目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-369 除零错误 类漏洞列表 132

CWE-369 除零错误 类弱点 132 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-369 属于逻辑错误类漏洞,指程序执行除以零的操作。当输入异常值或未检测到的错误导致除数为零时,攻击者可利用此缺陷引发程序崩溃、拒绝服务或获取敏感内存信息。开发者应在除法运算前严格校验除数非零,对物理尺寸等关键参数实施边界检查与异常处理,从而确保计算逻辑的健壮性。

MITRE CWE 官方描述
CWE:CWE-369 除以零(Divide By Zero) 英文:产品将某个值除以零。 这种弱点通常发生在向产品提供了意外值,或者发生了未被正确检测到的错误时。它经常出现在涉及物理尺寸(如大小、长度、宽度和高度)的计算中。
常见影响 (1)
AvailabilityDoS: Crash, Exit, or Restart
A Divide by Zero results in a crash.
代码示例 (2)
The following Java example contains a function to compute an average but does not validate that the input value used as the denominator is not zero. This will create an exception for attempting to divide by zero. If this error is not handled by Java exception handling, unexpected results can occur.
public int computeAverageResponseTime (int totalTime, int numRequests) { return totalTime / numRequests; }
Bad · Java
public int computeAverageResponseTime (int totalTime, int numRequests) throws ArithmeticException { if (numRequests == 0) { System.out.println("Division by zero attempted!"); throw ArithmeticException; } return totalTime / numRequests; }
Good · Java
The following C/C++ example contains a function that divides two numeric values without verifying that the input value used as the denominator is not zero. This will create an error for attempting to divide by zero, if this error is not caught by the error handling capabilities of the language, unexpected results can occur.
double divide(double x, double y){ return x/y; }
Bad · C
const int DivideByZero = 10; double divide(double x, double y){ if ( 0 == y ){ throw DivideByZero; } return x/y; } ... try{ divide(10, 0); } catch( int i ){ if(i==DivideByZero) { cerr<<"Divide by zero error"; } }
Good · C
CVE ID标题CVSS风险等级Published
CVE-2026-42209 FlashMQ 使用非默认延迟保留消息设置时整数除零崩溃漏洞 — FlashMQ 6.5 Medium2026-05-08
CVE-2026-35215 Firebird 安全漏洞 — firebird 7.5 High2026-04-17
CVE-2026-27222 Adobe Bridge 数字错误漏洞 — Bridge 5.5 Medium2026-04-14
CVE-2026-34546 iccDEV 数字错误漏洞 — iccDEV 6.2 Medium2026-03-31
CVE-2026-4603 jsrsasign 安全漏洞 — jsrsasign 5.9 Medium2026-03-23
CVE-2026-31884 FreeRDP 数字错误漏洞 — FreeRDP 6.5 Medium2026-03-13
CVE-2026-1653 Lenovo Smart Standby Driver 安全漏洞 — Smart Connect 5.5 Medium2026-03-11
CVE-2026-25169 Microsoft Graphics Component 数字错误漏洞 — Windows 10 Version 1607 6.2 Medium2026-03-10
CVE-2026-20057 Cisco IOS XE和Cisco Secure Firewall Threat Defense 数字错误漏洞 — Cisco Cyber Vision 5.8 Medium2026-03-04
CVE-2026-3383 ChaiScript 安全漏洞 — ChaiScript 3.3 Low2026-03-01
CVE-2026-25799 ImageMagick 数字错误漏洞 — ImageMagick 5.3 Medium2026-02-24
CVE-2025-15564 Mapnik 安全漏洞 — Mapnik 3.3 Low2026-02-07
CVE-2025-23273 NVIDIA CUDA Toolkit 数字错误漏洞 — NVIDIA CUDA Toolkit 2.5 Low2025-09-24
CVE-2025-35435 thorium 安全漏洞 — Thorium 4.3 Medium2025-09-17
CVE-2025-9649 Appneta Tcpreplay 安全漏洞 — tcpreplay 3.3 Low2025-08-29
CVE-2025-55212 ImageMagick 安全漏洞 — ImageMagick 3.7 Low2025-08-26
CVE-2025-23321 NVIDIA Triton Inference Server 数字错误漏洞 — Triton Inference Server 7.5 High2025-08-06
CVE-2025-54873 RISC Zero Ethereum 数字错误漏洞 — risc0 5.5AIMediumAI2025-08-05
CVE-2025-54581 vproxy 数字错误漏洞 — vproxy 7.5 High2025-07-30
CVE-2025-48754 memory_pages 数字错误漏洞 — memory_pages 2.9 Low2025-05-24
CVE-2025-4637 dlib 安全漏洞 — dlib 5.5AIMediumAI2025-05-14
CVE-2025-31162 fig2dev 安全漏洞 — fig2dev 6.6 Medium2025-03-28
CVE-2025-2591 Open Asset Import Library 安全漏洞 — Assimp 4.3 Medium2025-03-21
CVE-2024-8063 Ollama 数字错误漏洞 — ollama/ollama 7.5 -2025-03-20
CVE-2025-0317 Ollama 数字错误漏洞 — ollama/ollama 6.5 -2025-03-20
CVE-2024-4785 Zephyr 安全漏洞 — Zephyr 7.6 High2024-08-19
CVE-2024-7867 Xpdf 安全漏洞 — Xpdf 5.5AIMediumAI2024-08-15
CVE-2024-1298 EDK2 安全漏洞 — edk2 6.0 Medium2024-05-30
CVE-2024-21438 Microsoft Windows AllJoyn API 安全漏洞 — Windows 10 Version 1809 7.5 High2024-03-12
CVE-2023-52313 PaddlePaddle 安全漏洞 — PaddlePaddle 4.7 Medium2024-01-03

CWE-369(除零错误) 是常见的弱点类别,本平台收录该类弱点关联的 132 条 CVE 漏洞。