Total
413 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-3383 | 1 Chaiscript | 1 Chaiscript | 2026-03-05 | 1.7 LOW | 3.3 LOW |
|
A weakness has been identified in ChaiScript up to 6.1.0. This affects the function chaiscript::Boxed_Number::go of the file include/chaiscript/dispatchkit/boxed_number.hpp. Executing a manipulation can lead to divide by zero. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
|
|||||
| CVE-2026-20057 | 2026-03-05 | N/A | 5.8 MEDIUM | ||
|
Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications (VBA) feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash.
This vulnerability is due to lack of proper error checking when decompressing VBA data. An attacker could exploit this vulnerability by sending a crafted VBA data to the Snort 3 Detection Engine on the targeted device. A successful exploit could allow the attacker to ...
Show More |
|||||
| CVE-2025-65887 | 1 Oneflow | 1 Oneflow | 2026-02-28 | N/A | 6.5 MEDIUM |
|
A division-by-zero vulnerability in the flow.floor_divide() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input tensor with zero.
|
|||||
| CVE-2025-15564 | 1 Mapnik | 1 Mapnik | 2026-02-28 | 1.7 LOW | 3.3 LOW |
|
A vulnerability has been found in Mapnik up to 4.2.0. This vulnerability affects the function mapnik::detail::mod<...>::operator of the file src/value.cpp. The manipulation leads to divide by zero. The attack needs to be performed locally. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
|
|||||
| CVE-2025-39954 | 1 Linux | 1 Linux Kernel | 2026-02-26 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
clk: sunxi-ng: mp: Fix dual-divider clock rate readback
When dual-divider clock support was introduced, the P divider offset was
left out of the .recalc_rate readback function. This causes the clock
rate to become bogus or even zero (possibly due to the P divider being
1, leading to a divide-by-zero).
Fix this by incorporating the P divider offset into the calculation.
|
|||||
| CVE-2026-25799 | 1 Imagemagick | 1 Imagemagick | 2026-02-24 | N/A | 5.3 MEDIUM |
|
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resulting in a reliable denial-of-service. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
|
|||||
| CVE-2025-71002 | 1 Oneflow | 1 Oneflow | 2026-02-03 | N/A | 6.5 MEDIUM |
|
A floating-point exception (FPE) in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2025-71005 | 1 Oneflow | 1 Oneflow | 2026-02-03 | N/A | 6.5 MEDIUM |
|
A floating point exception (FPE) in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2025-71006 | 1 Oneflow | 1 Oneflow | 2026-02-03 | N/A | 6.5 MEDIUM |
|
A floating point exception (FPE) in the oneflow.reshape component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2025-48754 | 1 Fractalfir | 1 Memory Pages | 2026-01-30 | N/A | 2.9 LOW |
|
In the memory_pages crate 0.1.0 for Rust, division by zero can occur.
|
|||||
| CVE-2026-24826 | 2026-01-27 | N/A | N/A | ||
|
Out-of-bounds Write, Divide By Zero, NULL Pointer Dereference, Use of Uninitialized Resource, Out-of-bounds Read, Reachable Assertion vulnerability in cadaver turso3d.This issue affects .
|
|||||
| CVE-2021-28856 | 1 Entropymine | 1 Deark | 2026-01-26 | 4.3 MEDIUM | 5.5 MEDIUM |
|
In Deark before v1.5.8, a specially crafted input file can cause a division by zero in (src/fmtutil.c) because of the value of pixelsize.
|
|||||
| CVE-2024-36905 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-01-22 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
TCP_SYN_RECV state is really special, it is only used by
cross-syn connections, mostly used by fuzzers.
In the following crash [1], syzbot managed to trigger a divide
by zero in tcp_rcv_space_adjust()
A socket makes the following state transitions,
without ever calling tcp_init_transfer(),
meaning tcp_init_buffer_space() is also not called.
TCP_CLOSE
conne ...
Show More |
|||||
| CVE-2025-39916 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-01-16 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters()
When creating a new scheme of DAMON_RECLAIM, the calculation of
'min_age_region' uses 'aggr_interval' as the divisor, which may lead to
division-by-zero errors. Fix it by directly returning -EINVAL when such a
case occurs.
|
|||||
| CVE-2025-39909 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-01-16 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters()
Patch series "mm/damon: avoid divide-by-zero in DAMON module's parameters
application".
DAMON's RECLAIM and LRU_SORT modules perform no validation on
user-configured parameters during application, which may lead to
division-by-zero errors.
Avoid the divide-by-zero by adding validation checks when DAMON modules
attempt to apply the parameters.
This ...
Show More |
|||||
| CVE-2026-21495 | 1 Color | 1 Iccdev | 2026-01-09 | N/A | 5.5 MEDIUM |
|
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to division by zero in the TIFF Image Reader. This issue has been patched in version 2.3.1.2.
|
|||||
| CVE-2025-65409 | 1 Gnu | 1 Recutils | 2026-01-09 | N/A | 7.5 HIGH |
|
A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service (DoS) via inputting an empty value as a password.
|
|||||
| CVE-2025-39742 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-01-09 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()
The function divides number of online CPUs by num_core_siblings, and
later checks the divider by zero. This implies a possibility to get
and divide-by-zero runtime error. Fix it by moving the check prior to
division. This also helps to save one indentation level.
|
|||||
| CVE-2025-38312 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-19 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()
In fb_find_mode_cvt(), iff mode->refresh somehow happens to be 0x80000000,
cvt.f_refresh will become 0 when multiplying it by 2 due to overflow. It's
then passed to fb_cvt_hperiod(), where it's used as a divider -- division
by 0 will result in kernel oops. Add a sanity check for cvt.f_refresh to
avoid such overflow...
Found by Linux Verification Center (linuxtesting. ...
Show More |
|||||
| CVE-2025-37937 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-19 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()
If dib8000_set_dds()'s call to dib8000_read32() returns zero, the result
is a divide-by-zero. Prevent that from happening.
Fixes the following warning with an UBSAN kernel:
drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()
|
|||||
| CVE-2025-38126 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-17 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping
The stmmac platform drivers that do not open-code the clk_ptp_rate value
after having retrieved the default one from the device-tree can end up
with 0 in clk_ptp_rate (as clk_get_rate can return 0). It will
eventually propagate up to PTP initialization when bringing up the
interface, leading to a divide by 0:
Division by zero in kernel.
CPU: 1 UID ...
Show More |
|||||
| CVE-2025-38719 | 1 Linux | 1 Linux Kernel | 2025-12-02 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
net: hibmcge: fix the division by zero issue
When the network port is down, the queue is released, and ring->len is 0.
In debugfs, hbg_get_queue_used_num() will be called,
which may lead to a division by zero issue.
This patch adds a check, if ring->len is 0,
hbg_get_queue_used_num() directly returns 0.
|
|||||
| CVE-2022-50178 | 1 Linux | 1 Linux Kernel | 2025-11-28 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtw89: 8852a: rfk: fix div 0 exception
The DPK is a kind of RF calibration whose algorithm is to fine tune
parameters and calibrate, and check the result. If the result isn't good
enough, it could adjust parameters and try again.
This issue is to read and show the result, but it could be a negative
calibration result that causes divisor 0 and core dump. So, fix it by
phy_div() that does division only if divisor isn't ze ...
Show More |
|||||
| CVE-2025-38297 | 1 Linux | 1 Linux Kernel | 2025-11-19 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
PM: EM: Fix potential division-by-zero error in em_compute_costs()
When the device is of a non-CPU type, table[i].performance won't be
initialized in the previous em_init_performance(), resulting in division
by zero when calculating costs in em_compute_costs().
Since the 'cost' algorithm is only used for EAS energy efficiency
calculations and is currently not utilized by other device drivers, we
should add the _is_cpu_device( ...
Show More |
|||||
| CVE-2022-50102 | 1 Linux | 1 Linux Kernel | 2025-11-19 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
Since the user can control the arguments of the ioctl() from the user
space, under special arguments that may result in a divide-by-zero bug
in:
drivers/video/fbdev/arkfb.c:784: ark_set_pixclock(info, (hdiv * info->var.pixclock) / hmul);
with hdiv=1, pixclock=1 and hmul=2 you end up with (1*1)/2 = (int) 0.
and then in:
drivers/video/fbdev/arkfb.c:504: rv = ...
Show More |
|||||
| CVE-2025-38519 | 1 Linux | 1 Linux Kernel | 2025-11-18 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
mm/damon: fix divide by zero in damon_get_intervals_score()
The current implementation allows having zero size regions with no special
reasons, but damon_get_intervals_score() gets crashed by divide by zero
when the region size is zero.
[ 29.403950] Oops: divide error: 0000 [#1] SMP NOPTI
This patch fixes the bug, but does not disallow zero size regions to keep
the backward compatibility since disallowing zero size regio ...
Show More |
|||||
| CVE-2025-38205 | 1 Linux | 1 Linux Kernel | 2025-11-18 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1
[Why]
If the dummy values in `populate_dummy_dml_surface_cfg()` aren't updated
then they can lead to a divide by zero in downstream callers like
CalculateVMAndRowBytes()
[How]
Initialize dummy value to a value to avoid divide by zero.
|
|||||
| CVE-2025-37896 | 1 Linux | 1 Linux Kernel | 2025-11-17 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
spi: spi-mem: Add fix to avoid divide error
For some SPI flash memory operations, dummy bytes are not mandatory. For
example, in Winbond SPINAND flash memory devices, the `write_cache` and
`update_cache` operation variants have zero dummy bytes. Calculating the
duration for SPI memory operations with zero dummy bytes causes
a divide error when `ncycles` is calculated in the
spi_mem_calc_op_duration().
Add changes to skip the ...
Show More |
|||||
| CVE-2025-37850 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-11-17 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()
With CONFIG_COMPILE_TEST && !CONFIG_HAVE_CLK, pwm_mediatek_config() has a
divide-by-zero in the following line:
do_div(resolution, clk_get_rate(pc->clk_pwms[pwm->hwpwm]));
due to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()
returns zero.
This is presumably just a theoretical problem: COMPILE_TEST overrides
the dependency on RALINK which would se ...
Show More |
|||||
| CVE-2022-49978 | 1 Linux | 1 Linux Kernel | 2025-11-14 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
fbdev: fb_pm2fb: Avoid potential divide by zero error
In `do_fb_ioctl()` of fbmem.c, if cmd is FBIOPUT_VSCREENINFO, var will be
copied from user, then go through `fb_set_var()` and
`info->fbops->fb_check_var()` which could may be `pm2fb_check_var()`.
Along the path, `var->pixclock` won't be modified. This function checks
whether reciprocal of `var->pixclock` is too high. If `var->pixclock` is
zero, there will be a divide by ze ...
Show More |
|||||
| CVE-2022-50010 | 1 Linux | 1 Linux Kernel | 2025-11-14 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
video: fbdev: i740fb: Check the argument of i740_calc_vclk()
Since the user can control the arguments of the ioctl() from the user
space, under special arguments that may result in a divide-by-zero bug.
If the user provides an improper 'pixclock' value that makes the argumet
of i740_calc_vclk() less than 'I740_RFREQ_FIX', it will cause a
divide-by-zero bug in:
drivers/video/fbdev/i740fb.c:353 p_best = min(15, ilog2(I740_M ...
Show More |
|||||
| CVE-2025-37766 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-11-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: Prevent division by zero
The user can set any speed value.
If speed is greater than UINT_MAX/8, division by zero is possible.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
|
|||||
| CVE-2025-37767 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-11-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: Prevent division by zero
The user can set any speed value.
If speed is greater than UINT_MAX/8, division by zero is possible.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
|
|||||
| CVE-2025-37768 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-11-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: Prevent division by zero
The user can set any speed value.
If speed is greater than UINT_MAX/8, division by zero is possible.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
|
|||||
| CVE-2025-37769 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-11-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm/smu11: Prevent division by zero
The user can set any speed value.
If speed is greater than UINT_MAX/8, division by zero is possible.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)
|
|||||
| CVE-2025-37770 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-11-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: Prevent division by zero
The user can set any speed value.
If speed is greater than UINT_MAX/8, division by zero is possible.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
|
|||||
| CVE-2025-37771 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-11-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: Prevent division by zero
The user can set any speed value.
If speed is greater than UINT_MAX/8, division by zero is possible.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
|
|||||
| CVE-2021-46312 | 1 Djvulibre Project | 1 Djvulibre | 2025-11-04 | N/A | 6.5 MEDIUM |
|
An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero.
|
|||||
| CVE-2021-46310 | 1 Djvulibre Project | 1 Djvulibre | 2025-11-04 | N/A | 6.5 MEDIUM |
|
An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero.
|
|||||
| CVE-2025-37740 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-11-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
jfs: add sanity check for agwidth in dbMount
The width in dmapctl of the AG is zero, it trigger a divide error when
calculating the control page level in dbAllocAG.
To avoid this issue, add a check for agwidth in dbAllocAG.
|
|||||