CVE & Exploit Intelligence Database

CVE-2019-16228 7.5 HIGH 1 Writeup EPSS 0.00

An issue was discovered in py-lmdb 0.97. There is a divide-by-zero error in the function mdb_env_open2 if mdb_env_read_header obtains a zero value for a certain size field. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

CWE-369 Sep 11, 2019

CVE-2019-16168 6.5 MEDIUM EPSS 0.01

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."

CWE-369 Sep 09, 2019

CVE-2019-15939 5.9 MEDIUM EPSS 0.01

An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.

CWE-369 Sep 05, 2019

CVE-2019-14535 7.8 HIGH EPSS 0.00

A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file.

CWE-369 Aug 29, 2019

CVE-2019-14498 7.8 HIGH EPSS 0.00

A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file.

CWE-369 Aug 29, 2019

CVE-2019-15133 6.5 MEDIUM EPSS 0.00

In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.

CWE-369 Aug 17, 2019

CVE-2019-13218 5.5 MEDIUM 1 Writeup EPSS 0.00

Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.

CWE-369 Aug 15, 2019

CVE-2019-14981 6.5 MEDIUM 2 Writeups EPSS 0.01

In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.

CWE-369 Aug 12, 2019

CVE-2019-14494 7.5 HIGH EPSS 0.02

An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.

CWE-369 Aug 01, 2019

CVE-2019-14443 6.5 MEDIUM EPSS 0.01

An issue was discovered in Libav 12.3. Division by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.

CWE-369 Jul 30, 2019

CVE-2019-14284 6.2 MEDIUM 1 Writeup EPSS 0.00

In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default.

CWE-369 Jul 26, 2019

CVE-2019-14249 6.5 MEDIUM EPSS 0.00

dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump.

CWE-369 Jul 24, 2019

CVE-2019-1010315 5.5 MEDIUM 1 Writeup EPSS 0.01

WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig (dsdiff.c:282). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc.

CWE-369 Jul 11, 2019

CVE-2019-13454 6.5 MEDIUM 2 Writeups EPSS 0.00

ImageMagick 7.0.1-0 to 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.

CWE-369 Jul 09, 2019

CVE-2019-13390 6.5 MEDIUM EPSS 0.00

In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat/rawenc.c.

CWE-369 Jul 07, 2019

CVE-2018-20845 6.5 MEDIUM EPSS 0.01

Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).

CWE-369 Jun 26, 2019

CVE-2019-9084 4.9 MEDIUM EPSS 0.01

In Hoteldruid before 2.3.1, a division by zero was discovered in $num_tabelle in tab_tariffe.php (aka the numtariffa1 parameter) due to the mishandling of non-numeric values, as demonstrated by the /tab_tariffe.php?anno=[YEAR]&numtariffa1=1a URI. It could allow an administrator to conduct remote denial of service (disrupting certain business functions of the product).

CWE-369 Jun 07, 2019

CVE-2018-18058 5.3 MEDIUM EPSS 0.00

An issue was discovered in Bitdefender Engines before 7.76662. A vulnerability has been discovered in the iso.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a division-by-zero circumstance. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

CWE-369 May 24, 2019

CVE-2019-11472 6.5 MEDIUM 1 Writeup EPSS 0.00

ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.

CWE-369 Apr 23, 2019

CVE-2019-10026 5.5 MEDIUM EPSS 0.00

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case.

CWE-369 Mar 25, 2019