Exploit Intelligence Platform – 370K+ CVEs, Ranked Exploits & EPSS Scores

CVE-2017-11464 7.8 HIGH 1 Writeup EPSS 0.00

GNOME librsvg <2.40.17 - Memory Corruption

A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero.

CWE-369 Jul 19, 2017

CVE-2016-9960 5.5 MEDIUM EPSS 0.00

Game-music-emu < 0.6.0 - Divide By Zero

game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).

CWE-369 Jun 06, 2017

CVE-2017-9344 7.5 HIGH EPSS 0.01

Wireshark <2.2.7 and <2.0.13 - DoS

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.

CWE-369 Jun 02, 2017

CVE-2017-9302 5.5 MEDIUM EPSS 0.00

RealPlayer 16.0.2.32 - DoS

RealPlayer 16.0.2.32 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp4 file.

CWE-369 May 29, 2017

CVE-2017-8542 5.5 MEDIUM EPSS 0.19

Microsoft Forefront Security < 1.1.13704.0 - Divide By Zero

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8536, CVE-2017-8537, and CVE-2017-8539.

CWE-119 May 26, 2017

CVE-2017-8539 5.5 MEDIUM EPSS 0.19

Microsoft Forefront Security < 1.1.13704.0 - Divide By Zero

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8536, CVE-2017-8537, and CVE-2017-8542.

CWE-119 May 26, 2017

CVE-2017-8537 5.5 MEDIUM 1 PoC Analysis EPSS 0.05

Microsoft Windows Defender - Divide By Zero

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8536, CVE-2017-8539, and CVE-2017-8542.

CWE-119 May 26, 2017

CVE-2017-8536 5.5 MEDIUM 1 PoC Analysis EPSS 0.05

Microsoft Windows Defender - Divide By Zero

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8535, CVE-2017-8537, CVE-2017-8539, and CVE-2017-8542.

CWE-119 May 26, 2017

CVE-2017-8535 5.5 MEDIUM 1 PoC Analysis EPSS 0.05

Microsoft Windows Defender - Divide By Zero

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerability than CVE-2017-8536, CVE-2017-8537, CVE-2017-8539, and CVE-2017-8542.

CWE-119 May 26, 2017

CVE-2017-9239 6.5 MEDIUM 1 Writeup EPSS 0.00

Exiv2 <0.26 - Memory Corruption

An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue_ to 0x0, and the value of pValue() is 0x0. TiffImageEntry::doWriteImage will use the value of pValue() to cause a segmentation fault. To exploit this vulnerability, someone must open a crafted tiff file.

CWE-369 May 26, 2017

CVE-2017-9202 6.5 MEDIUM 1 Writeup EPSS 0.00

ImageWorsener 1.3.1 - DoS

imagew-cmd.c:854:45 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c.

CWE-369 May 23, 2017

CVE-2017-9201 6.5 MEDIUM 1 Writeup EPSS 0.00

ImageWorsener 1.3.1 - DoS

imagew-cmd.c:850:46 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c.

CWE-369 May 23, 2017

CVE-2017-0603 4.7 MEDIUM EPSS 0.00

Google Android - Integer Overflow

A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35763994.

CWE-190 May 12, 2017

CVE-2017-8842 5.5 MEDIUM EPSS 0.00

Long Range Zip - Divide By Zero

The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted archive.

CWE-369 May 08, 2017

CVE-2016-7530 6.5 MEDIUM 1 Writeup EPSS 0.03

Imagemagick < 6.9.4-0 - Divide By Zero

The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.

CWE-369 Apr 20, 2017

CVE-2017-7962 5.5 MEDIUM 1 Writeup EPSS 0.01

Entropymine Imageworsener - Divide By Zero

The iwgif_read_image function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

CWE-369 Apr 19, 2017

CVE-2015-8504 6.5 MEDIUM EPSS 0.03

Qemu - DoS

Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.

CWE-369 Apr 11, 2017

CVE-2017-7598 7.8 HIGH EPSS 0.01

LibTIFF 4.0.7 - DoS

tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.

CWE-369 Apr 09, 2017

CVE-2017-7595 5.5 MEDIUM EPSS 0.00

LibTIFF 4.0.7 - DoS

The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.

CWE-369 Apr 09, 2017

CVE-2017-7448 5.5 MEDIUM 1 Writeup EPSS 0.00

Dropbox Lepton 1.2.1 - DoS

The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.

CWE-369 Apr 05, 2017

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps