Exploit Intelligence Platform – 370K+ CVEs, Ranked Exploits & EPSS Scores

CVE-2022-0856 6.5 MEDIUM EPSS 0.04

Libcaca - Divide By Zero

libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service

CWE-369 Mar 10, 2022

CVE-2022-23557 6.5 MEDIUM 1 Writeup EPSS 0.00

Google Tensorflow < 2.5.2 - Divide By Zero

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would trigger a division by zero in `BiasAndClamp` implementation. There is no check that the `bias_size` is non zero. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

CWE-369 Feb 04, 2022

CVE-2022-21741 6.5 MEDIUM 1 Writeup EPSS 0.00

Google Tensorflow < 2.5.2 - Divide By Zero

Tensorflow is an Open Source Machine Learning Framework. ### Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to determine the size of the padding that needs to be added before applying the convolution. There is no check before this division that the divisor is strictly positive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

CWE-369 Feb 03, 2022

CVE-2022-21735 6.5 MEDIUM 1 Writeup EPSS 0.00

Google Tensorflow < 2.5.2 - Divide By Zero

Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalMaxPool` can be made to crash a TensorFlow process via a division by 0. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

CWE-369 Feb 03, 2022

CVE-2022-21725 6.5 MEDIUM 1 Writeup EPSS 0.00

Google Tensorflow < 2.5.2 - Divide By Zero

Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure it is valid. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

CWE-369 Feb 03, 2022

CVE-2021-46244 6.5 MEDIUM EPSS 0.00

HDF5 <1.13.1-1 - DoS

A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).

CWE-369 Jan 21, 2022

CVE-2021-44917 5.5 MEDIUM EPSS 0.00

Gnuplot - Divide By Zero

A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash.

CWE-369 Dec 21, 2021

CVE-2020-23903 5.5 MEDIUM EPSS 0.00

Speex <1.2 - DoS

A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.

CWE-369 Nov 10, 2021

CVE-2021-41218 5.5 MEDIUM 1 Writeup EPSS 0.00

TensorFlow - Info Disclosure

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `AllToAll` can be made to execute a division by 0. This occurs whenever the `split_count` argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.

CWE-369 Nov 05, 2021

CVE-2021-41209 5.5 MEDIUM 1 Writeup EPSS 0.00

TensorFlow - Info Disclosure

TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.

CWE-369 Nov 05, 2021

CVE-2021-41207 5.5 MEDIUM 1 Writeup EPSS 0.00

TensorFlow - Info Disclosure

TensorFlow is an open source platform for machine learning. In affected versions the implementation of `ParallelConcat` misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.

CWE-369 Nov 05, 2021

CVE-2020-23567 5.5 MEDIUM 1 Writeup EPSS 0.00

Irfanview v4.53 - DoS

Irfanview v4.53 allows attackers to to cause a denial of service (DoS) via a crafted JPEG 2000 file. Related to "Integer Divide By Zero starting at JPEG2000!ShowPlugInSaveOptions_W+0x00000000000082ea"

CWE-369 Nov 05, 2021

CVE-2020-20892 8.8 HIGH EPSS 0.00

Ffmpeg - Divide By Zero

An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a division by zero.

CWE-369 Sep 20, 2021

CVE-2021-36692 6.5 MEDIUM EPSS 0.00

Libjxl - Divide By Zero

libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codec_apng.cc jxl::DecodeImageAPNG(). When encoding a malicous APNG file using cjxl, an attacker can trigger a denial of service.

CWE-369 Aug 30, 2021

CVE-2020-18774 6.5 MEDIUM EPSS 0.00

Exiv2 <0.27.99.0 - DoS

A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file.

CWE-369 Aug 23, 2021

CVE-2021-37691 5.5 MEDIUM 1 Writeup EPSS 0.00