CWE-369: Divide By Zero — known CVE vulnerabilities
CVEs classified under CWE-369 (Divide By Zero), ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2021-32494 — CVSS 10.0 (critical): Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs…
CVE-2020-20892 — CVSS 8.8 (high): An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of…
CVE-2025-4637: Divide By Zero vulnerability in davisking dlib allows remote attackers to cause a denial of service via a crafted file. .This issue affects…
CVE-2026-37232 — CVSS 8.6 (high): An issue was discovered in OpenAirInterface5G 2.4.0 (nr-softmodem) in the E2SM-KPM RAN Function's PRB utilization metric calculation. The…
CVE-2024-26945 — CVSS 8.4 (high): In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix nr_cpus < nr_iaa case If nr_cpus < nr_iaa, the…
CVE-2019-14535 — CVSS 7.8 (high): A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be…
CVE-2019-14498 — CVSS 7.8 (high): A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be…
CVE-2017-11464 — CVSS 7.8 (high): A SIGFPE is raised in the function box_blur_line of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file…
CVE-2017-7598 — CVSS 7.8 (high): tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a…
CVE-2006-5939 — CVSS 7.8 (high): Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers a…
CVE-2026-33593 — CVSS 7.5 (high): A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query.
CVE-2026-35215 — CVSS 7.5 (high): Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the sdl_desc() function…
CVE-2026-5747 — CVSS 7.5 (high): An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x86_64 and aarch64 might allow…
CVE-2025-65409 — CVSS 7.5 (high): A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service (DoS) via…
CVE-2025-23321 — CVSS 7.5 (high): NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a divide by zero issue by issuing an…
CVE-2025-54581 — CVSS 7.5 (high): vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP…
CVE-2025-0317 — CVSS 7.5 (high): A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama…
CVE-2024-8063 — CVSS 7.5 (high): A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted…
CVE-2024-56073 — CVSS 7.5 (high): An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause…
CVE-2023-51107 — CVSS 7.5 (high): A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in functon compute_color() of jquant2.c…
CVE-2023-51106 — CVSS 7.5 (high): A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function pnm_binary_read_image() of load-pnm.c…
CVE-2023-51105 — CVSS 7.5 (high): A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function bmp_decompress_rle4() of…
CVE-2023-51104 — CVSS 7.5 (high): A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function pnm_binary_read_image() of…
CVE-2023-51103 — CVSS 7.5 (high): A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in the function fz_new_pixmap_from_float_da…
CVE-2023-46849 — CVSS 7.5 (high): Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero…
CVE-2021-40211 — CVSS 7.5 (high): An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c.
CVE-2022-47525 — CVSS 7.5 (high): Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a Divide-by-Zero vulnerability in the packet parser. A remote attacker could…
CVE-2023-23109 — CVSS 7.5 (high): In crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a divide by zero fault in the…
CVE-2021-33654 — CVSS 7.5 (high): When performing the initialization operation of the Split operator, if a dimension in the input shape is 0, it will cause a division by 0…
CVE-2021-33653 — CVSS 7.5 (high): When performing the derivation shape operation of the SpaceToBatch operator, if there is a value of 0 in the parameter block_shape element…
CVE-2021-33652 — CVSS 7.5 (high): When the Reduce operator run operation is executed, if there is a value of 0 in the parameter axis_sizes element, it will cause a division…
CVE-2021-33651 — CVSS 7.5 (high): When performing the analytical operation of the DepthwiseConv2D operator, if the attribute depth_multiplier is 0, it will cause a division…
CVE-2021-44500 — CVSS 7.5 (high): An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to eb_div in…
CVE-2021-20311 — CVSS 7.5 (high): A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c…
CVE-2021-20310 — CVSS 7.5 (high): A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may…
CVE-2021-20309 — CVSS 7.5 (high): A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of…
CVE-2020-11145 — CVSS 7.5 (high): Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in…
CVE-2020-25708 — CVSS 7.5 (high): A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted…
CVE-2020-16161 — CVSS 7.5 (high): GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_ScaledData(). Parsing malicious input can result in a crash.
CVE-2020-16160 — CVSS 7.5 (high): GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Decompress(). Parsing malicious input can result in a crash.
CVE-2019-5637 — CVSS 7.5 (high): When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a…