EUVD-2026-4606

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior and Null Pointer Deference in CIccTagXmlFloatNum::ParseXml. This occurs when user-controllable input is unsafely incorporated into...

EUVD-2026-4607

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in icSigCalcOp. This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary...

CVE-2026-24407 iccDEV has Undefined Behavior in icSigCalcOp()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in icSigCalcOp. This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary...

CVE-2026-24407 iccDEV has Undefined Behavior in icSigCalcOp()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in icSigCalcOp. This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary...

CVE-2026-24407

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in icSigCalcOp. This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary...

CVE-2026-24407

CVE-2026-24407 affects iccDEV: versions

CVE-2026-24407 iccDEV has Undefined Behavior in icSigCalcOp()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in icSigCalcOp. This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary...

CVE-2026-24404

CVE-2026-24404 affects iccDEV: CIccXmlArrayType() vulnerability in versions 2.3.1.1 and earlier, caused by unsafe handling of user-controlled input in ICC profile data/structured binary blobs. The issue yields a Null Pointer Dereference and Undefined Behavior, with potential consequences includin...

CVE-2026-24404 iccDEV has Null Pointer Deference and Undefined Behavior in CIccXmlArrayType()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. In versions 2.3.1.1 and below, CIccXmlArrayType contains a Null Pointer Dereference and Undefined Behavior vulnerability. This occurs when user-controllable input is unsafely...

CVE-2026-24404 iccDEV has Null Pointer Deference and Undefined Behavior in CIccXmlArrayType()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. In versions 2.3.1.1 and below, CIccXmlArrayType contains a Null Pointer Dereference and Undefined Behavior vulnerability. This occurs when user-controllable input is unsafely...

CVE-2026-24404

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. In versions 2.3.1.1 and below, CIccXmlArrayType contains a Null Pointer Dereference and Undefined Behavior vulnerability. This occurs when user-controllable input is unsafely...

CVE-2026-24404 iccDEV has Null Pointer Deference and Undefined Behavior in CIccXmlArrayType()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. In versions 2.3.1.1 and below, CIccXmlArrayType contains a Null Pointer Dereference and Undefined Behavior vulnerability. This occurs when user-controllable input is unsafely...

PT-2026-4549

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description The iccDEV software, which provides libraries and tools for interacting with ICC color management profiles, contains an issue in the icSigCalcOp function. User-controllable input is unsafely...

PT-2026-4546

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description The iccDEV library contains a flaw in the CIccXmlArrayType function that can lead to a Null Pointer Dereference and Undefined Behavior. This happens when user-controlled input is used in ICC profile...

PT-2026-4558

Name of the Vulnerable Software and Affected Versions iccDEV versions 2.3.1.1 and below Description iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below contain Undefined Behavior and a Null Pointer Deferenc...

iccDEV security vulnerability

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.1 contained security vulnerabilities. These vulnerabilities stemmed from undefined behavior in icSigCalcOp, which could lead to denial-of-service attacks,...

iccDEV security vulnerability

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.1 contained security vulnerabilities. These vulnerabilities stemmed from undefined behavior and null pointer dereferencing in the CIccTagXmlFloatNum::ParseX...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004894)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004894 advisory. In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAPTOMASK Shifting signed 32-bit value by 3...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38277)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38277 advisory. - In the Linux kernel, the following vulnerability has been resolved: mtd: nand: ecc-mxic: Fix use of...

CLSA-2026-1768110920 kernel: Fix of 16 CVEs

crypto: lzo - Fix compression buffer overrun CVE-2025-38068 - wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work CVE-2025-39863 - NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-43945 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. CVE-2025-40186 - can:...