CVE & Exploit Intelligence Database

Updated 1h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

338,223 CVEs tracked 53,274 with exploits 4,730 exploited in wild 1,542 CISA KEV 3,929 Nuclei templates 37,826 vendors 42,555 researchers
416 results Clear all
CVE-2021-27550 5.5 MEDIUM EPSS 0.00
Polaris Office <9.102.66 - DoS
Polaris Office v9.102.66 is affected by a divide-by-zero error in PolarisOffice.exe and EngineDLL.dll that may cause a local denial of service. To exploit the vulnerability, someone must open a crafted PDF file.
CWE-369 Feb 23, 2021
CVE-2020-12371 5.5 MEDIUM EPSS 0.00
Intel Graphics Drivers < 26.20.100.8141 - Divide By Zero
Divide by zero in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.
CWE-369 Feb 17, 2021
CVE-2021-20176 5.5 MEDIUM EPSS 0.00
Imagemagick < 6.9.11-57 - Divide By Zero
A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero. The highest threat from this vulnerability is to system availability.
CWE-369 Feb 06, 2021
CVE-2020-11145 7.5 HIGH EPSS 0.00
Qualcomm Apq8009 - Divide By Zero
Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE-369 Jan 21, 2021
CVE-2020-27756 5.5 MEDIUM EPSS 0.00
Imagemagick < 6.9.10-69 - Divide By Zero
In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact application availability. The patch uses multiplication in addition to the function `PerceptibleReciprocal()` in order to prevent such divide-by-zero conditions. This flaw affects ImageMagick versions prior to 7.0.9-0.
CWE-369 Dec 08, 2020
CVE-2020-27750 5.5 MEDIUM EPSS 0.00
Imagemagick < 6.9.10-68 - Divide By Zero
A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` and math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68.
CWE-369 Dec 08, 2020
CVE-2020-27773 3.3 LOW EPSS 0.00
Imagemagick < 6.9.10-69 - Divide By Zero
A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
CWE-369 Dec 04, 2020
CVE-2020-27765 3.3 LOW EPSS 0.00
Imagemagick < 6.9.10-69 - Divide By Zero
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
CWE-369 Dec 04, 2020
CVE-2020-27763 3.3 LOW EPSS 0.00
Imagemagick < 6.9.10-68 - Divide By Zero
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68.
CWE-369 Dec 03, 2020
CVE-2020-27760 5.5 MEDIUM EPSS 0.00
Imagemagick < 6.9.10-68 - Divide By Zero
In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciprocal()` to prevent the divide-by-zero from occurring. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68.
CWE-369 Dec 03, 2020
CVE-2020-25708 7.5 HIGH EPSS 0.01
Libvncserver - Divide By Zero
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.
CWE-369 Nov 27, 2020
CVE-2020-27560 3.3 LOW 1 Writeup EPSS 0.00
ImageMagick 7.0.10-34 - DoS
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
CWE-369 Oct 22, 2020
CVE-2020-16161 7.5 HIGH 1 Writeup EPSS 0.01
Gopro Gpmf-parser - Divide By Zero
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_ScaledData(). Parsing malicious input can result in a crash.
CWE-369 Oct 19, 2020
CVE-2020-16160 7.5 HIGH 1 Writeup EPSS 0.00
Gopro Gpmf-parser - Divide By Zero
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Decompress(). Parsing malicious input can result in a crash.
CWE-369 Oct 19, 2020
CVE-2020-14415 3.3 LOW EPSS 0.00
Qemu < 5.0.0 - Divide By Zero
oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.
CWE-369 Aug 27, 2020
CVE-2020-16310 5.5 MEDIUM EPSS 0.02
Artifex Ghostscript - Divide By Zero
A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CWE-369 Aug 13, 2020
CVE-2020-16299 5.5 MEDIUM EPSS 0.01
Artifex Ghostscript < 9.52 - Divide By Zero
A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CWE-369 Aug 13, 2020
CVE-2020-12767 5.5 MEDIUM EPSS 0.00
libexif 0.6.21 - Info Disclosure
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
CWE-369 May 09, 2020
CVE-2019-19888 6.5 MEDIUM EPSS 0.00
Rockcarry Ffjpeg < 2019-08-21 - Divide By Zero
jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error.
CWE-369 Dec 18, 2019
CVE-2019-5637 7.5 HIGH EPSS 0.01
Beckhoff Twincat - Divide By Zero
When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a malformed UDP packet to the device. This issue affects TwinCAT 2 version 2304 (and prior) and TwinCAT 3.1 version 4204.0 (and prior).
CWE-369 Nov 21, 2019

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-4105: systemd-machined Privilege Escalation - 72 Minutes from Drop to Bypass
Mar 13, 2026
CVE-2026-28391: OpenClaw Command Injection - The Day I Hacked Myself
Mar 09, 2026
Introducing FuzzForge: Autonomous Source-Code Fuzzing - Finding Bugs in nginx in 112 Minutes
Mar 08, 2026
CVE-2025-68670 Part 2: From Crash to RCE - The One That Fought Back (and Lost)
Mar 04, 2026
CVE-2025-68670: Pre-Auth xrdp Overflow - The One Where the Protocol Fought Back
Mar 04, 2026
CVE-2025-62507: Redis Stack Overflow to RCE in 68 Minutes - Then We Turned ASLR On
Mar 03, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-37288 CRITICAL
Elastic Kibana - Insecure Deserialization
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
 View all labs →

KEV Gaps

CVE-2026-3910
Google Chrome <146.0.7680.75 - RCE
 CVE-2026-3909
Google Chrome < 146.0.7680.75 - Out-of-Bounds Access
 CVE-2026-1603
Ivanti Endpoint Manager < 2024 - Authentication Bypass
 CVE-2023-43000
macOS Ventura <13.5-iPadOS <16.6-Safari <16.6 - Use After Free
 CVE-2021-30952
tvOS <15.2 - RCE
 CVE-2021-22681
Rockwell Automation Studio 5000 <21 - Path Traversal
 CVE-2026-22719
VMware Aria Operations - Command Injection
 CVE-2026-25108
FileZen - Command Injection
 CVE-2026-22769
Dell RecoverPoint <6.0.3.1 HF1 - Auth Bypass
 CVE-2021-22175
Gitlab < 13.6.7 - SSRF
 CVE-2024-7694
Teamt5 Threatsonar Anti-ransomware < 3.5.0 - Unrestricted File Upload
 CVE-2020-7796
Zimbra Collaboration Suite <8.8.15 Patch 7 - SSRF