Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

75 matches found

RedhatCVE
RedhatCVEadded 2026/04/01 11:1 p.m.5 views

CVE-2026-34549

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccUtil.cpp triggered by a crafted input profile. Under UndefinedBehaviorSanitizer, the issue is reported as invalid left shift...

6.2CVSS5.8AI score0.00019EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/01 11:1 p.m.3 views

CVE-2026-34554

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

6.2CVSS5.7AI score0.00019EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/01 11:1 p.m.4 views

CVE-2026-34535

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault SEGV in CIccTagArray::Cleanup. The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer...

6.2CVSS5.8AI score0.00019EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/01 11:0 p.m.2 views

CVE-2026-34556

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow HBO in icAnsiToUtf8 in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8std::string&, char const ...

6.2CVSS5.9AI score0.00019EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/01 11:0 p.m.4 views

CVE-2026-34533

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccCalculatorFunc::ApplySequence due to invalid enum values being loaded for icChannelFuncSignature. The issue is...

6.2CVSS5.8AI score0.00019EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/01 11:0 p.m.4 views

CVE-2026-34546

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted TIFF input can trigger Undefined Behavior UB due to division by zero in the TIFF handling code paths used by iccTiffDump. This issue has been patched in version 2.3.1.6...

6.2CVSS5.8AI score0.00019EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/01 11:0 p.m.2 views

CVE-2026-34537

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccOpDefEnvVar::Exec due to invalid enum values being loaded for icSigCmmEnvVar. The issue is observable under UBSan a...

6.2CVSS5.8AI score0.00019EPSS
Exploits1References1
NVD
NVDadded 2026/03/31 11:17 p.m.1 views

CVE-2026-34553

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a defect in LUT dump/iteration logic affecting CIccCLUT::Iterate and output produced by CIccMBB::Describe via CLUT dumping. This issue has been patched in version 2.3.1....

4CVSS0.0002EPSS
Exploits1References3
NVD
NVDadded 2026/03/31 11:17 p.m.3 views

CVE-2026-34554

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

6.2CVSS0.00019EPSS
Exploits1References3
NVD
NVDadded 2026/03/31 11:17 p.m.1 views

CVE-2026-34556

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow HBO in icAnsiToUtf8 in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8std::string&, char const ...

6.2CVSS0.00019EPSS
Exploits1References3
NVD
NVDadded 2026/03/31 11:17 p.m.2 views

CVE-2026-34555

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a stack-buffer-overflow SBO in CIccTagFixedNum::GetValues and a related bug chain. The primary crash is an AddressSanitizer-reported WRITE of size 4 that overflows a...

6.2CVSS0.00034EPSS
Exploits1References6
NVD
NVDadded 2026/03/31 11:17 p.m.5 views

CVE-2026-34551

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a null-pointer dereference NPD in CIccTagLut16::Write can be triggered when processing a crafted ICC profile embedded in a TIFF and extracted during iccTiffDump. This issue has...

6.2CVSS0.00019EPSS
Exploits1References3
NVD
NVDadded 2026/03/31 11:17 p.m.2 views

CVE-2026-34547

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, an Undefined Behavior UB condition in IccUtil.cpp can be triggered by a crafted ICC profile when running iccDumpProfile. This issue has been patched in version 2.3.1.6...

6.2CVSS0.00019EPSS
Exploits1References3
NVD
NVDadded 2026/03/31 11:17 p.m.2 views

CVE-2026-34549

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccUtil.cpp triggered by a crafted input profile. Under UndefinedBehaviorSanitizer, the issue is reported as invalid left shift...

6.2CVSS0.00019EPSS
Exploits1References3
NVD
NVDadded 2026/03/31 11:17 p.m.2 views

CVE-2026-34550

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccProfLib/IccIO.cpp caused by an implicit conversion from a negative signed integer to sizet unsigned, which changes the value. Th...

6.2CVSS0.00019EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/03/31 10:22 p.m.3 views

CVE-2026-34556 iccDEV: HBO in icAnsiToUtf8()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow HBO in icAnsiToUtf8 in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8std::string&, char const ...

6.2CVSS5.9AI score0.00019EPSS
Exploits1References3
OSV
OSVadded 2026/03/31 10:22 p.m.2 views

CVE-2026-34556 iccDEV: HBO in icAnsiToUtf8()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow HBO in icAnsiToUtf8 in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8std::string&, char const ...

6.2CVSS6AI score0.00019EPSS
Exploits1References5
CVE
CVEadded 2026/03/31 10:22 p.m.8 views

CVE-2026-34556

CVE-2026-34556 affects the iccDEV library prior to 2.3.1.6. A heap-buffer-overflow in icAnsiToUtf8() within the XML conversion path is triggered by a crafted ICC profile, causing code that assumes null-termination to read past allocated memory (ASan reports an out-of-bounds READ of size 115 past ...

6.2CVSS5.9AI score0.00019EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/31 10:21 p.m.3 views

CVE-2026-34555 iccDEV: SBO in CIccTagFixedNum::GetValues()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a stack-buffer-overflow SBO in CIccTagFixedNum::GetValues and a related bug chain. The primary crash is an AddressSanitizer-reported WRITE of size 4 that overflows a...

6.2CVSS5.8AI score0.00034EPSS
Exploits1References6
Cvelist
Cvelistadded 2026/03/31 10:21 p.m.21 views

CVE-2026-34555 iccDEV: SBO in CIccTagFixedNum::GetValues()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a stack-buffer-overflow SBO in CIccTagFixedNum::GetValues and a related bug chain. The primary crash is an AddressSanitizer-reported WRITE of size 4 that overflows a...

6.2CVSS0.00034EPSS
Exploits1References6
Rows per page
Query Builder