Total
354 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-20246 | 4 Debian, Fedoraproject, Imagemagick and 1 more | 4 Debian Linux, Fedora, Imagemagick and 1 more | 2024-08-03 | 5.5 Medium |
| A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20244 | 4 Debian, Fedoraproject, Imagemagick and 1 more | 4 Debian Linux, Fedora, Imagemagick and 1 more | 2024-08-03 | 5.5 Medium |
| A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20241 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-08-03 | 5.5 Medium |
| A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20205 | 2 Fedoraproject, Libjpeg-turbo | 2 Fedora, Libjpeg-turbo | 2024-08-03 | 6.5 Medium |
| Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image. | ||||
| CVE-2021-20176 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-08-03 | 5.5 Medium |
| A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-4216 | 1 Artifex | 1 Mupdf | 2024-08-03 | 5.5 Medium |
| A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream. | ||||
| CVE-2021-3941 | 4 Debian, Fedoraproject, Openexr and 1 more | 4 Debian Linux, Fedora, Openexr and 1 more | 2024-08-03 | 6.5 Medium |
| In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition which could affect the availability of programs linked with OpenEXR. | ||||
| CVE-2022-47525 | 1 Fox-it | 2 Fox Datadiode, Fox Datadiode Firmware | 2024-08-03 | 7.5 High |
| Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a Divide-by-Zero vulnerability in the packet parser. A remote attacker could leverage this vulnerability to cause a denial-of-service. Exploitation of this issue does not require user interaction. | ||||
| CVE-2022-41287 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-08-03 | 3.3 Low |
| A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains divide by zero vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition. | ||||
| CVE-2022-39318 | 3 Fedoraproject, Freerdp, Redhat | 3 Fedora, Freerdp, Enterprise Linux | 2024-08-03 | 4.8 Medium |
| FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in `urbdrc` channel. A malicious server can trick a FreeRDP based client to crash with division by zero. This issue has been addressed in version 2.9.0. All users are advised to upgrade. Users unable to upgrade should not use the `/usb` redirection switch. | ||||
| CVE-2022-38865 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-08-03 | 5.5 Medium |
| Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | ||||
| CVE-2022-38860 | 2 Debian, Mplayerhq | 3 Debian Linux, Mencoder, Mplayer | 2024-08-03 | 5.5 Medium |
| Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. | ||||
| CVE-2022-38850 | 2 Debian, Mplayerhq | 2 Debian Linux, Mencoder | 2024-08-03 | 5.5 Medium |
| The MPlayer Project mencoder SVN-r38374-13.0.1 is vulnerable to Divide By Zero via the function config () of llibmpcodecs/vf_scale.c. | ||||
| CVE-2022-38266 | 3 Debian, Leptonica, Tesseract Project | 3 Debian Linux, Leptonica, Tesseract | 2024-08-03 | 6.5 Medium |
| An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file. | ||||
| CVE-2022-35996 | 1 Google | 1 Tensorflow | 2024-08-03 | 5.9 Medium |
| TensorFlow is an open source platform for machine learning. If `Conv2D` is given empty `input` and the `filter` and `padding` sizes are valid, the output is all-zeros. This causes division-by-zero floating point exceptions that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 611d80db29dd7b0cfb755772c69d60ae5bca05f9. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. | ||||
| CVE-2022-23557 | 1 Google | 1 Tensorflow | 2024-08-03 | 6.5 Medium |
| Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would trigger a division by zero in `BiasAndClamp` implementation. There is no check that the `bias_size` is non zero. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-21735 | 1 Google | 1 Tensorflow | 2024-08-03 | 6.5 Medium |
| Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalMaxPool` can be made to crash a TensorFlow process via a division by 0. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-21741 | 1 Google | 1 Tensorflow | 2024-08-03 | 6.5 Medium |
| Tensorflow is an Open Source Machine Learning Framework. ### Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to determine the size of the padding that needs to be added before applying the convolution. There is no check before this division that the divisor is strictly positive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-21725 | 1 Google | 1 Tensorflow | 2024-08-03 | 6.5 Medium |
| Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure it is valid. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-3061 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-08-03 | 5.5 Medium |
| Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error. | ||||