Lucene search
K

2521 matches found

Cvelist
Cvelist
added 2026/03/31 10:0 p.m.18 views

CVE-2026-34537 iccDEV: UB in CIccOpDefEnvVar::Exec()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccOpDefEnvVar::Exec due to invalid enum values being loaded for icSigCmmEnvVar. The issue is observable under UBSan a...

6.2CVSS0.00156EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/31 10:0 p.m.2 views

CVE-2026-34537

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccOpDefEnvVar::Exec due to invalid enum values being loaded for icSigCmmEnvVar. The issue is observable under UBSan a...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/31 10:0 p.m.1 views

CVE-2026-34537 iccDEV: UB in CIccOpDefEnvVar::Exec()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccOpDefEnvVar::Exec due to invalid enum values being loaded for icSigCmmEnvVar. The issue is observable under UBSan a...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References3
CVE
CVE
added 2026/03/31 10:0 p.m.12 views

CVE-2026-34537

iccDEV is affected prior to version 2.3.1.6. A crafted ICC profile can trigger Undefined Behavior in CIccOpDefEnvVar::Exec() due to invalid enum values loaded for icSigCmmEnvVar, observable under UBSan as load of value not a valid value for type icSigCmmEnvVar. The issue has been patched in versi...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/03/31 10:0 p.m.3 views

EUVD-2026-17701

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccOpDefEnvVar::Exec due to invalid enum values being loaded for icSigCmmEnvVar. The issue is observable under UBSan a...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References3
OSV
OSV
added 2026/03/31 10:0 p.m.4 views

CVE-2026-34537 iccDEV: UB in CIccOpDefEnvVar::Exec()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccOpDefEnvVar::Exec due to invalid enum values being loaded for icSigCmmEnvVar. The issue is observable under UBSan a...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/31 9:58 p.m.10 views

EUVD-2026-17697

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault SEGV in CIccTagArray::Cleanup. The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/31 9:56 p.m.1 views

CVE-2026-34533

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccCalculatorFunc::ApplySequence due to invalid enum values being loaded for icChannelFuncSignature. The issue is...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/31 9:56 p.m.4 views

CVE-2026-34533 iccDEV: UB in CIccCalculatorFunc::ApplySequence()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccCalculatorFunc::ApplySequence due to invalid enum values being loaded for icChannelFuncSignature. The issue is...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/31 9:56 p.m.24 views

CVE-2026-34533 iccDEV: UB in CIccCalculatorFunc::ApplySequence()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccCalculatorFunc::ApplySequence due to invalid enum values being loaded for icChannelFuncSignature. The issue is...

6.2CVSS0.00156EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/31 9:56 p.m.2 views

CVE-2026-34533 iccDEV: UB in CIccCalculatorFunc::ApplySequence()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccCalculatorFunc::ApplySequence due to invalid enum values being loaded for icChannelFuncSignature. The issue is...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/31 9:56 p.m.6 views

EUVD-2026-17693

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccCalculatorFunc::ApplySequence due to invalid enum values being loaded for icChannelFuncSignature. The issue is...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References3
CNVD
CNVD
added 2026/03/31 12:0 a.m.3 views

Mozilla Firefox and Mozilla Thunderbird Security Bypass Vulnerability (CNVD-2026-16378)

Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. A security bypass vulnerability exists in Mozilla Firefox and Mozilla Thunderbird...

9.1CVSS7.3AI score0.00322EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.5 views

PT-2026-29395

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccProfLib/IccIO.cpp caused by an implicit conversion from a negative signed integer to size t unsigned, which changes the value...

6.2CVSS5.8AI score0.00159EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.9 views

PT-2026-29394

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccUtil.cpp triggered by a crafted input profile. Under UndefinedBehaviorSanitizer, the issue is reported as invalid left shift...

6.2CVSS5.8AI score0.00159EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.4 views

PT-2026-29382

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccCalculatorFunc::ApplySequence due to invalid enum values being loaded for icChannelFuncSignature. The issue is...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.3 views

PT-2026-29393

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in the XML conversion tooling path iccToXml caused by an implicit conversion from a negative signed integer to icUInt32Number unsigned...

6.2CVSS5.8AI score0.00159EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.6 views

iccDEV 代码问题漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained code-related vulnerabilities, which stemmed from member access via null pointers, resulting in undefined behaviors...

6.2CVSS5.9AI score0.00156EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.3 views

PT-2026-29392

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, an Undefined Behavior UB condition in IccUtil.cpp can be triggered by a crafted ICC profile when running iccDumpProfile. This issue has been patched in version 2.3.1.6...

6.2CVSS5.7AI score0.00156EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.5 views

PT-2026-29389

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB via a null-pointer member call in CIccCombinedConnectionConditions::CIccCombinedConnectionConditions reported by UBSan as...

6.2CVSS5.8AI score0.002EPSS
Exploits1References6
Rows per page
Query Builder