Common Weakness Enumeration

CWE-369

Allowed

Divide By Zero

Abstraction: Base · Status: Draft

The product divides a value by zero.

577 vulnerabilities reference this CWE, most recent first.

GHSA-6JJ7-2576-P556

Vulnerability from github – Published: 2026-01-28 21:31 – Updated: 2026-01-29 21:30
VLAI
Details

A floating point exception (FPE) in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-71005"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-28T21:16:09Z",
    "severity": "MODERATE"
  },
  "details": "A floating point exception (FPE) in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.",
  "id": "GHSA-6jj7-2576-p556",
  "modified": "2026-01-29T21:30:30Z",
  "published": "2026-01-28T21:31:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71005"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Oneflow-Inc/oneflow/issues/10654"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Daisy2ang"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6JJ7-XF98-RXHG

Vulnerability from github – Published: 2026-06-01 00:30 – Updated: 2026-06-01 00:30
VLAI
Details

A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Applying a patch is advised to resolve this issue. The project tagged the reported issue as bug.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-10201"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-01T00:16:41Z",
    "severity": "LOW"
  },
  "details": "A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Applying a patch is advised to resolve this issue. The project tagged the reported issue as bug.",
  "id": "GHSA-6jj7-xf98-rxhg",
  "modified": "2026-06-01T00:30:22Z",
  "published": "2026-06-01T00:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10201"
    },
    {
      "type": "WEB",
      "url": "https://github.com/assimp/assimp/issues/6613"
    },
    {
      "type": "WEB",
      "url": "https://github.com/assimp/assimp"
    },
    {
      "type": "WEB",
      "url": "https://github.com/user-attachments/files/27153727/poc.zip"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/cve/CVE-2026-10201"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/821182"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/367481"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/367481/cti"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6Q3P-M444-94QP

Vulnerability from github – Published: 2025-03-21 15:31 – Updated: 2025-03-21 15:31
VLAI
Details

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply a patch to fix this issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-2591"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-21T14:15:16Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply a patch to fix this issue.",
  "id": "GHSA-6q3p-m444-94qp",
  "modified": "2025-03-21T15:31:15Z",
  "published": "2025-03-21T15:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2591"
    },
    {
      "type": "WEB",
      "url": "https://github.com/assimp/assimp/issues/6009"
    },
    {
      "type": "WEB",
      "url": "https://github.com/assimp/assimp/issues/6009#issue-2877367021"
    },
    {
      "type": "WEB",
      "url": "https://github.com/assimp/assimp/pull/6047"
    },
    {
      "type": "WEB",
      "url": "https://github.com/assimp/assimp/pull/6047/commits/ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.300574"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.300574"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.517781"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6Q5H-Q7W3-MF7C

Vulnerability from github – Published: 2022-05-04 00:28 – Updated: 2025-04-11 03:57
VLAI
Details

The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2012-0207"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-05-17T11:00:00Z",
    "severity": "HIGH"
  },
  "details": "The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.",
  "id": "GHSA-6q5h-q7w3-mf7c",
  "modified": "2025-04-11T03:57:43Z",
  "published": "2022-05-04T00:28:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0207"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/25c413ad0029ea86008234be28aee33456e53e5b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=772867"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654876"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2012/01/10/5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6V2F-3V36-M3VQ

Vulnerability from github – Published: 2022-05-14 01:30 – Updated: 2022-05-14 01:30
VLAI
Details

In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows division by zero.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-7156"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-01-29T08:29:00Z",
    "severity": "MODERATE"
  },
  "details": "In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows division by zero.",
  "id": "GHSA-6v2f-3v36-m3vq",
  "modified": "2022-05-14T01:30:36Z",
  "published": "2022-05-14T01:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7156"
    },
    {
      "type": "WEB",
      "url": "https://github.com/uvoteam/libdoc/issues/5"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106813"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6V49-9GJ6-JWWC

Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2025-04-20 03:49
VLAI
Details

The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-17381"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-12-07T02:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.",
  "id": "GHSA-6v49-9gj6-jwwc",
  "modified": "2025-04-20T03:49:36Z",
  "published": "2022-05-13T01:13:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17381"
    },
    {
      "type": "WEB",
      "url": "https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg00166.html"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3575-1"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2018/dsa-4213"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2017/12/05/2"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102059"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6W33-G59H-852H

Vulnerability from github – Published: 2023-06-03 00:30 – Updated: 2024-04-04 04:31
VLAI
Details

An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code.

This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-3044"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-02T23:15:09Z",
    "severity": "LOW"
  },
  "details": "An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf\u0027s text extraction code.\n\n\n\n\nThis is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.\n\n\n",
  "id": "GHSA-6w33-g59h-852h",
  "modified": "2024-04-04T04:31:06Z",
  "published": "2023-06-03T00:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3044"
    },
    {
      "type": "WEB",
      "url": "https://github.com/baker221/poc-xpdf"
    },
    {
      "type": "WEB",
      "url": "https://www.xpdfreader.com/security-bug/CVE-2023-3044.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6XX8-4XH5-JH9W

Vulnerability from github – Published: 2022-05-24 19:08 – Updated: 2022-05-24 19:08
VLAI
Details

A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-27845"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-15T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c",
  "id": "GHSA-6xx8-4xh5-jh9w",
  "modified": "2022-05-24T19:08:11Z",
  "published": "2022-05-24T19:08:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27845"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jasper-software/jasper/issues/194"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-746F-27CQ-G8FJ

Vulnerability from github – Published: 2022-05-17 02:20 – Updated: 2022-05-17 02:20
VLAI
Details

The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mid file. NOTE: a crash might be relevant when using the --background option.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-11546"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-31T13:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mid file. NOTE: a crash might be relevant when using the --background option.",
  "id": "GHSA-746f-27cq-g8fj",
  "modified": "2022-05-17T02:20:33Z",
  "published": "2022-05-17T02:20:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11546"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2017/Jul/83"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-747G-7PF6-5Q6P

Vulnerability from github – Published: 2025-09-24 15:31 – Updated: 2025-09-24 15:31
VLAI
Details

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-23273"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-24T14:15:47Z",
    "severity": "LOW"
  },
  "details": "NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.",
  "id": "GHSA-747g-7pf6-5q6p",
  "modified": "2025-09-24T15:31:13Z",
  "published": "2025-09-24T15:31:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23273"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5661"
    },
    {
      "type": "WEB",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23273"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.