Lucene search
K

24 matches found

RedhatCVE
RedhatCVE
added 2026/04/01 11:0 p.m.7 views

CVE-2026-34542

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/31 10:22 p.m.28 views

CVE-2026-34556 iccDEV: HBO in icAnsiToUtf8()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow HBO in icAnsiToUtf8 in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8std::string&, char const ...

6.2CVSS0.00156EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/31 10:22 p.m.4 views

CVE-2026-34556 iccDEV: HBO in icAnsiToUtf8()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow HBO in icAnsiToUtf8 in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8std::string&, char const ...

6.2CVSS5.9AI score0.00156EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/31 10:14 p.m.3 views

CVE-2026-34551 iccDEV: NPD in CIccTagLut16::Write()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a null-pointer dereference NPD in CIccTagLut16::Write can be triggered when processing a crafted ICC profile embedded in a TIFF and extracted during iccTiffDump. This issue has...

6.2CVSS5.7AI score0.00156EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/31 10:1 p.m.10 views

EUVD-2026-17703

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile and TIFF input can trigger a heap-buffer-overflow HBO in CTiffImg::WriteLine. The issue is observable under AddressSanitizer as an out-of-bounds heap read...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References3
CVE
CVE
added 2026/03/31 10:0 p.m.13 views

CVE-2026-34537

iccDEV is affected prior to version 2.3.1.6. A crafted ICC profile can trigger Undefined Behavior in CIccOpDefEnvVar::Exec() due to invalid enum values loaded for icSigCmmEnvVar, observable under UBSan as load of value not a valid value for type icSigCmmEnvVar. The issue has been patched in versi...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/03/31 9:57 p.m.28 views

CVE-2026-34534 iccDEV: HBO in CIccMpeSpectralMatrix::Describe()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in CIccMpeSpectralMatrix::Describe. The issue is observable under AddressSanitizer as an out-of-bounds heap read when...

6.2CVSS0.00116EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.29 views

EUVD-2025-21120

Malicious code in bioql PyPI...

2.3CVSS6.3AI score0.00278EPSS
Exploits0References1
OSV
OSV
added 2025/07/11 7:15 a.m.1 views

DEBIAN-CVE-2025-5992

When passing values outside of the expected range to QColorTransferGenericFunction it can cause a denial of service, for example, this can happen when passing a specifically crafted ICC profile to QColorSpace::fromICCProfile.This issue affects Qt from 6.6.0 through 6.8.3, from 6.9.0 through 6.9.1...

2.3CVSS5.3AI score0.00278EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.84 views

K13500115: Little CMS (aka lcms2) vulnerability CVE-2016-10165

Security Advisory Description The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. CVE-2016-10165 Impact There is no...

7.1CVSS7.2AI score0.02772EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2020/10/05 5:24 a.m.56 views

CVE-2016-10165

The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read...

5.8CVSS5.2AI score0.02772EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/12/18 12:0 a.m.33 views

EulerOS 2.0 SP3 : lcms2 (EulerOS-SA-2019-2601)

According to the version of the lcms2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service v...

7.1CVSS6.8AI score0.02772EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/11/27 6:4 p.m.3 views

lcms2: Out-of-bounds read in Type_MLU_Read()

The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read...

7.1CVSS7.4AI score0.02772EPSS
Exploits0References4
NVD
NVD
added 2017/02/03 7:59 p.m.19 views

CVE-2016-10165

The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read...

7.1CVSS7.3AI score0.02772EPSS
Exploits0References19
OSV
OSV
added 2017/02/03 7:59 p.m.22 views

CVE-2016-10165

The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read...

7.1CVSS6.9AI score
Exploits0References19
Prion
Prion
added 2017/02/03 7:59 p.m.23 views

Heap overflow

The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read...

5.8CVSS9AI score0.02772EPSS
Exploits0References19Affected Software14
OSV
OSV
added 2017/02/03 7:59 p.m.6 views

DEBIAN-CVE-2016-10165

The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read...

7.1CVSS6.8AI score0.02772EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/02/03 7:0 p.m.29 views

CVE-2016-10165

The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read...

7AI score0.02772EPSS
Exploits0References19
Debian CVE
Debian CVE
added 2017/02/03 7:0 p.m.34 views

CVE-2016-10165

The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read...

7.1CVSS7.3AI score0.02772EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/02/03 12:0 a.m.32 views

CVE-2016-10165

The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read...

7.1CVSS6.8AI score0.02772EPSS
Exploits0References5
Rows per page
Query Builder