Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

178 matches found

RedhatCVE
RedhatCVEadded 2026/02/04 7:27 p.m.3 views

CVE-2026-25503

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, type confusion allowed malformed ICC profiles to trigger undefined behavior when loading invalid icImageEncodingType values causin...

7.1CVSS5.3AI score0.00052EPSS
Exploits1References1
OSV
OSVadded 2026/02/03 6:36 p.m.3 views

CVE-2026-25502 iccDEV is vulnerable to stack-buffer-overflow in icFixXml()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, stack-based buffer overflow in icFixXml function when processing malformed ICC profiles, allows potential arbitrary code execution...

7.8CVSS6.5AI score0.00017EPSS
Exploits1References6
CVE
CVEadded 2026/02/03 6:36 p.m.10 views

CVE-2026-25503

CVE-2026-25503 involves iccDEV libraries that handle ICC color management profiles. Prior to version 2.3.1.2, a type confusion in CIccTagEmbeddedHeightImage::Validate() could cause malformed ICC profiles to trigger undefined behavior when loading invalid icImageEncodingType values, resulting in a...

7.1CVSS5.3AI score0.00052EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVEadded 2026/01/29 9:20 p.m.2 views

CVE-2026-24856

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Versions prior to 2.3.1.2 have an undefined behavior issue when floating-point NaN values are converted to unsigned short integer types during ICC profile X...

7.8CVSS6.1AI score0.00022EPSS
Exploits1References1
EUVD
EUVDadded 2026/01/28 9:5 p.m.2 views

EUVD-2026-4852

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Versions prior to 2.3.1.2 have an undefined behavior issue when floating-point NaN values are converted to unsigned short integer types during ICC profile X...

7.8CVSS6.1AI score0.00022EPSS
Exploits1References4
NVD
NVDadded 2026/01/28 1:16 a.m.2 views

CVE-2026-24852

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen function attempts to read a non-null-terminated buffer potentially leaking heap memory...

8.1CVSS0.00014EPSS
Exploits0References3
EUVD
EUVDadded 2026/01/28 12:27 a.m.2 views

EUVD-2026-4911

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen function attempts to read a non-null-terminated buffer potentially leaking heap memory...

6.1CVSS6AI score0.00014EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/01/28 12:27 a.m.2 views

CVE-2026-24852

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen function attempts to read a non-null-terminated buffer potentially leaking heap memory...

6.1CVSS6AI score0.00014EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/28 12:27 a.m.2 views

CVE-2026-24852 iccDEV has a heap-buffer-overflow in icXmlParseTextString()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen function attempts to read a non-null-terminated buffer potentially leaking heap memory...

6.1CVSS6AI score0.00014EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/01/28 12:0 a.m.3 views

PT-2026-5049

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen function attempts to read a non-null-terminated buffer potentially leaking heap memory...

6.1CVSS6AI score0.00014EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/26 3:10 p.m.2 views

CVE-2026-24403

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. In versions 2.3.1.1 and below, an integer overflow vulnerability exists in icValidateStatus CIccProfile::CheckHeader when user-controllable input is incorporated into profile data...

8.8CVSS5.9AI score0.00267EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/26 3:10 p.m.4 views

CVE-2026-24407

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in icSigCalcOp. This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary...

8.8CVSS5.8AI score0.00241EPSS
Exploits1References1
NVD
NVDadded 2026/01/24 2:15 a.m.4 views

CVE-2026-24410

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior and Null Pointer Deference in CIccProfileXml::ParseBasic. This occurs when user-controllable input is unsafely incorporated into I...

8.8CVSS0.00208EPSS
Exploits1References3
CVE
CVEadded 2026/01/24 1:27 a.m.6 views

CVE-2026-24412

CVE-2026-24412 affects iccDEV libraries for ICC color profiles. Versions 2.3.1.1 and earlier contain a heap buffer overflow in the internal function CIccTagXmlSegmentedCurve::ToXml() when user-controlled input is unsafely embedded in ICC profile data or other binary blobs. This can lead to DoS, d...

8.8CVSS5.6AI score0.00206EPSS
Exploits1References3Affected Software1
EUVD
EUVDadded 2026/01/24 1:27 a.m.3 views

EUVD-2026-4602

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml function. This occurs when user-controllable input is unsafely incorporate...

8.8CVSS5.6AI score0.00206EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/01/24 1:27 a.m.1 views

CVE-2026-24412 iccDEV has Heap Buffer Overflow in icCurvesFromXml()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml function. This occurs when user-controllable input is unsafely incorporate...

8.8CVSS5.8AI score0.00206EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/01/24 1:27 a.m.2 views

CVE-2026-24412

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml function. This occurs when user-controllable input is unsafely incorporate...

8.8CVSS5.8AI score0.00206EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2026/01/24 1:27 a.m.22 views

CVE-2026-24412 iccDEV has Heap Buffer Overflow in icCurvesFromXml()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml function. This occurs when user-controllable input is unsafely incorporate...

8.8CVSS0.00206EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/01/24 1:16 a.m.2 views

CVE-2026-24411

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in CIccTagXmlSegmentedCurve::ToXml. This occurs when user-controllable input is unsafely incorporated into ICC profile data or oth...

8.8CVSS5.8AI score0.00241EPSS
Exploits1References4Affected Software1
EUVD
EUVDadded 2026/01/24 1:16 a.m.2 views

EUVD-2026-4604

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in CIccTagXmlSegmentedCurve::ToXml. This occurs when user-controllable input is unsafely incorporated into ICC profile data or oth...

7.1CVSS5.5AI score0.00241EPSS
Exploits1References3
Rows per page
Query Builder