CVE & Exploit Intelligence Database

CVE-2016-10219 5.5 MEDIUM EPSS 0.01

The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

CWE-369 Apr 03, 2017

CVE-2016-9922 5.5 MEDIUM EPSS 0.00

The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.

CWE-369 Mar 27, 2017

CVE-2016-10267 5.5 MEDIUM EPSS 0.00

LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8.

CWE-369 Mar 24, 2017

CVE-2016-10266 5.5 MEDIUM EPSS 0.01

LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22.

CWE-369 Mar 24, 2017

CVE-2016-9265 5.5 MEDIUM EPSS 0.00

The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file.

CWE-369 Mar 23, 2017

CVE-2016-10053 5.5 MEDIUM EPSS 0.00

The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

CWE-369 Mar 23, 2017

CVE-2017-6835 5.5 MEDIUM EPSS 0.04

The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.

CWE-369 Mar 20, 2017

CVE-2017-6833 5.5 MEDIUM EPSS 0.06

The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.

CWE-369 Mar 20, 2017

CVE-2016-7499 5.5 MEDIUM EPSS 0.01

The sbr_make_f_master function in aacsbr.c in Libav 11.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file.

CWE-369 Feb 15, 2017

CVE-2016-8692 5.5 MEDIUM 1 Writeup EPSS 0.00

The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command.

CWE-369 Feb 15, 2017

CVE-2016-8691 5.5 MEDIUM 1 Writeup EPSS 0.00

The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.

CWE-369 Feb 15, 2017

CVE-2017-5844 5.5 MEDIUM EPSS 0.01

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.

CWE-369 Feb 09, 2017

CVE-2017-5837 5.5 MEDIUM EPSS 0.01

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.

CWE-369 Feb 09, 2017

CVE-2016-4797 5.5 MEDIUM EPSS 0.00

Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947.

CWE-369 Feb 03, 2017

CVE-2016-8697 5.5 MEDIUM EPSS 0.00

The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image.

CWE-369 Jan 31, 2017

CVE-2016-5323 7.5 HIGH EPSS 0.01

The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image.

CWE-369 Jan 20, 2017

CVE-2016-9921 6.5 MEDIUM EPSS 0.00

Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS.

CWE-369 Dec 23, 2016

CVE-2015-3418 7.5 HIGH EPSS 0.00

The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request.

CWE-369 Dec 13, 2016

CVE-2016-8669 6.0 MEDIUM EPSS 0.00

The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base.

CWE-369 Nov 04, 2016

CVE-2016-8667 6.0 MEDIUM EPSS 0.00

The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value.

CWE-369 Nov 04, 2016