CVE-2026-22255

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in CIccCLUT::Init at IccProfLib/IccTagLut.cpp. This...

CVE-2026-22255

CVE-2026-22255 affects iccDEV. Versions prior to 2.3.1.2 contain a heap-buffer-overflow in CIccCLUT::Init() within IccProfLib/IccTagLut.cpp, impacting users processing ICC color profiles. Version 2.3.1.2 includes a patch. No workarounds are documented. Exploitation details are not provided in the...

Moderate Photon OS Security Update - PHSA-2026-4.0-0942

Updates of 'rubygem-aws-sdk-s3', 'aws-sdk-cpp' packages of Photon OS have been released...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-1350)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1350 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix NULL dereference on q-elevator in blkmqelvswitchnone CVE-2023-53292 In the Linux kernel, the following...

EUVD-2026-1387

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in CIccTag:IsTypeCompressed. This vulnerability affects users o...

EUVD-2026-1391

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLut16::Read. This vulnerability affects users of the iccDEV libra...

CVE-2026-21684 iccDEV has Undefined Behavior in CIccTagSpectralViewingConditions()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagSpectralViewingConditions. This vulnerability affects users of th...

CVE-2026-21680 iccDEV has Null Pointer Dereference in CIccProfile::CheckTagTypes()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a NULL pointer dereference vulnerability. This vulnerability affects users of the iccDEV libra...

Explore the latest Microsoft Incident Response proactive services for enhanced resilience

As cyberthreats become faster, harder to detect, and more sophisticated, organizations must focus on building resilience—strengthening their ability to prevent, withstand, and recover from cybersecurity incidents. Resilience can mean the difference between containing an incident with minimal...

CVE-2019-12246

SilverStripe through 4.3.3 allows a Denial of Service on flush and development URL tools...

binary-exploitation-labs

Binary Exploitation Labs This repository is my long-term pu...

PT-2026-2072

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools used for interacting with, manipulating, and applying ICC color management profiles. A null pointer dereference issue exists in the CIccProfileXml::ParseBasic...

PT-2026-2090

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. A Type Confusion issue exists in the CIccSegmentedCurveXml::ToXml function...

PT-2026-2063

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools used for interacting with, manipulating, and applying ICC color management profiles. Versions prior to 2.3.1.2 are susceptible to a NULL pointer dereference...

MalwareAnalysisProject

MalwareAnalysisProject Introduction to exploit development wit...

EUVD-2026-1156

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Type Confusion in its CIccSingleSampledeCurveXml class during XML Curve Serialization. This issue is fixed in version 2.3.1.2...

CVE-2026-21486

iccDEV is affected in versions 2.3.1.1 and earlier, where the CIccSparseMatrix::CIccSparseMatrix function contains Use After Free, Heap-based Buffer Overflow, Integer Overflow/Wraparound, and Out-of-bounds Write vulnerabilities. The issue is fixed in version 2.3.1.2. Affected products: iccDEV lib...

PT-2026-1409

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below contain issues including an Out-of-bounds Read, Use of Out-of-range Pointer Offset,...

PT-2026-1394

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.1 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have a memory leak in the XML MPE Parsing Path iccFromXml. Recommendations Update to...

UBUNTU-CVE-2025-65110

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Prior to versions 6.1.2 and 5.6.3, applications meeting two conditions are at risk of arbitrary JavaScript code execution, even if "safe mode" expressionInterpreter is used...