Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2026/02/25 12:0 a.m.3 views

iccDEV 缓冲区错误漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.4 contained a buffer error vulnerability. This vulnerability occurred during the parsing of XML text description tags for the CIccTagTextDescription::Releas...

7.1CVSS6.1AI score0.0002EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2026/01/08 3:14 a.m.3 views

CVE-2026-21491

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...

6.1CVSS7.2AI score0.00028EPSS
Exploits1References1
NVD
NVDadded 2026/01/06 7:16 p.m.5 views

CVE-2026-21491

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...

7.1CVSS0.00028EPSS
Exploits1References4
CVE
CVEadded 2026/01/06 7:7 p.m.6 views

CVE-2026-21491

CVE-2026-21491 affects iccDEV libraries prior to version 2.3.1.2. The vulnerability is a Unicode buffer overflow in CIccTagTextDescription when processing ICC color profiles. Version 2.3.1.2 contains a patch; no workarounds are noted in the provided documents. Remediate by upgrading to 2.3.1.2 or...

7.1CVSS6.9AI score0.00028EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2017/01/20 3:59 p.m.1 views

DEBIAN-CVE-2016-9435

The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to tags...

6.5CVSS7.1AI score0.0141EPSS
Exploits0References1
seebug.org
seebug.orgadded 2009/12/03 12:0 a.m.32 views

Firefox Sage扩展RSS源跨域脚本执行漏洞

BUGTRAQ ID: 37120 CVECAN ID: CVE-2009-4102 Sage是Firefox所使用的轻型RSS和Atom源汇集器扩展。 Sage没有正确地过滤RSS源中的description标签输入便用于渲染内容,用户受骗订阅了恶意的RSS源就会导致以chrome:权限执行任意脚本代码。 Mozilla Sage 1.4.3 厂商补丁: Mozilla ------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: https://addons.mozilla.org/en-US/firefox/addon/77...

9.3CVSS1.4AI score0.01455EPSS
Exploits1
seebug.org
seebug.orgadded 2009/12/03 12:0 a.m.22 views

Firefox infoRSS扩展RSS源跨域脚本执行漏洞

BUGTRAQ ID: 37091 CVECAN ID: CVE-2009-4101 infoRSS是一款可以在状态栏显示RSS源的Firefox扩展。 infoRSS扩展没有正确地过滤RSS源中的description标签输入便用于渲染内容,用户受骗订阅了恶意的RSS源就会导致以chrome:权限执行任意脚本代码。 Mozilla infoRSS 1.1.4.2 厂商补丁: Mozilla ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

9.3CVSS6.5AI score0.01297EPSS
Exploits1
Rows per page
Query Builder