CVE-2026-34548 iccDEV: UB at IccUtilXml.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in the XML conversion tooling path iccToXml caused by an implicit conversion from a negative signed integer to icUInt32Number unsigned...

CVE-2026-24411

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in CIccTagXmlSegmentedCurve::ToXml. This occurs when user-controllable input is unsafely incorporated into ICC profile data or oth...

CVE-2026-24411 iccDEV has Undefined Behavior and Null Pointer Deference in CIccTagXmlSegmentedCurve::ToXml()

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in CIccTagXmlSegmentedCurve::ToXml. This occurs when user-controllable input is unsafely incorporated into ICC profile data or oth...

PT-2026-4560

Name of the Vulnerable Software and Affected Versions iccDEV versions 2.3.1.1 and below Description iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below contain Undefined Behavior in the...

CVE-2026-21690

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in CIccTagXmlTagData::ToXml. This vulnerability affects users o...

CVE-2026-21692

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in ToXmlCurve at IccXML/IccLibXML/IccMpeXml.cpp. This...

CVE-2026-21690

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in CIccTagXmlTagData::ToXml. This vulnerability affects users o...

CVE-2026-21692 iccDEV has Type Confusion in ToXmlCurve() at IccXML/IccLibXML/IccMpeXml.cpp

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in ToXmlCurve at IccXML/IccLibXML/IccMpeXml.cpp. This...

iccDEV 安全漏洞

iccDEV is an open source color configuration code library from the International Color Consortium. A security vulnerability exists in iccDEV versions prior to 2.3.1.2, which stems from a type confusion in the CIccSegmentedCurveXml::ToXml function in the IccXML/IccLibXML/IccMpeXml.cpp file...

UBUNTU-CVE-2023-40074

In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

Apigee API Security policies howto

The Genesis of Apigee API Security Guidelines In today's digital epoch, APIs Application Programming Interfaces" have ascended to be the fundamental infrastructure underpinning software development - furnishing the medium for diverse software systems to interact and exchange data. Yet, with this...

pdftoxml heap buffer overflow vulnerability (CNVD-2021-89050)

pdftoxml is an open source PDF to XML converter. pdftoxml version 2.0 of the TextPage::dump function has a heap buffer overflow vulnerability. There is no detailed vulnerability details provided...

Pdf2xml 缓冲区错误漏洞

pdftoxml is an open source PDF to XML converter. pdftoxml version 2.0 of the TextPage::addAttributsNode function has a heap buffer overflow vulnerability. No detailed vulnerability details are currently available...

Pdf2xml 缓冲区错误漏洞

pdftoxml is an open source PDF to XML converter. pdftoxml version 2.0 of the TextPage::dump function has a heap buffer overflow vulnerability. There is no detailed vulnerability details provided...

pdf2xml 缓冲区错误漏洞

pdftoxml is an open source PDF to XML converter. pdftoxml version 2.0 has a stack buffer overflow vulnerability in the getObjectStream component. No detailed vulnerability details are available at this time...

PDF2JSON 资源管理错误漏洞

PDF2JSON is a conversion library based on XPDF 3.02 that can be used to convert PDF pages to JSON and XML formats on a page-by-page basis. PDF2JSON Gfx::doShowText has a security vulnerability. An attacker could exploit this vulnerability to cause a denial of service...

Design/Logic Flaw

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on...

Decoder++ - An Extensible Application For Penetration Testers And Software Developers To Decode/Encode Data Into Various Formats

An extensible application for penetration testers and software developers to decode/encode data into various formats. Setup Decoder++ can be either installed by using pip or by pulling the source from this repository: Install using pip pip3 install decoder-plus-plus Overview This section provides...

Researcher Hijacks a Microsoft Service Using Loophole in Azure Cloud Platform

A cybersecurity professional today demonstrated a long-known unpatched weakness in Microsoft's Azure cloud service by exploiting it to take control over Windows Live Tiles , one of the key features Microsoft built into Windows 8 operating system. Introduced in Windows 8, the Live tiles feature wa...

Integer overflow

An exploitable integer-overflow vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will attempt to convert each character from a font into a polygon and then attempt to rasterize these shapes. As the application attempts to iterate through the rows and...