VYPR

CWE-369

Divide By Zero

BaseDraftLikelihood: Medium

Description

The product divides a value by zero.

This weakness typically occurs when an unexpected value is provided to the product, or if an error occurs that is not properly detected. It frequently occurs in calculations involving physical dimensions such as size, length, width, and height.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (221)

page 2 of 12
  • CVE-2017-16650MedNov 7, 2017
    risk 0.43cvss 6.6epss 0.00

    The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2017-16649MedNov 7, 2017
    risk 0.43cvss 6.6epss 0.00

    The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device.

  • CVE-2016-7530MedApr 20, 2017
    risk 0.43cvss 6.5epss 0.03

    The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.

  • CVE-2016-3622MedOct 3, 2016
    risk 0.43cvss 6.5epss 0.04

    The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image.

  • CVE-2025-55642MedJun 15, 2026
    risk 0.42cvss 6.5epss 0.00

    GPAC MP4Box v2.4 was discovered to contain a floating point exception in the avidmx_process function (isomedia/isom_write.c).

  • CVE-2026-35215HigApr 17, 2026
    risk 0.42cvss 7.5epss 0.00

    Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the sdl_desc() function does not validate the length of a decoded SDL descriptor from a slice packet. A zero-length descriptor is later used to calculate the number of…

  • CVE-2026-5747HigApr 8, 2026
    risk 0.42cvss 7.5epss 0.00

    An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x86_64 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via…

  • CVE-2025-54581HigJul 30, 2025
    risk 0.42cvss 7.5epss 0.01

    vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::try_from and flows into parse_ttl_extension where it is parsed as a TTL value. If an attacker…

  • CVE-2019-16168MedSep 9, 2019
    risk 0.42cvss 6.5epss 0.04

    In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."

  • CVE-2018-18195MedOct 9, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered in libgig 4.1.0. There is an FPE (divide-by-zero error) in DLS::Sample::Sample in DLS.cpp.

  • CVE-2018-17438MedSep 24, 2018
    risk 0.42cvss 6.5epss 0.02

    A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.

  • CVE-2018-17434MedSep 24, 2018
    risk 0.42cvss 6.5epss 0.02

    A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.

  • CVE-2018-17237MedSep 20, 2018
    risk 0.42cvss 6.5epss 0.01

    A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207.

  • CVE-2018-17233MedSep 20, 2018
    risk 0.42cvss 6.5epss 0.02

    A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service…

  • CVE-2018-11207MedMay 16, 2018
    risk 0.42cvss 6.5epss 0.02

    A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.

  • CVE-2018-11203MedMay 16, 2018
    risk 0.42cvss 6.5epss 0.02

    A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.

  • CVE-2018-9304MedApr 4, 2018
    risk 0.42cvss 6.5epss 0.02

    In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service.

  • CVE-2017-18207MedMar 1, 2018
    risk 0.42cvss 6.5epss 0.01

    The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue…

  • CVE-2018-2385MedFeb 14, 2018
    risk 0.42cvss 6.5epss 0.01

    Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.

  • CVE-2017-17508MedDec 11, 2017
    risk 0.42cvss 6.5epss 0.01

    In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.