CWE-369
AllowedDivide By Zero
Abstraction: Base · Status: Draft
The product divides a value by zero.
577 vulnerabilities reference this CWE, most recent first.
GHSA-VRXH-5GXG-RMHM
Vulnerability from github – Published: 2022-01-22 00:00 – Updated: 2022-01-29 00:01A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).
{
"affected": [],
"aliases": [
"CVE-2021-46244"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-21T21:15:00Z",
"severity": "MODERATE"
},
"details": "A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).",
"id": "GHSA-vrxh-5gxg-rmhm",
"modified": "2022-01-29T00:01:10Z",
"published": "2022-01-22T00:00:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46244"
},
{
"type": "WEB",
"url": "https://github.com/HDFGroup/hdf5/issues/1327"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-VW4J-MQ4R-8C7Q
Vulnerability from github – Published: 2022-05-24 17:25 – Updated: 2022-06-30 00:00A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
{
"affected": [],
"aliases": [
"CVE-2020-16310"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-08-13T03:15:00Z",
"severity": "MODERATE"
},
"details": "A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.",
"id": "GHSA-vw4j-mq4r-8c7q",
"modified": "2022-06-30T00:00:30Z",
"published": "2022-05-24T17:25:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16310"
},
{
"type": "WEB",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701828"
},
{
"type": "WEB",
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=eaba1d97b62831b42c51840cc8ee2bc4576c942e"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202008-20"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4469-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4748"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VWGP-XCMC-QHW2
Vulnerability from github – Published: 2022-05-24 17:39 – Updated: 2022-05-24 17:39Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
{
"affected": [],
"aliases": [
"CVE-2020-11145"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-21T10:15:00Z",
"severity": "HIGH"
},
"details": "Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
"id": "GHSA-vwgp-xcmc-qhw2",
"modified": "2022-05-24T17:39:58Z",
"published": "2022-05-24T17:39:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11145"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-VWMG-HGQP-857P
Vulnerability from github – Published: 2022-05-24 16:51 – Updated: 2024-04-04 01:21dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump.
{
"affected": [],
"aliases": [
"CVE-2019-14249"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-24T04:15:00Z",
"severity": "MODERATE"
},
"details": "dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump.",
"id": "GHSA-vwmg-hgqp-857p",
"modified": "2024-04-04T01:21:57Z",
"published": "2022-05-24T16:51:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14249"
},
{
"type": "WEB",
"url": "https://sourceforge.net/p/libdwarf/code/ci/cb7198abde46c2ae29957ad460da6886eaa606ba/tree/libdwarf/dwarf_elf_load_headers.c?diff=99e77c3894877a1dd80b82808d8309eded4e5599"
},
{
"type": "WEB",
"url": "https://sourceforge.net/p/libdwarf/code/merge-requests/4"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/109380"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VWVQ-GH67-JHJV
Vulnerability from github – Published: 2024-12-15 03:30 – Updated: 2024-12-16 18:31An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service (divide-by-zero error and application crash).
{
"affected": [],
"aliases": [
"CVE-2024-56073"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-15T03:15:16Z",
"severity": "HIGH"
},
"details": "An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service (divide-by-zero error and application crash).",
"id": "GHSA-vwvq-gh67-jhjv",
"modified": "2024-12-16T18:31:08Z",
"published": "2024-12-15T03:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56073"
},
{
"type": "WEB",
"url": "https://github.com/pavel-odintsov/fastnetmon/commit/a36718525e08ad0f2a809363001bf105efc5fe1c"
},
{
"type": "WEB",
"url": "https://cwe.mitre.org/data/definitions/369.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W2V2-5QJC-Q2JW
Vulnerability from github – Published: 2026-05-01 18:31 – Updated: 2026-05-01 18:31An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab()
{
"affected": [],
"aliases": [
"CVE-2026-21996"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-01T18:16:13Z",
"severity": "LOW"
},
"details": "An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab()",
"id": "GHSA-w2v2-5qjc-q2jw",
"modified": "2026-05-01T18:31:25Z",
"published": "2026-05-01T18:31:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21996"
},
{
"type": "WEB",
"url": "https://linux.oracle.com/cve/CVE-2026-21996.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-W2X7-FC9J-4572
Vulnerability from github – Published: 2025-09-17 18:31 – Updated: 2025-09-17 18:31CISA Thorium accepts a stream split size of zero then divides by this value. A remote, authenticated attacker could cause the service to crash. Fixed in commit 89101a6.
{
"affected": [],
"aliases": [
"CVE-2025-35435"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-17T17:15:43Z",
"severity": "MODERATE"
},
"details": "CISA Thorium accepts a stream split size of zero then divides by this value. A remote, authenticated attacker could cause the service to crash. Fixed in commit 89101a6.",
"id": "GHSA-w2x7-fc9j-4572",
"modified": "2025-09-17T18:31:18Z",
"published": "2025-09-17T18:31:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-35435"
},
{
"type": "WEB",
"url": "https://github.com/cisagov/thorium/commit/7c94a0b9bc2dc55e0c307360452f348bac06820c"
},
{
"type": "WEB",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-259-01.json"
},
{
"type": "WEB",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-CVE-2025-35435"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-W63P-J55P-8MPJ
Vulnerability from github – Published: 2022-05-13 01:40 – Updated: 2022-05-13 01:40A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35763994.
{
"affected": [],
"aliases": [
"CVE-2017-0603"
],
"database_specific": {
"cwe_ids": [
"CWE-190",
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-05-12T15:29:00Z",
"severity": "MODERATE"
},
"details": "A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35763994.",
"id": "GHSA-w63p-j55p-8mpj",
"modified": "2022-05-13T01:40:19Z",
"published": "2022-05-13T01:40:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-0603"
},
{
"type": "WEB",
"url": "https://android.googlesource.com/platform/frameworks/av/+/36b04932bb93cc3269279282686b439a17a89920"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98143"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W6C9-7896-VQPM
Vulnerability from github – Published: 2022-05-14 03:33 – Updated: 2022-05-14 03:33The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.
{
"affected": [],
"aliases": [
"CVE-2014-8130"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-12T02:29:00Z",
"severity": "MODERATE"
},
"details": "The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.",
"id": "GHSA-w6c9-7896-vqpm",
"modified": "2022-05-14T03:33:16Z",
"published": "2022-05-14T03:33:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8130"
},
{
"type": "WEB",
"url": "https://github.com/vadz/libtiff/commit/3c5eb8b1be544e41d2c336191bc4936300ad7543"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185817"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"type": "WEB",
"url": "http://bugzilla.maptools.org/show_bug.cgi?id=2483"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"type": "WEB",
"url": "http://openwall.com/lists/oss-security/2015/01/24/15"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT204941"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT204942"
},
{
"type": "WEB",
"url": "http://www.conostix.com/pub/adv/CVE-2014-8130-LibTIFF-Division_By_Zero.txt"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/72353"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1032760"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W8HX-5JWC-X79J
Vulnerability from github – Published: 2023-12-26 15:30 – Updated: 2024-07-11 18:31A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function bmp_decompress_rle4() of load-bmp.c.
{
"affected": [],
"aliases": [
"CVE-2023-51105"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-26T15:15:08Z",
"severity": "HIGH"
},
"details": "A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function bmp_decompress_rle4() of load-bmp.c.",
"id": "GHSA-w8hx-5jwc-x79j",
"modified": "2024-07-11T18:31:11Z",
"published": "2023-12-26T15:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51105"
},
{
"type": "WEB",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=707622"
},
{
"type": "WEB",
"url": "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md"
},
{
"type": "WEB",
"url": "http://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=cee86dc519d5270a3b96476ad15809ceace64a26"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.