159 matches found
[SECURITY] [DSA 6262-1] lcms2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6262-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 10, 2026 https://www.debian.org/security/faq -...
CVE-2026-41254 affecting package lcms2 for versions less than 2.15-2
CVE-2026-41254 affecting package lcms2 for versions less than 2.15-2. A patched version of the package is available...
[SECURITY] [DLA 4568-1] lcms2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4568-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 06, 2026 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...
UBUNTU-CVE-2026-42798
Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...
CVE-2026-42798
Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...
FreeBSD : lcms2 -- Integer overflow (ca62e49c-4150-11f1-95f7-00a098b42aeb)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ca62e49c-4150-11f1-95f7-00a098b42aeb advisory. https://github.com/mm2/Little-CMS/commit/da6110b1d14abc394633a388209abd5ebedd7ab0 reports: Little CMS...
ROOT-OS-DEBIAN-13-CVE-2026-41254 CVE-2026-41254 in rootio-lcms2 - Patched by Root
Root has patched CVE-2026-41254 in the rootio-lcms2 package for Root:Debian:13. Multiple fixed versions available...
UBUNTU-CVE-2026-41254
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
Medium: lcms2
Issue Overview: A heap buffer overflow vulnerability has been identified in thesmooth2 in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color...
Amazon Linux 2 : lcms2, --advisory ALAS2-2026-3192 (ALAS-2026-3192)
The version of lcms2 installed on the remote host is prior to 2.6-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3192 advisory. A heap buffer overflow vulnerability has been identified in thesmooth2 in cmsgamma.c in lcms2-2.16 which allows a remote attacker to...
Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-053 (ALASFIREFOX-2026-053)
The version of firefox installed on the remote host is prior to 140.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-053 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. Th...
Slackware Linux 15.0 / current lcms2 Vulnerability (SSA:2026-009-01)
The version of lcms2 installed on the remote host is prior to 2.18. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-009-01 advisory. New lcms2 packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding descriptio...
Slackware: Security Advisory (SSA:2026-009-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] lcms2
New lcms2 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/lcms2-2.18-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Fix for 469 heap buffer overflow on convertutf16toutf32...
EUVD-2025-9494
Malicious code in bioql PyPI...
EUVD-2025-9489
Malicious code in bioql PyPI...
ROOT-OS-DEBIAN-12-CVE-2025-29070 CVE-2025-29070 in rootio-lcms2 - Patched by Root
Root has patched CVE-2025-29070 in the rootio-lcms2 package for Root:Debian:12. Multiple fixed versions available...
CVE-2025-29070
A heap buffer overflow vulnerability has been identified in thesmooth2 in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color management, is there...
CVE-2025-29069
A heap buffer overflow vulnerability has been identified in the lcms2-2.16. The vulnerability exists in the UnrollChunkyBytes function in cmspack.c, which is responsible for handling color space transformations. NOTE: this is disputed by the Supplier because the finding identified a bug in a...
AZL-61816 CVE-2025-29070 affecting package openjpeg2 2.3.1-12
A heap buffer overflow vulnerability has been identified in thesmooth2 in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color management, is there...