Lucene search
+L

12 matches found

Cvelist
Cvelist
added 2026/01/28 9:5 p.m.33 views

CVE-2026-24856 iccDEV has UB runtime error in <icTagTypeSignature>

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Versions prior to 2.3.1.2 have an undefined behavior issue when floating-point NaN values are converted to unsigned short integer types during ICC profile X...

7.8CVSS0.00222EPSS
Exploits1References4
Amazon
Amazon
added 2025/12/08 12:0 a.m.6 views

Medium: exiv2

Issue Overview: Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted...

5.5CVSS6.5AI score0.00226EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.6 views

PT-2025-35224

Name of the Vulnerable Software and Affected Versions Exiv2 versions prior to 0.28.6 Description Exiv2 is a C++ library and a command-line utility used to read, write, delete, and modify image metadata Exif, IPTC, XMP, and ICC. A denial-of-service issue was identified in the ICC profile parsing...

5.5CVSS5.9AI score0.00226EPSS
Exploits1References69
Zero Day Initiative
Zero Day Initiative
added 2022/09/19 12:0 a.m.9 views

Apple macOS vImage ICC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

3.3CVSS3.1AI score
Exploits0
OpenVAS
OpenVAS
added 2013/09/18 12:0 a.m.26 views

Debian Security Advisory DSA 2595-1 (ghostscript - integer overflow)

Marc Schoenefeld discovered that an integer overflow in the ICC parsing code of Ghostscript can lead to the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb25951.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory DSA 2595-1 using nvtgen 1.0 Script version: 1.0...

6.8CVSS0.4AI score0.07486EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/09/18 12:0 a.m.11 views

Debian: Security Advisory (DSA-2595-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.07486EPSS
Exploits0References3
OSV
OSV
added 2012/12/30 12:0 a.m.15 views

DSA-2595-1 ghostscript - buffer overflow

Bulletin has no description...

6.8CVSS6.3AI score0.07486EPSS
Exploits0
OpenVAS
OpenVAS
added 2011/03/04 12:0 a.m.29 views

Foxit Products ICC Parsing Integer Overflow Vulnerability

The host is installed with Foxit Products and is prone to integer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbfoxitprdtsintoverflowvuln.nasl 3117 2016-04-19 10:19:37Z benallard $ Foxit Products ICC Parsing Integer Overflow Vulnerability Authors: Madhuri D Copyright: Copyright c 2011...

9.3CVSS1.1AI score0.06189EPSS
Exploits1References2
seebug.org
seebug.org
added 2011/03/02 12:0 a.m.37 views

Foxit Reader ICC解析远程整数溢出漏洞

BUGTRAQ ID: 46565 CVE ID: CVE-2011-0332 Foxit Reader是一款小型的PDF文档查看器和打印程序。 Foxit Reader在实现上存在ICC解析远程整数溢出漏洞,攻击者可利用此漏洞在受影响应用程序中执行任意代码,造成拒绝服务。 此漏洞源于在解析某些ICC块时的整数溢出错误,可通过特制的文件造成堆缓冲区溢出。 Foxit Foxit Reader 4.3.1.0118 厂商补丁: Foxit ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

9.3CVSS6.4AI score0.06189EPSS
Exploits1
securityvulns
securityvulns
added 2011/02/11 12:0 a.m.69 views

ZDI-11-073: Adobe Reader ICC Parsing Remote Code Execution Vulnerability

ZDI-11-073: Adobe Reader ICC Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-073 February 8, 2011 -- CVE ID: CVE-2011-0598 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Adobe -- Affected Products: Adobe Reader -- Vulnerability Details:...

9.3CVSS1.2AI score0.09839EPSS
Exploits0
securityvulns
securityvulns
added 2010/10/06 12:0 a.m.55 views

ZDI-10-191: Adobe Reader ICC Parsing Remote Code Execution Vulnerability

ZDI-10-191: Adobe Reader ICC Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-191 October 6, 2010 -- CVE ID: CVE-2010-3621 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Adobe -- Affected Products: Adobe Reader -- Vulnerability Details:...

9.3CVSS0.4AI score0.05707EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2010/10/06 12:0 a.m.46 views

Adobe Reader ICC Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required in that a target must be coerced into opening a file or visiting a web page. The specific flaw exists within the ACE.dll module responsible for parsing IC...

9CVSS7.1AI score0.05707EPSS
Exploits0References1
Rows per page
Query Builder