"
},
{
"type": "WEB",
"url": "https://bugs.python.org/issue32056"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H57G-4HH9-C367
Vulnerability from github – Published: 2022-05-14 01:56 – Updated: 2022-05-14 01:56An issue was discovered in GoPro gpmf-parser before 1.2.1. There is a divide-by-zero error in GPMF_ScaledData in GPMF_parser.c.
{
"affected": [],
"aliases": [
"CVE-2018-18190"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-10-09T20:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in GoPro gpmf-parser before 1.2.1. There is a divide-by-zero error in GPMF_ScaledData in GPMF_parser.c.",
"id": "GHSA-h57g-4hh9-c367",
"modified": "2022-05-14T01:56:41Z",
"published": "2022-05-14T01:56:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18190"
},
{
"type": "WEB",
"url": "https://github.com/gopro/gpmf-parser/issues/41"
},
{
"type": "WEB",
"url": "https://github.com/gopro/gpmf-parser/releases/tag/v1.2.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H8PR-CFPQ-C3RC
Vulnerability from github – Published: 2022-05-14 02:00 – Updated: 2022-05-14 02:00A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
{
"affected": [],
"aliases": [
"CVE-2018-17438"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-09-24T14:29:00Z",
"severity": "MODERATE"
},
"details": "A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.",
"id": "GHSA-h8pr-cfpq-c3rc",
"modified": "2022-05-14T02:00:07Z",
"published": "2022-05-14T02:00:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17438"
},
{
"type": "WEB",
"url": "https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_h5d__select_io_h5dselect"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H8WV-W7MJ-X6RC
Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-11-05 15:31In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: Prevent division by zero
The user can set any speed value. If speed is greater than UINT_MAX/8, division by zero is possible.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
{
"affected": [],
"aliases": [
"CVE-2025-37767"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-01T14:15:39Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"id": "GHSA-h8wv-w7mj-x6rc",
"modified": "2025-11-05T15:31:01Z",
"published": "2025-05-01T15:31:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37767"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/327107bd7f052f4ee2d0c966c7ae879822f1814f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8f7b5987e21e003cafac28f0e4d323e6496f83ba"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c3ff73e3bddf1a6c30d7effe4018d12ba0cadd2e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f23e9116ebb71b63fe9cec0dcac792aa9af30b0c"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f2904fa2b9da943db6bef7c0f8b3fb4fc14acbc4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fb803d4bb9ea0a61c21c4987505e4d4ae18f9fdc"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-H99V-MRWP-7GW9
Vulnerability from github – Published: 2022-05-14 02:11 – Updated: 2025-04-20 03:38game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).
{
"affected": [],
"aliases": [
"CVE-2016-9960"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-06-06T18:29:00Z",
"severity": "MODERATE"
},
"details": "game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).",
"id": "GHSA-h99v-mrwp-7gw9",
"modified": "2025-04-20T03:38:31Z",
"published": "2022-05-14T02:11:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9960"
},
{
"type": "WEB",
"url": "https://bitbucket.org/mpyne/game-music-emu/wiki/Home"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1405423"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHFKIFSFIDXOKFUKAH2MBNXDTY6DYBF6"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHFKIFSFIDXOKFUKAH2MBNXDTY6DYBF6"
},
{
"type": "WEB",
"url": "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201707-02"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/12/15/11"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/95305"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HC88-G42G-7PC8
Vulnerability from github – Published: 2022-09-16 00:00 – Updated: 2022-09-20 00:00Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
{
"affected": [],
"aliases": [
"CVE-2022-38865"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-15T15:15:00Z",
"severity": "MODERATE"
},
"details": "Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.",
"id": "GHSA-hc88-g42g-7pc8",
"modified": "2022-09-20T00:00:29Z",
"published": "2022-09-16T00:00:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38865"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"type": "WEB",
"url": "https://trac.mplayerhq.hu/ticket/2401"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HF2W-7552-3W3C
Vulnerability from github – Published: 2026-01-28 21:31 – Updated: 2026-01-29 21:30A floating-point exception (FPE) in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
{
"affected": [],
"aliases": [
"CVE-2025-71002"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-28T20:16:14Z",
"severity": "MODERATE"
},
"details": "A floating-point exception (FPE) in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.",
"id": "GHSA-hf2w-7552-3w3c",
"modified": "2026-01-29T21:30:30Z",
"published": "2026-01-28T21:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71002"
},
{
"type": "WEB",
"url": "https://github.com/Oneflow-Inc/oneflow/issues/10657"
},
{
"type": "WEB",
"url": "https://github.com/Daisy2ang"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HH7P-PQ2Q-6P59
Vulnerability from github – Published: 2023-12-26 15:30 – Updated: 2024-01-05 18:30A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon compute_color() of jquant2.c.
{
"affected": [],
"aliases": [
"CVE-2023-51107"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-26T15:15:08Z",
"severity": "HIGH"
},
"details": "A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon compute_color() of jquant2.c.",
"id": "GHSA-hh7p-pq2q-6p59",
"modified": "2024-01-05T18:30:24Z",
"published": "2023-12-26T15:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51107"
},
{
"type": "WEB",
"url": "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HHX4-XMF9-97G5
Vulnerability from github – Published: 2023-08-25 21:30 – Updated: 2025-11-04 00:30Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.
{
"affected": [],
"aliases": [
"CVE-2023-2906"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-25T21:15:07Z",
"severity": "MODERATE"
},
"details": "Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.",
"id": "GHSA-hhx4-xmf9-97g5",
"modified": "2025-11-04T00:30:39Z",
"published": "2023-08-25T21:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2906"
},
{
"type": "WEB",
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19229"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HCUPLDY7HLPO46PHMGIJSUBJFTT237C"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4AVRUYSHDNEAJILVSGY5W6MPOMG2YRF"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRKHFQPWFU7F3OXTL6IEIQSJG6FVXZTZ"
},
{
"type": "WEB",
"url": "https://takeonme.org/cves/CVE-2023-2906.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.