CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7061 matches found

ATTACKERKB•added 2026/01/26 7:36 p.m.•4 views

CVE-2026-0810

A flaw was found in gix-date. The gixdate::parse::TimeBuf::asstr function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the TimeBuf component, leading to undefined behavior when these malformed strings are subsequently processed...

6.8CVSS5.8AI score0.00193EPSS

Exploits1References6

CVE•added 2026/01/26 7:36 p.m.•22 views

CVE-2026-0810

CVE-2026-0810 affects the gix-date library used in Rust projects. The issue arises in gix_date::parse::TimeBuf::as_str, which can emit strings containing invalid non-UTF8 characters, violating internal safety invariants of TimeBuf and causing undefined behavior when such strings are processed. Im...

7.1CVSS5.8AI score0.00193EPSS

Exploits1References5Affected Software1

RedhatCVE•added 2026/01/26 3:10 p.m.•6 views

CVE-2026-24407

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in icSigCalcOp. This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary...

8.8CVSS5.8AI score0.00395EPSS

Exploits1References1

RedhatCVE•added 2026/01/26 3:10 p.m.•6 views

CVE-2026-24410

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior and Null Pointer Deference in CIccProfileXml::ParseBasic. This occurs when user-controllable input is unsafely incorporated into I...

8.8CVSS5.8AI score0.0031EPSS

Exploits1References1

Vulnrichment•added 2026/01/26 10:5 a.m.•3 views

CVE-2025-59100 Unauthenticated Access to the SQLite Database in dormakaba access manager

The web interface offers a functionality to export the internal SQLite database. After executing the database export, an automatic download is started and the device reboots. After rebooting, the exported database is deleted and cannot be accessed anymore. However, it was noticed that sometimes t...

5.9CVSS5.8AI score0.00572EPSS

Exploits0References3

HackRead•added 2026/01/25 6:22 p.m.•3 views

7 Top Endpoint Security Platforms for 2026

Endpoints remain primary entry for attacks. In 2026, endpoint platforms must deliver behavior context, automation, investigations, and integrations...

5.4AI score

Exploits0

NVD•added 2026/01/24 2:15 a.m.•8 views

CVE-2026-24411

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in CIccTagXmlSegmentedCurve::ToXml. This occurs when user-controllable input is unsafely incorporated into ICC profile data or oth...

8.8CVSS0.0031EPSS

Exploits1References3

NVD•added 2026/01/24 2:15 a.m.•6 views

CVE-2026-24410

8.8CVSS0.0031EPSS

Exploits1References3

NVD•added 2026/01/24 2:15 a.m.•4 views

CVE-2026-24409

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior and Null Pointer Deference in CIccTagXmlFloatNum::ParseXml. This occurs when user-controllable input is unsafely incorporated into...

8.8CVSS0.0031EPSS

Exploits1References3

Cvelist•added 2026/01/24 1:16 a.m.•25 views

CVE-2026-24411 iccDEV has Undefined Behavior and Null Pointer Deference in CIccTagXmlSegmentedCurve::ToXml()

7.1CVSS0.0031EPSS

Exploits1References3

EUVD•added 2026/01/24 1:16 a.m.•4 views

EUVD-2026-4604

7.1CVSS5.5AI score0.0031EPSS

Exploits1References3

Vulnrichment•added 2026/01/24 1:16 a.m.•4 views

CVE-2026-24411 iccDEV has Undefined Behavior and Null Pointer Deference in CIccTagXmlSegmentedCurve::ToXml()

7.1CVSS5.8AI score0.0031EPSS

Exploits1References3

ATTACKERKB•added 2026/01/24 1:16 a.m.•2 views

CVE-2026-24411

8.8CVSS5.8AI score0.0031EPSS

Exploits1References4Affected Software1

CVE•added 2026/01/24 1:16 a.m.•14 views

CVE-2026-24411

CVE-2026-24411 affects iccDEV. Versions 2.3.1.1 and earlier have Undefined Behavior in CIccTagXmlSegmentedCurve::ToXml() when user-controllable input is embedded in ICC profile data or other structured binaries, potentially enabling DoS, data manipulation, bypass of application logic, and Code Ex...

8.8CVSS5.5AI score0.0031EPSS

Exploits1References3Affected Software1

OSV•added 2026/01/24 1:16 a.m.•7 views

CVE-2026-24411 iccDEV has Undefined Behavior and Null Pointer Deference in CIccTagXmlSegmentedCurve::ToXml()

7.1CVSS5.6AI score0.0031EPSS

Exploits1References5

NVD•added 2026/01/24 1:15 a.m.•4 views

CVE-2026-24404

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. In versions 2.3.1.1 and below, CIccXmlArrayType contains a Null Pointer Dereference and Undefined Behavior vulnerability. This occurs when user-controllable input is unsafely...

8.8CVSS0.00395EPSS

Exploits1References3

CVE•added 2026/01/24 1:12 a.m.•11 views

CVE-2026-24410

Affected software: iccDEV. Vulnerable version(s): 2.3.1.1 and earlier. Root cause: Undefined Behavior and Null Pointer Deference in CIccProfileXml::ParseBasic() when user‑controllable input is unsafe in ICC profile data or related binary blobs. Impact (as stated): DoS, data manipulation, bypass o...

8.8CVSS5.5AI score0.0031EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/01/24 1:12 a.m.•30 views

CVE-2026-24410 iccDEV has Undefined Behavior and Null Pointer Deference in CIccProfileXml::ParseBasic()

7.1CVSS0.0031EPSS

Exploits1References3

EUVD•added 2026/01/24 1:12 a.m.•5 views

EUVD-2026-4605

7.1CVSS5.5AI score0.0031EPSS

Exploits1References3

Vulnrichment•added 2026/01/24 1:12 a.m.•1 views

CVE-2026-24410 iccDEV has Undefined Behavior and Null Pointer Deference in CIccProfileXml::ParseBasic()