99 matches found
CVE-2026-42798
Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...
OESA-2026-2327 lcms2 security update
LittleCMS intends to be an OPEN SOURSE small-footprint color management engine,with special focus on accuracy and performence.It uses the International Color Consortium standard ICC, which is the modern standard when regarding to color management. The ICC specification is widely used and is...
Ubuntu 25.10 / 26.04 LTS : Little CMS vulnerability (USN-8250-1)
The remote Ubuntu 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8250-1 advisory. It was discovered that Little CMS incorrectly handled certain malformed ICC profiles. An attacker could possibly use this issue to cause Little CMS to...
USN-8250-1: Little CMS vulnerability
It was discovered that Little CMS incorrectly handled certain malformed ICC profiles. An attacker could possibly use this issue to cause Little CMS to crash, resulting in a denial of service...
UBUNTU-CVE-2026-42798
Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...
SUSE CVE-2026-42798
Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...
CVE-2026-42798
Little CMS (lcms2) versions 2.16–2.18 before 2.19 have an integer overflow in ParseCube within cmscgats.c. The provided documents do not include exploit details or explicit remediation steps. References show a version delta toward 2.19 (lcms2.18...lcms2.19), but the materials do not state a confi...
CVE-2026-42798
Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...
CVE-2026-41254
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
UBUNTU-CVE-2026-41254
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
CVE-2026-41254
Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...
CVE-2026-41254
Little CMS (lcms2) up to version 2.18 contains an integer overflow in CubeSize within cmslut.c because the overflow check is performed after the multiplication. This is documented across multiple sources (NVD/NIST, CVE-2026-41254; Ubuntu USN-8209-1; Alpine/FreeBSD/Debian advisories). Ubuntu advis...
Little CMS 安全漏洞
Little CMS either lcms or liblcms is an open-source color management system developed by Marti Maria. This system offers features such as black-point compensation, processing of various pixel formats, and configuration file editing. Versions of Little CMS prior to 2.18 contained a security...
EUVD-2013-4085
Malware in sbrugna...
Little CMS 安全漏洞
Little CMS lcms or liblcms is an open source color management system by the individual developer Marti Maria. The system provides black point compensation, handling of multiple pixel formats, profile editing, and other features. A security vulnerability exists in Little CMS version 2.16, which...
Linux Distros Unpatched Vulnerability : CVE-2018-16435
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow...
K13500115: Little CMS (aka lcms2) vulnerability CVE-2016-10165
Security Advisory Description The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. CVE-2016-10165 Impact There is no...
SUSE CVE-2013-4160
Little CMS lcms2 before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service NULL pointer dereference and crash via vectors related to 1 cmsStageAllocLabV2ToV4curves, 2 cmsPipelineDup, 3 cmsAllocProfileSequenceDescription, 4 CurvesAlloc, and ...
SUSE CVE-2016-10165
The TypeMLURead function in cmstypes.c in Little CMS aka lcms2 allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read...
Ubuntu: Security Advisory (USN-3770-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...