CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-369

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-1010315 369 2019-07-11 2019-07-16
4.3
None Remote Medium Not required None None Partial
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig (dsdiff.c:282). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc.
2 CVE-2019-16228 369 2019-09-11 2019-10-12
5.0
None Remote Low Not required None None Partial
An issue was discovered in py-lmdb 0.97. There is a divide-by-zero error in the function mdb_env_open2 if mdb_env_read_header obtains a zero value for a certain size field. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.
3 CVE-2019-16168 369 2019-09-09 2019-09-26
5.0
None Remote Low Not required None None Partial
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
4 CVE-2019-15939 369 2019-09-05 2019-09-06
5.0
None Remote Low Not required None None Partial
An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.
5 CVE-2019-15133 369 2019-08-17 2019-08-29
4.3
None Remote Medium Not required None None Partial
In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.
6 CVE-2019-14981 369 DoS 2019-08-12 2019-08-16
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.
7 CVE-2019-14535 369 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file.
8 CVE-2019-14498 369 2019-08-29 2019-09-06
6.8
None Remote Medium Not required Partial Partial Partial
A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file.
9 CVE-2019-14494 369 2019-08-01 2019-08-12
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
10 CVE-2019-14443 369 DoS 2019-07-30 2019-07-31
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Libav 12.3. Division by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.
11 CVE-2019-14284 369 DoS 2019-07-26 2019-08-11
2.1
None Local Low Not required None None Partial
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default.
12 CVE-2019-14249 369 DoS 2019-07-24 2019-08-05
4.3
None Remote Medium Not required None None Partial
dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump.
13 CVE-2019-13454 369 2019-07-09 2019-08-21
4.3
None Remote Medium Not required None None Partial
ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
14 CVE-2019-13390 369 2019-07-07 2019-09-23
4.3
None Remote Medium Not required None None Partial
In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat/rawenc.c.
15 CVE-2019-13218 369 DoS 2019-08-15 2019-08-20
4.3
None Remote Medium Not required None None Partial
Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.
16 CVE-2019-11472 369 2019-04-23 2019-06-24
4.3
None Remote Medium Not required None None Partial
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.
17 CVE-2019-10023 369 2019-03-24 2019-06-27
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case.
18 CVE-2019-10021 369 2019-03-24 2019-06-27
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function ImageStream::ImageStream at Stream.cc for nComps.
19 CVE-2019-10019 369 2019-03-24 2019-06-27
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PSOutputDev::checkPageSlice at PSOutputDev.cc for nStripes.
20 CVE-2019-10018 369 2019-03-24 2019-06-27
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.
21 CVE-2019-9084 369 DoS 2019-06-07 2019-07-01
4.0
None Remote Low Single system None None Partial
In Hoteldruid before 2.3.1, a division by zero was discovered in $num_tabelle in tab_tariffe.php (aka the numtariffa1 parameter) due to the mishandling of non-numeric values, as demonstrated by the /tab_tariffe.php?anno=[YEAR]&numtariffa1=1a URI. It could allow an administrator to conduct remote denial of service (disrupting certain business functions of the product).
22 CVE-2018-20845 369 DoS 2019-06-26 2019-06-28
4.3
None Remote Medium Not required None None Partial
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
23 CVE-2018-20544 369 2018-12-28 2019-04-04
4.3
None Remote Medium Not required None None Partial
There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19.
24 CVE-2018-19872 369 2019-03-21 2019-04-24
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.
25 CVE-2018-19628 369 2018-11-28 2018-12-28
5.0
None Remote Low Not required None None Partial
In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.
26 CVE-2018-18521 369 DoS 2018-10-19 2019-06-10
4.3
None Remote Medium Not required None None Partial
Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled.
27 CVE-2018-18195 369 2018-10-09 2018-11-21
4.3
None Remote Medium Not required None None Partial
An issue discovered in libgig 4.1.0. There is an FPE (divide-by-zero error) in DLS::Sample::Sample in DLS.cpp.
28 CVE-2018-18190 369 2018-10-09 2018-11-23
4.3
None Remote Medium Not required None None Partial
An issue was discovered in GoPro gpmf-parser before 1.2.1. There is a divide-by-zero error in GPMF_ScaledData in GPMF_parser.c.
29 CVE-2018-18058 369 2019-05-24 2019-05-29
2.6
None Remote High Not required None None Partial
An issue was discovered in Bitdefender Engines before 7.76662. A vulnerability has been discovered in the iso.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a division-by-zero circumstance. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
30 CVE-2018-17438 369 DoS 2018-09-24 2018-11-09
4.3
None Remote Medium Not required None None Partial
A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
31 CVE-2018-17434 369 DoS 2018-09-24 2018-11-28
4.3
None Remote Medium Not required None None Partial
A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
32 CVE-2018-17237 369 2018-09-20 2018-11-21
4.3
None Remote Medium Not required None None Partial
A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207.
33 CVE-2018-17233 369 DoS 2018-09-20 2018-11-21
4.3
None Remote Medium Not required None None Partial
A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
34 CVE-2018-16523 369 2018-12-06 2019-01-03
5.8
None Remote Medium Not required Partial None Partial
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.
35 CVE-2018-14423 369 DoS 2018-07-19 2019-08-21
5.0
None Remote Low Not required None None Partial
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
36 CVE-2018-14395 369 DoS 2018-07-19 2018-09-12
4.3
None Remote Medium Not required None None Partial
libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format.
37 CVE-2018-14394 369 DoS 2018-07-19 2019-01-08
4.3
None Remote Medium Not required None None Partial
libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.
38 CVE-2018-13100 369 2018-07-03 2019-04-02
4.3
None Remote Medium Not required None None Partial
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error.
39 CVE-2018-11212 369 DoS 2018-05-16 2019-06-03
4.3
None Remote Medium Not required None None Partial
An issue was discovered in libjpeg 9a. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
40 CVE-2018-11207 369 DoS 2018-05-16 2018-08-29
4.3
None Remote Medium Not required None None Partial
A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
41 CVE-2018-11203 369 DoS 2018-05-16 2018-06-15
4.3
None Remote Medium Not required None None Partial
A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
42 CVE-2018-10016 369 2018-04-11 2018-05-17
4.3
None Remote Medium Not required None None Partial
Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file.
43 CVE-2018-9304 369 DoS 2018-04-04 2018-11-25
4.3
None Remote Medium Not required None None Partial
In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service.
44 CVE-2018-9018 369 DoS 2018-03-25 2018-10-18
4.3
None Remote Medium Not required None None Partial
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
45 CVE-2018-5804 369 2018-12-07 2018-12-28
4.3
None Remote Medium Not required None None Partial
A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero.
46 CVE-2018-2385 369 2018-02-14 2018-02-27
4.0
None Remote Low Single system None None Partial
Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.
47 CVE-2018-1152 369 DoS 2018-06-18 2019-05-08
4.3
None Remote Medium Not required None None Partial
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.
48 CVE-2017-1000414 369 DoS 2018-01-25 2018-02-08
5.0
None Remote Low Not required None None Partial
ImpulseAdventure JPEGsnoop version 1.7.5 is vulnerable to a division by zero in the JFIF decode handling resulting denial of service.
49 CVE-2017-18360 369 DoS 2019-01-31 2019-04-17
4.9
None Local Low Not required None None Complete
In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.
50 CVE-2017-18207 369 DoS 2018-03-01 2018-03-23
4.3
None Remote Medium Not required None None Partial
** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications "need to be prepared to handle a wide variety of exceptions."
Total number of vulnerabilities : 111   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.