CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

173 matches found

USN-8209-2: Little CMS vulnerability

USN-8209-1 fixed vulnerabilities in Little CMS. This update contains the fixes for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that Little CMS incorrectly handled certain malformed ICC profiles. An attacker could use thi...

7.5CVSS6.1AI score0.00045EPSS

Exploits1

OSV•added 3 days ago•6 views

USN-8209-2 lcms2 vulnerability

7.5CVSS6.1AI score0.00045EPSS

Exploits1References2

Tenable Nessus•added 2026/05/20 12:0 a.m.•3 views

Amazon Linux 2023 : lcms2, lcms2-devel, lcms2-utils (ALAS2023-2026-1657)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1657 advisory. Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication. CVE-2026-41254 Tenable has extracted the preceding...

7.5CVSS5.9AI score0.00045EPSS

Exploits1References4

OSV•added 2026/05/15 2:1 p.m.•5 views

OESA-2026-2327 lcms2 security update

LittleCMS intends to be an OPEN SOURSE small-footprint color management engine,with special focus on accuracy and performence.It uses the International Color Consortium standard ICC, which is the modern standard when regarding to color management. The ICC specification is widely used and is...

4CVSS5.8AI score0.00017EPSS

Exploits0References2

SUSE CVE•added 2026/05/13 3:37 a.m.•4 views

SUSE CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

7.5CVSS5.8AI score0.00045EPSS

Exploits1References3

Tenable Nessus•added 2026/05/11 12:0 a.m.•7 views

Ubuntu 25.10 / 26.04 LTS : Little CMS vulnerability (USN-8250-1)

The remote Ubuntu 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8250-1 advisory. It was discovered that Little CMS incorrectly handled certain malformed ICC profiles. An attacker could possibly use this issue to cause Little CMS to...

4CVSS5.9AI score0.00017EPSS

Exploits0References2

Ubuntu•added 2026/05/07 1:27 p.m.•7 views

USN-8250-1: Little CMS vulnerability

It was discovered that Little CMS incorrectly handled certain malformed ICC profiles. An attacker could possibly use this issue to cause Little CMS to crash, resulting in a denial of service...

4CVSS5.8AI score0.00017EPSS

Exploits0

Positive Technologies•added 2026/05/07 12:0 a.m.•6 views

PT-2026-39178

It was discovered that Little CMS incorrectly handled certain malformed ICC profiles. An attacker could possibly use this issue to cause Little CMS to crash, resulting in a denial of service...

4CVSS5.8AI score0.00017EPSS

Exploits0References3

OSV•added 2026/05/05 12:0 a.m.•2 views

UBUNTU-CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

4CVSS5.8AI score0.00017EPSS

Exploits0References3

UbuntuCve•added 2026/05/05 12:0 a.m.•2 views

CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

4CVSS5.8AI score0.00017EPSS

Exploits0References2

OSV•added 2026/05/03 9:55 a.m.•2 views

OESA-2026-2128 lcms2 security update

7.5CVSS5.8AI score0.00045EPSS

Exploits1References2

Tenable Nessus•added 2026/05/02 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-42798

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c. CVE-2026-42798 Note that Nessus relies on the presence of the...

4CVSS5.9AI score0.00017EPSS

Exploits0References2

SUSE CVE•added 2026/05/01 2:3 a.m.•3 views

SUSE CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

4CVSS5.3AI score0.00017EPSS

Exploits0References3

NVD•added 2026/04/30 7:16 a.m.•1 views

CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

4CVSS0.00017EPSS

Exploits0References3

ATTACKERKB•added 2026/04/30 6:34 a.m.•1 views

CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

4CVSS5.2AI score0.00017EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/04/30 6:34 a.m.•26 views

CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

4CVSS0.00017EPSS

Exploits0References3

Vulnrichment•added 2026/04/30 6:34 a.m.•2 views

CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

4CVSS5.2AI score0.00017EPSS

Exploits0References3

Debian CVE•added 2026/04/30 6:34 a.m.•3 views

CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

4CVSS5.3AI score0.00017EPSS

Exploits0

CVE•added 2026/04/30 6:34 a.m.•66 views

CVE-2026-42798

Little CMS (lcms2) versions 2.16–2.18 before 2.19 have an integer overflow in ParseCube within cmscgats.c. The provided documents do not include exploit details or explicit remediation steps. References show a version delta toward 2.19 (lcms2.18...lcms2.19), but the materials do not state a confi...

4CVSS5.2AI score0.00017EPSS

Exploits0References3