1269 matches found
(0Day) Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the execglobals parameter provided to the validate endpoint. The issue results...
CVE-2026-21686
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLutAtoB::Validate. This vulnerability affects users of the iccDEV...
EUVD-2026-1392
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLutAtoB::Validate. This vulnerability affects users of the iccDEV...
CVE-2026-21686 iccDEV has Undefined Behavior in CIccTagLutAtoB::Validate()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLutAtoB::Validate. This vulnerability affects users of the iccDEV...
CVE-2026-21686
CVE-2026-21686 affects iccDEV: prior to 2.3.1.2, there is Undefined Behavior in CIccTagLutAtoB::Validate() when processing ICC color profiles. A patch exists in version 2.3.1.2. Affected users should upgrade to 2.3.1.2 or later. Public references consistently describe the issue as an undefined be...
CVE-2026-21686 iccDEV has Undefined Behavior in CIccTagLutAtoB::Validate()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLutAtoB::Validate. This vulnerability affects users of the iccDEV...
CVE-2026-21676
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have a Heap-based Buffer Overflow in its CIccMBB::Validate function which checks tag data validity. This issue is fixed in version 2.3.1.1...
iccDEV 安全漏洞
iccDEV is an open source color configuration codebase from the International Color Consortium. A security vulnerability exists in iccDEV versions prior to 2.3.1.2, which stems from undefined behavior in the CIccTagLutAtoB::Validate function...
PT-2026-2083
Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 contain Undefined Behavior in the...
Exploit for Code Injection in Hpe Oneview
ExploitCVE-2025-37164 ! This Script is made for educationa...
CVE-2026-21494
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...
CVE-2026-21490
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...
CVE-2026-21490 iccDEV has heap buffer overflow in CIccTagLut16::Validate()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...
EUVD-2026-1144
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...
CVE-2026-21490
The CVE-2026-21490 vulnerability affects iccDEV prior to version 2.3.1.2 and causes a heap buffer overflow in CIccTagLut16::Validate(). A patch exists in 2.3.1.2; upgrade to 2.3.1.2 or later to remediate. No additional exploit details are provided in the supplied documents.
CVE-2026-21490 iccDEV has heap buffer overflow in CIccTagLut16::Validate()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...
CVE-2026-21494 iccDEV has heap buffer overflow in CIccTagLut8::Validate()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...
CVE-2026-21494 iccDEV has heap buffer overflow in CIccTagLut8::Validate()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...
CVE-2026-21494
The vulnerability CVE-2026-21494 affects iccDEV prior to 2.3.1.2, where a heap buffer overflow occurs in CIccTagLut8::Validate() when processing ICC color profiles. A patch exists in version 2.3.1.2. No public workarounds are documented in the provided sources. Remediation is to upgrade to 2.3.1....
Improper Authentication
Signal K Server is vulnerable to Improper Authentication. The vulnerability is due to unauthenticated modification of internal server state via the /skServer/validateBackup endpoint, which allows an attacker to overwrite critical configuration files and hijack the administrator restore process to...