CVE-2026-21506

CVE-2026-21506 (iccDEV) concerns a null pointer dereference in CIccProfileXml::ParseBasic() affecting iccDEV versions prior to 2.3.1.2, leading toDenial of Service. The issue is confirmed across multiple sources (Red Hat advisory, NVD entry, CVE records) and is documented as a vulnerability in th...

PT-2026-2079

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. A heap-buffer-overflow exists in the CIccXmlArrayType::ParseText function fo...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000460)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000460 advisory. An issue was discovered in dlparparseccproperty in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000196)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000196 advisory. A memory leak in the predicateparse function in kernel/trace/traceeventsfilter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000509)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000509 advisory. An issue was discovered in the Linux kernel through 5.6.2. mpolparsestr in mm/mempolicy.c has a stack- based out-of-bounds write because an empty nodelist is...

iccDEV 安全漏洞

iccDEV is an open source color configuration code library from the International Color Consortium. A security vulnerability exists in iccDEV versions prior to 2.3.1.2, which stems from a heap buffer overflow in the CIccXmlArrayType::ParseText function...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000286)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000286 advisory. In uvcparsestandardcontrol of uvcdriver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure wi...

iccDEV 代码问题漏洞

iccDEV is an open source color configuration code library from International Color Consortium. A code issue vulnerability exists in iccDEV versions prior to 2.3.1.2, which stems from a null pointer dereference in CIccProfileXml::ParseBasic, which could result in a denial of service...

CVE-2026-21673

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have overflows and underflows in CIccXmlArrayType::ParseTextCountNum. This vulnerability affects users of the iccDEV library who process ICC color profiles. This issue is fixed in...

CVE-2026-21674 iccDEV has a Memory Leak in its CIccProfileXml::ParseTag() Error Path

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below contain a memory leak vulnerability in its XML MPE Parsing Path iccFromXml. This issue is fixed in version 2.3.1.1...

CVE-2026-21673 iccDEV has Integer Overflow/Underflow in CIccXmlArrayType::ParseTextCountNum()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have overflows and underflows in CIccXmlArrayType::ParseTextCountNum. This vulnerability affects users of the iccDEV library who process ICC color profiles. This issue is fixed in...

EUVD-2026-1148

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have overflows and underflows in CIccXmlArrayType::ParseTextCountNum. This vulnerability affects users of the iccDEV library who process ICC color profiles. This issue is fixed in...

Security update for glib2

This update for glib2 fixes the following issues: CVE-2025-14512: integer overflow in the GIO escapebytestring function when processing malicious files or remote filesystem attribute values can lead to denial-of-service bsc1254878. CVE-2025-14087: buffer underflow in the GVariant parser...

Linux Distros Unpatched Vulnerability : CVE-2023-54183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput i...

Important: glib2

Issue Overview: Buffer underflow on Glib through glib/gvariant via bytestringparse or stringparse leads to OOB Write. CVE-2025-14087 Affected Packages: glib2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

PT-2026-1034

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.7 Description A security issue exists in Open5GS. The ogs gtp2 parse bearer qos function within the Bearer QoS IE Length Handler component, located in lib/gtp/v2/types.c, is susceptible to manipulation, leading to...

PT-2026-27702

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the pinconf generic parse dt config function within the pin control subsystem. If the parse dt cfg function fails, the cleanup logic is bypassed, resulting in a...

PT-2026-5011

Name of the Vulnerable Software and Affected Versions GnuPG versions prior to 2.5.17 Description A long signature packet length can cause the parse signature function to return success while setting the sig-data pointer to a NULL value. This results in a denial of service, specifically an...

PT-2026-7041

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.22.0 Description FreeRDP, a Remote Desktop Protocol implementation, contains a flaw where the audin server recv formats function incorrectly calculates the number of audio formats to free upon parse failure...

PT-2026-4468

Name of the Vulnerable Software and Affected Versions google.protobuf affected versions not specified Description A denial-of-service DoS issue exists in the ParseDict function within google.protobuf.json format in Python. The vulnerability occurs because the max recursion depth limit can be...