Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13 matches found

RedhatCVE
RedhatCVEadded 2026/04/01 11:0 p.m.1 views

CVE-2026-34556

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow HBO in icAnsiToUtf8 in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8std::string&, char const ...

6.2CVSS5.9AI score0.00017EPSS
Exploits1References1
NVD
NVDadded 2026/03/31 11:17 p.m.3 views

CVE-2026-34554

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

6.2CVSS0.00017EPSS
Exploits1References3
NVD
NVDadded 2026/03/31 11:17 p.m.1 views

CVE-2026-34550

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccProfLib/IccIO.cpp caused by an implicit conversion from a negative signed integer to sizet unsigned, which changes the value. Th...

6.2CVSS0.00017EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/03/31 10:19 p.m.2 views

CVE-2026-34554

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

6.2CVSS5.7AI score0.00017EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2026/03/31 10:19 p.m.20 views

CVE-2026-34554 iccDEV: HBO in CIccApplyCmmSearch::costFunc()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

6.2CVSS0.00017EPSS
Exploits1References3
EUVD
EUVDadded 2026/03/31 10:19 p.m.4 views

EUVD-2026-17719

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

6.2CVSS5.7AI score0.00017EPSS
Exploits1References3
NVD
NVDadded 2026/03/31 10:16 p.m.0 views

CVE-2026-34542

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...

6.2CVSS0.00017EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/03/31 10:11 p.m.1 views

CVE-2026-34549 iccDEV: UB at IccUtil.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccUtil.cpp triggered by a crafted input profile. Under UndefinedBehaviorSanitizer, the issue is reported as invalid left shift...

6.2CVSS5.8AI score0.00017EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/03/31 10:5 p.m.0 views

CVE-2026-34542

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...

6.2CVSS5.8AI score0.00017EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2026/03/31 10:4 p.m.1 views

CVE-2026-34541

iccDEV contains a vulnerability in CIccCombinedConnectionConditions() triggered by a crafted ICC profile. Prior to version 2.3.1.6, a malformed .icc profile can cause Undefined Behavior via a null-pointer member call when iccApplyNamedCmm is run with -PCC. The issue is addressed in version 2.3.1....

6.2CVSS5.8AI score0.00006EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2026/03/31 10:0 p.m.3 views

CVE-2026-34537

iccDEV is affected prior to version 2.3.1.6. A crafted ICC profile can trigger Undefined Behavior in CIccOpDefEnvVar::Exec() due to invalid enum values loaded for icSigCmmEnvVar, observable under UBSan as load of value not a valid value for type icSigCmmEnvVar. The issue has been patched in versi...

6.2CVSS5.8AI score0.00017EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2026/03/31 9:59 p.m.1 views

CVE-2026-34536 iccDEV: SO in SIccCalcOp::ArgsUsed()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack overflow SO in SIccCalcOp::ArgsUsed. The issue is observable under AddressSanitizer as a stack-overflow when iccApplyProfiles processes ...

6.2CVSS5.8AI score0.00006EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/03/31 12:0 a.m.1 views

PT-2026-29390

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...

6.2CVSS5.8AI score0.00017EPSS
Exploits1References6
Rows per page
Query Builder