CWE-369
AllowedDivide By Zero
Abstraction: Base · Status: Draft
The product divides a value by zero.
577 vulnerabilities reference this CWE, most recent first.
GHSA-6JJ7-2576-P556
Vulnerability from github – Published: 2026-01-28 21:31 – Updated: 2026-01-29 21:30A floating point exception (FPE) in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
{
"affected": [],
"aliases": [
"CVE-2025-71005"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-28T21:16:09Z",
"severity": "MODERATE"
},
"details": "A floating point exception (FPE) in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.",
"id": "GHSA-6jj7-2576-p556",
"modified": "2026-01-29T21:30:30Z",
"published": "2026-01-28T21:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71005"
},
{
"type": "WEB",
"url": "https://github.com/Oneflow-Inc/oneflow/issues/10654"
},
{
"type": "WEB",
"url": "https://github.com/Daisy2ang"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6JJ7-XF98-RXHG
Vulnerability from github – Published: 2026-06-01 00:30 – Updated: 2026-06-01 00:30A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Applying a patch is advised to resolve this issue. The project tagged the reported issue as bug.
{
"affected": [],
"aliases": [
"CVE-2026-10201"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-01T00:16:41Z",
"severity": "LOW"
},
"details": "A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Applying a patch is advised to resolve this issue. The project tagged the reported issue as bug.",
"id": "GHSA-6jj7-xf98-rxhg",
"modified": "2026-06-01T00:30:22Z",
"published": "2026-06-01T00:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10201"
},
{
"type": "WEB",
"url": "https://github.com/assimp/assimp/issues/6613"
},
{
"type": "WEB",
"url": "https://github.com/assimp/assimp"
},
{
"type": "WEB",
"url": "https://github.com/user-attachments/files/27153727/poc.zip"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-10201"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/821182"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/367481"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/367481/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-6Q3P-M444-94QP
Vulnerability from github – Published: 2025-03-21 15:31 – Updated: 2025-03-21 15:31A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply a patch to fix this issue.
{
"affected": [],
"aliases": [
"CVE-2025-2591"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-21T14:15:16Z",
"severity": "MODERATE"
},
"details": "A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply a patch to fix this issue.",
"id": "GHSA-6q3p-m444-94qp",
"modified": "2025-03-21T15:31:15Z",
"published": "2025-03-21T15:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2591"
},
{
"type": "WEB",
"url": "https://github.com/assimp/assimp/issues/6009"
},
{
"type": "WEB",
"url": "https://github.com/assimp/assimp/issues/6009#issue-2877367021"
},
{
"type": "WEB",
"url": "https://github.com/assimp/assimp/pull/6047"
},
{
"type": "WEB",
"url": "https://github.com/assimp/assimp/pull/6047/commits/ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.300574"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.300574"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.517781"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-6Q5H-Q7W3-MF7C
Vulnerability from github – Published: 2022-05-04 00:28 – Updated: 2025-04-11 03:57The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.
{
"affected": [],
"aliases": [
"CVE-2012-0207"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-05-17T11:00:00Z",
"severity": "HIGH"
},
"details": "The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.",
"id": "GHSA-6q5h-q7w3-mf7c",
"modified": "2025-04-11T03:57:43Z",
"published": "2022-05-04T00:28:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0207"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/25c413ad0029ea86008234be28aee33456e53e5b"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772867"
},
{
"type": "WEB",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654876"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27"
},
{
"type": "WEB",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2012/01/10/5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6V2F-3V36-M3VQ
Vulnerability from github – Published: 2022-05-14 01:30 – Updated: 2022-05-14 01:30In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows division by zero.
{
"affected": [],
"aliases": [
"CVE-2019-7156"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-29T08:29:00Z",
"severity": "MODERATE"
},
"details": "In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows division by zero.",
"id": "GHSA-6v2f-3v36-m3vq",
"modified": "2022-05-14T01:30:36Z",
"published": "2022-05-14T01:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7156"
},
{
"type": "WEB",
"url": "https://github.com/uvoteam/libdoc/issues/5"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106813"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6V49-9GJ6-JWWC
Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2025-04-20 03:49The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.
{
"affected": [],
"aliases": [
"CVE-2017-17381"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-12-07T02:29:00Z",
"severity": "MODERATE"
},
"details": "The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.",
"id": "GHSA-6v49-9gj6-jwwc",
"modified": "2025-04-20T03:49:36Z",
"published": "2022-05-13T01:13:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17381"
},
{
"type": "WEB",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg00166.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3575-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4213"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/12/05/2"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102059"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6W33-G59H-852H
Vulnerability from github – Published: 2023-06-03 00:30 – Updated: 2024-04-04 04:31An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code.
This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.
{
"affected": [],
"aliases": [
"CVE-2023-3044"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-02T23:15:09Z",
"severity": "LOW"
},
"details": "An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf\u0027s text extraction code.\n\n\n\n\nThis is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.\n\n\n",
"id": "GHSA-6w33-g59h-852h",
"modified": "2024-04-04T04:31:06Z",
"published": "2023-06-03T00:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3044"
},
{
"type": "WEB",
"url": "https://github.com/baker221/poc-xpdf"
},
{
"type": "WEB",
"url": "https://www.xpdfreader.com/security-bug/CVE-2023-3044.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-6XX8-4XH5-JH9W
Vulnerability from github – Published: 2022-05-24 19:08 – Updated: 2022-05-24 19:08A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c
{
"affected": [],
"aliases": [
"CVE-2021-27845"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-15T16:15:00Z",
"severity": "MODERATE"
},
"details": "A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c",
"id": "GHSA-6xx8-4xh5-jh9w",
"modified": "2022-05-24T19:08:11Z",
"published": "2022-05-24T19:08:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27845"
},
{
"type": "WEB",
"url": "https://github.com/jasper-software/jasper/issues/194"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-746F-27CQ-G8FJ
Vulnerability from github – Published: 2022-05-17 02:20 – Updated: 2022-05-17 02:20The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mid file. NOTE: a crash might be relevant when using the --background option.
{
"affected": [],
"aliases": [
"CVE-2017-11546"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-07-31T13:29:00Z",
"severity": "MODERATE"
},
"details": "The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mid file. NOTE: a crash might be relevant when using the --background option.",
"id": "GHSA-746f-27cq-g8fj",
"modified": "2022-05-17T02:20:33Z",
"published": "2022-05-17T02:20:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11546"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2017/Jul/83"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-747G-7PF6-5Q6P
Vulnerability from github – Published: 2025-09-24 15:31 – Updated: 2025-09-24 15:31NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.
{
"affected": [],
"aliases": [
"CVE-2025-23273"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-24T14:15:47Z",
"severity": "LOW"
},
"details": "NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.",
"id": "GHSA-747g-7pf6-5q6p",
"modified": "2025-09-24T15:31:13Z",
"published": "2025-09-24T15:31:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23273"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5661"
},
{
"type": "WEB",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23273"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.