Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-369 (除零错误) — Vulnerability Class 132

132 vulnerabilities classified as CWE-369 (除零错误). AI Chinese analysis included.

CWE-369, Divide By Zero, is a logical weakness where a software product attempts to divide a value by zero, causing a runtime error or application crash. This flaw typically arises when unexpected user input or internal state errors bypass validation checks, particularly in calculations involving physical dimensions like length or width. Exploitation often results in denial of service, as the resulting exception disrupts normal program flow and may expose sensitive stack traces to attackers. To mitigate this risk, developers must implement robust input validation to ensure divisor values are non-zero before arithmetic operations. Additionally, employing defensive programming techniques, such as explicit error handling blocks and boundary checks, allows the application to gracefully manage invalid inputs. By rigorously testing edge cases and enforcing strict data integrity constraints, engineers can prevent these arithmetic anomalies from compromising system stability and security.

MITRE CWE Description
The product divides a value by zero. This weakness typically occurs when an unexpected value is provided to the product, or if an error occurs that is not properly detected. It frequently occurs in calculations involving physical dimensions such as size, length, width, and height.
Common Consequences (1)
AvailabilityDoS: Crash, Exit, or Restart
A Divide by Zero results in a crash.
Examples (2)
The following Java example contains a function to compute an average but does not validate that the input value used as the denominator is not zero. This will create an exception for attempting to divide by zero. If this error is not handled by Java exception handling, unexpected results can occur.
public int computeAverageResponseTime (int totalTime, int numRequests) { return totalTime / numRequests; }
Bad · Java
public int computeAverageResponseTime (int totalTime, int numRequests) throws ArithmeticException { if (numRequests == 0) { System.out.println("Division by zero attempted!"); throw ArithmeticException; } return totalTime / numRequests; }
Good · Java
The following C/C++ example contains a function that divides two numeric values without verifying that the input value used as the denominator is not zero. This will create an error for attempting to divide by zero, if this error is not caught by the error handling capabilities of the language, unexpected results can occur.
double divide(double x, double y){ return x/y; }
Bad · C
const int DivideByZero = 10; double divide(double x, double y){ if ( 0 == y ){ throw DivideByZero; } return x/y; } ... try{ divide(10, 0); } catch( int i ){ if(i==DivideByZero) { cerr<<"Divide by zero error"; } }
Good · C
CVE IDTitleCVSSSeverityPublished
CVE-2026-42209 FlashMQ: Division by zero crash when using non-default deferred retained message setting — FlashMQ 6.5 Medium2026-05-08
CVE-2026-35215 Firebird: DoS via malicious slice descriptor in slice packet — firebird 7.5 High2026-04-17
CVE-2026-27222 Bridge | Divide By Zero (CWE-369) — Bridge 5.5 Medium2026-04-14
CVE-2026-34546 iccDEV: UB at TiffImg.h — iccDEV 6.2 Medium2026-03-31
CVE-2026-4603 jsrsasign 安全漏洞 — jsrsasign 5.9 Medium2026-03-23
CVE-2026-31884 FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 — FreeRDP 6.5 Medium2026-03-13
CVE-2026-1653 Lenovo Smart Standby Driver 安全漏洞 — Smart Connect 5.5 Medium2026-03-11
CVE-2026-25169 Windows Graphics Component Denial of Service Vulnerability — Windows 10 Version 1607 6.2 Medium2026-03-10
CVE-2026-20057 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability — Cisco Cyber Vision 5.8 Medium2026-03-04
CVE-2026-3383 ChaiScript boxed_number.hpp go divide by zero — ChaiScript 3.3 Low2026-03-01
CVE-2026-25799 ImageMagick has Division-by-Zero in YUV sampling factor validation, which leads to crash — ImageMagick 5.3 Medium2026-02-24
CVE-2025-15564 Mapnik value.cpp operator divide by zero — Mapnik 3.3 Low2026-02-07
CVE-2025-23273 NVIDIA CUDA Toolkit 数字错误漏洞 — NVIDIA CUDA Toolkit 2.5 Low2025-09-24
CVE-2025-35435 CISA Thorium download stream divide by zero — Thorium 4.3 Medium2025-09-17
CVE-2025-9649 appneta tcpreplay send_packets.c calc_sleep_time divide by zero — tcpreplay 3.3 Low2025-08-29
CVE-2025-55212 ImageMagick affected by divide-by-zero in ThumbnailImage via montage -geometry ":" leads to crash — ImageMagick 3.7 Low2025-08-26
CVE-2025-23321 NVIDIA Triton Inference Server 数字错误漏洞 — Triton Inference Server 7.5 High2025-08-06
CVE-2025-54873 RISC Zero Underconstrained Vulnerability: Division — risc0 5.5AIMediumAI2025-08-05
CVE-2025-54581 vproxy is vulnerable to a divide by zero DoS attack — vproxy 7.5 High2025-07-30
CVE-2025-48754 memory_pages 数字错误漏洞 — memory_pages 2.9 Low2025-05-24
CVE-2025-4637 Divide By Zero in dlib — dlib 5.5AIMediumAI2025-05-14
CVE-2025-31162 fig2dev float point exception — fig2dev 6.6 Medium2025-03-28
CVE-2025-2591 Open Asset Import Library Assimp MDLLoader.cpp InternReadFile_Quake1 divide by zero — Assimp 4.3 Medium2025-03-21
CVE-2024-8063 Divide by Zero in ollama/ollama — ollama/ollama 7.5 -2025-03-20
CVE-2025-0317 Divide By Zero in ollama/ollama — ollama/ollama 6.5 -2025-03-20
CVE-2024-4785 BT: Missing Check in LL_CONNECTION_UPDATE_IND Packet Leads to Division by Zero — Zephyr 7.6 High2024-08-19
CVE-2024-7867 Integer overflow and divide-by-zero in Xpdf 4.05 due to bogus page box coordinates — Xpdf 5.5AIMediumAI2024-08-15
CVE-2024-1298 Integer Overflow caused by divide by zero during S3 suspension — edk2 6.0 Medium2024-05-30
CVE-2024-21438 Microsoft AllJoyn API Denial of Service Vulnerability — Windows 10 Version 1809 7.5 High2024-03-12
CVE-2023-52313 FPE in paddle.argmin and paddle.argmax — PaddlePaddle 4.7 Medium2024-01-03

Vulnerabilities classified as CWE-369 (除零错误) represent 132 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.