CWE-369
Divide By Zero
BaseDraftLikelihood: Medium
Description
The product divides a value by zero.
This weakness typically occurs when an unexpected value is provided to the product, or if an error occurs that is not properly detected. It frequently occurs in calculations involving physical dimensions such as size, length, width, and height.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (119)
page 6 of 6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-8697 | Med | 0.36 | 5.5 | 0.00 | Jan 31, 2017 | The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image. | |
| CVE-2007-2723 | Med | 0.36 | 5.5 | 0.01 | May 16, 2007 | Media Player Classic 6.4.9.0 allows user-assisted remote attackers to cause a denial of service (web browser crash) via an "empty" .MPA file, which triggers a divide-by-zero error. | |
| CVE-2026-4603 | Med | 0.31 | 5.9 | 0.00 | Mar 23, 2026 | Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASetPublic/KEYUTIL parsing path in ext/rsa.js and the BigInteger.modPowInt reduction logic in ext/jsbn.js. An attacker can force RSA public-key operations (e.g., verify and encryption) to collapse to deterministic zero outputs and hide “invalid key” errors by supplying a JWK whose modulus decodes to zero. | |
| CVE-2017-0603 | Med | 0.31 | 4.7 | 0.00 | May 12, 2017 | A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35763994. | |
| CVE-2017-17054 | Med | 0.29 | 5.5 | 0.00 | Nov 29, 2017 | In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file. | |
| CVE-2026-46470 | Med | 0.26 | 4.0 | 0.00 | May 14, 2026 | An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_audio_caps function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero. | |
| CVE-2026-46469 | Med | 0.26 | 4.0 | 0.00 | May 14, 2026 | An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_parse_trak function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero. | |
| CVE-2026-42443 | Low | 0.21 | 3.3 | 0.00 | May 12, 2026 | NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an integer divide-by-zero exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS image where the superblock field fs_ipg (inodes per cylinder group) is set to zero. The parser uses this attacker-controlled value as a divisor without validation, causing an immediate hardware trap and process crash. This vulnerability is fixed in 6.0.1698.0. | |
| CVE-2026-21996 | Low | 0.21 | 3.3 | 0.00 | May 1, 2026 | An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab() | |
| CVE-2026-3383 | Low | 0.21 | 3.3 | 0.00 | Mar 1, 2026 | A weakness has been identified in ChaiScript up to 6.1.0. This affects the function chaiscript::Boxed_Number::go of the file include/chaiscript/dispatchkit/boxed_number.hpp. Executing a manipulation can lead to divide by zero. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | |
| CVE-2025-15564 | Low | 0.21 | 3.3 | 0.00 | Feb 7, 2026 | A vulnerability has been found in Mapnik up to 4.2.0. This vulnerability affects the function mapnik::detail::mod<...>::operator of the file src/value.cpp. The manipulation leads to divide by zero. The attack needs to be performed locally. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | |
| CVE-2025-9649 | Low | 0.21 | 3.3 | 0.00 | Aug 29, 2025 | A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. Upgrading to version 4.5.3-beta3 is recommended to address this issue. It is advisable to upgrade the affected component. The vendor confirms in a GitHub issue reply: "Was able to reproduce in 6fcbf03 but NOT 4.5.3-beta3." | |
| CVE-2025-54873 | Low | 0.11 | — | 0.00 | Aug 6, 2025 | RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. RISC packages risc0-zkvm versions 2.0.0 through 2.1.0 and risc0-circuit-rv32im and risc0-circuit-rv32im-sys versions 2.0.0 through 2.0.4 contain vulnerabilities where signed integer division allows multiple outputs for certain inputs with only one being valid, and division by zero results are underconstrained. This issue is fixed in risc0-zkvm version 2.2.0 and version 3.0.0 for the risc0-circuit-rv32im and risc0-circuit-rv32im-sys packages. | |
| CVE-2010-4165 | 0.03 | — | 0.00 | Nov 22, 2010 | The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer. | ||
| CVE-2004-0804 | 0.02 | — | 0.19 | Nov 3, 2004 | Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452. | ||
| CVE-2014-9756 | 0.00 | — | 0.01 | Nov 19, 2015 | The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable. | ||
| CVE-2011-1012 | 0.00 | — | 0.00 | Mar 1, 2011 | The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux kernel before 2.6.38-rc6-git6 does not validate the VBLK size value in the VMDB structure in an LDM partition table, which allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted partition table. | ||
| CVE-2009-1887 | 0.00 | — | 0.01 | Jun 26, 2009 | agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309. | ||
| CVE-2006-5939 | 0.00 | — | 0.01 | Nov 16, 2006 | Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers a divide-by-zero error. NOTE: some of these details are obtained from third party information. |