Lucene search
K

56 matches found

NVD
NVD
added 2026/07/01 7:16 p.m.7 views

CVE-2026-55510

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when identifying an image with a crafted 8BIM profile with a specific format string a use-after-free will occur. This issue has been fixed in versions 6.9.13-51...

5.5CVSS0.00103EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 7:16 p.m.3 views

UBUNTU-CVE-2026-55510

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when identifying an image with a crafted 8BIM profile with a specific format string a use-after-free will occur. This issue has been fixed in versions 6.9.13-51...

5.5CVSS5.7AI score0.00103EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/01 6:53 p.m.43 views

CVE-2026-55510

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when identifying an image with a crafted 8BIM profile with a specific format string a use-after-free will occur. This issue has been fixed in versions 6.9.13-51...

5.5CVSS5.7AI score0.00103EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 6:53 p.m.53 views

CVE-2026-55510

ImageMagick vulnerability CVE-2026-55510 affects the ImageMagick suite (ImageMagick) where a use-after-free can occur when identifying an image with a crafted 8BIM profile in a specific format string. The issue is triggered in affected builds prior to 6.9.13-51 and 7.1.2-26 and is fixed in those ...

5.5CVSS5.7AI score0.00103EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-40528

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c tha...

7.8CVSS6.2AI score0.00146EPSS
Exploits0References2
CVE
CVE
added 2026/05/29 1:38 p.m.35 views

CVE-2026-40528

OpenSC prior to 0.27.0 contains a stack and heap buffer overrun in do_key_value() (src/pkcs15init/profile.c). During pkcs15-init, a key value entry starting with '=' and exceeding the size of keybuf is copied via memcpy without length checking, causing memory corruption on both stack and heap. A ...

7.8CVSS5.9AI score0.00146EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/29 1:38 p.m.13 views

EUVD-2026-33320

OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry...

3.8CVSS5.9AI score0.00146EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.14 views

PT-2026-44841

Name of the Vulnerable Software and Affected Versions OpenSC versions prior to 0.27.0 Description A stack and heap buffer overrun occurs in the do key value function within src/pkcs15init/profile.c. This issue allows memory corruption when a crafted profile configuration file is supplied. During...

7.8CVSS5.5AI score0.00146EPSS
Exploits0References25
RedhatCVE
RedhatCVE
added 2026/04/01 11:1 p.m.7 views

CVE-2026-34535

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault SEGV in CIccTagArray::Cleanup. The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References1
NVD
NVD
added 2026/03/31 11:17 p.m.4 views

CVE-2026-34547

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, an Undefined Behavior UB condition in IccUtil.cpp can be triggered by a crafted ICC profile when running iccDumpProfile. This issue has been patched in version 2.3.1.6...

6.2CVSS0.00156EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/31 10:22 p.m.2 views

CVE-2026-34556

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow HBO in icAnsiToUtf8 in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8std::string&, char const ...

6.2CVSS5.9AI score0.00156EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/31 10:11 p.m.2 views

CVE-2026-34549

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccUtil.cpp triggered by a crafted input profile. Under UndefinedBehaviorSanitizer, the issue is reported as invalid left shift...

6.2CVSS5.8AI score0.00159EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/31 10:11 p.m.6 views

CVE-2026-34549 iccDEV: UB at IccUtil.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccUtil.cpp triggered by a crafted input profile. Under UndefinedBehaviorSanitizer, the issue is reported as invalid left shift...

6.2CVSS5.8AI score0.00159EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/31 10:8 p.m.4 views

EUVD-2026-17711

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, an Undefined Behavior UB condition in IccUtil.cpp can be triggered by a crafted ICC profile when running iccDumpProfile. This issue has been patched in version 2.3.1.6...

6.2CVSS5.7AI score0.00156EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/31 10:8 p.m.1 views

CVE-2026-34547 iccDEV: UB at IccUtil.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, an Undefined Behavior UB condition in IccUtil.cpp can be triggered by a crafted ICC profile when running iccDumpProfile. This issue has been patched in version 2.3.1.6...

6.2CVSS5.7AI score0.00156EPSS
Exploits1References3
OSV
OSV
added 2026/03/31 9:59 p.m.4 views

CVE-2026-34536 iccDEV: SO in SIccCalcOp::ArgsUsed()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack overflow SO in SIccCalcOp::ArgsUsed. The issue is observable under AddressSanitizer as a stack-overflow when iccApplyProfiles processes ...

6.2CVSS5.8AI score0.00222EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/31 9:58 p.m.7 views

CVE-2026-34535

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault SEGV in CIccTagArray::Cleanup. The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.8 views

PT-2026-29387

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile and TIFF input can trigger a heap-buffer-overflow HBO in CTiffImg::WriteLine. The issue is observable under AddressSanitizer as an out-of-bounds heap read...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.13 views

PT-2026-29384

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault SEGV in CIccTagArray::Cleanup. The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.5 views

SUSE CVE-2026-33623

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab v0.8.4 contains a Windows-only command injection issue in the orphaned Chrome cleanup path. When an instance is stopped, the Windows cleanup routine builds a PowerShell -Command string using a...

7.2CVSS6.3AI score0.02904EPSS
Exploits1References3
Rows per page
Query Builder