wireshark: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Wireshark

A flaw was found in Wireshark. A path traversal can occur when a malformed configuration profile is imported, resulting in a denial of service or potentially in code execution...

CVE-2026-5656

A flaw was found in Wireshark. A path traversal can occur when a malformed configuration profile is imported, resulting in a denial of service or potentially in code execution. Mitigation To mitigate this flaw, do not import configuration profiles from untrusted or unverified sources...

CVE-2026-34541 iccDEV: UB in CIccCombinedConnectionConditions::CIccCombinedConnectionConditions()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB via a null-pointer member call in CIccCombinedConnectionConditions::CIccCombinedConnectionConditions reported by UBSan as...

CVE-2026-34541

iccDEV contains a vulnerability in CIccCombinedConnectionConditions() triggered by a crafted ICC profile. Prior to version 2.3.1.6, a malformed .icc profile can cause Undefined Behavior via a null-pointer member call when iccApplyNamedCmm is run with -PCC. The issue is addressed in version 2.3.1....

PT-2026-29389

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB via a null-pointer member call in CIccCombinedConnectionConditions::CIccCombinedConnectionConditions reported by UBSan as...

CVE-2026-25583

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow vulnerability in CIccFileIO::Read8 when processing malformed ICC profile files via unchecked fread...

CVE-2026-25585 iccDEV vulnerable to OOB in CIccXform3DLut::Apply()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a vulnerability IccCmm.cpp:5793 when reading through index during ICC profile processing. The malformed ICC profile...

CVE-2026-25584 iccDEV vulnerable to Stack-based Buffer Overflow in CIccTagFloatNum::GetValues()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a stack-buffer-overflow vulnerability in CIccTagFloatNum::GetValues. This is triggered when processing a malformed ICC...

CVE-2026-25584

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a stack-buffer-overflow vulnerability in CIccTagFloatNum::GetValues. This is triggered when processing a malformed ICC...

UBUNTU-CVE-2013-7455

Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler...