VYPR

CWE-369

Divide By Zero

BaseDraftLikelihood: Medium

Description

The product divides a value by zero.

This weakness typically occurs when an unexpected value is provided to the product, or if an error occurs that is not properly detected. It frequently occurs in calculations involving physical dimensions such as size, length, width, and height.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (221)

page 6 of 12
  • CVE-2016-7499MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.01

    The sbr_make_f_master function in aacsbr.c in Libav 11.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file.

  • CVE-2016-8692MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.02

    The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command.

  • CVE-2016-8691MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.02

    The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.

  • CVE-2017-5844MedFeb 9, 2017
    risk 0.36cvss 5.5epss 0.03

    The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.

  • CVE-2017-5837MedFeb 9, 2017
    risk 0.36cvss 5.5epss 0.03

    The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.

  • CVE-2016-4797MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.02

    Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947.

  • CVE-2016-8697MedJan 31, 2017
    risk 0.36cvss 5.5epss 0.01

    The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image.

  • CVE-2007-2723MedMay 16, 2007
    risk 0.36cvss 5.5epss 0.01

    Media Player Classic 6.4.9.0 allows user-assisted remote attackers to cause a denial of service (web browser crash) via an "empty" .MPA file, which triggers a divide-by-zero error.

  • CVE-2026-42209MedMay 8, 2026
    risk 0.35cvss 6.5epss 0.00

    FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both set_retained_message_defer_timeout and set_retained_message_defer_timeout_spread are configured…

  • CVE-2018-14395MedJul 19, 2018
    risk 0.35cvss 6.5epss 0.02

    libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format.

  • CVE-2018-14394MedJul 19, 2018
    risk 0.35cvss 6.5epss 0.01

    libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.

  • CVE-2015-7513MedFeb 8, 2016
    risk 0.35cvss 6.5epss 0.01

    arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and…

  • CVE-2026-34546MedMar 31, 2026
    risk 0.33cvss 6.2epss 0.00

    iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted TIFF input can trigger Undefined Behavior (UB) due to division by zero in the TIFF handling code paths used by iccTiffDump. This issue has been…

  • CVE-2026-4603MedMar 23, 2026
    risk 0.31cvss 5.9epss 0.00

    Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL parsing path in ext/rsa.js and the BigInteger.modPowInt reduction logic in ext/jsbn.js. An attacker can force RSA public-key operations (e.g., verify and…

  • CVE-2017-0603MedMay 12, 2017
    risk 0.31cvss 4.7epss 0.00

    A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 4.4.4,…

  • CVE-2026-46184MedMay 28, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detect_usb_format() to prevent a division by zero in playback_urb_complete() and capture_urb_complete(). USB core does…

  • CVE-2026-46161MedMay 28, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setup_geo() with zero far_copies setup_geo() extracts near_copies (nc) and far_copies (fc) from the user-provided layout parameter without checking for zero. When fc=0 with the…

  • CVE-2026-43411MedMay 8, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tipc: fix divide-by-zero in tipc_sk_filter_connect() A user can set conn_timeout to any value via setsockopt(TIPC_CONN_TIMEOUT), including values less than 4. When a SYN is rejected with TIPC_ERR_OVERLOAD and…

  • CVE-2026-43354MedMay 8, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: proximity: hx9023s: Protect against division by zero in set_samp_freq Avoid division by zero when sampling frequency is unspecified.

  • CVE-2026-43267MedMay 6, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential zero beacon interval in beacon tracking During fuzz testing, it was discovered that bss_conf->beacon_int might be zero, which could result in a division by zero error in subsequent…