Color

Iccdev

84 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2026-25582

Exploit
  • EPSS 0.01%
  • Veröffentlicht 04.02.2026 22:16:01
  • Zuletzt bearbeitet 18.02.2026 18:48:30

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow (read) vulnerability in CIccIO::WriteUInt16Float() ...

7.8

CVE-2026-25583

Exploit
  • EPSS 0.01%
  • Veröffentlicht 04.02.2026 22:16:01
  • Zuletzt bearbeitet 18.02.2026 18:47:01

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow vulnerability in CIccFileIO::Read8() when processin...

7.8

CVE-2026-25585

Exploit
  • EPSS 0.01%
  • Veröffentlicht 04.02.2026 22:13:30
  • Zuletzt bearbeitet 18.02.2026 18:12:31

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a vulnerability IccCmm.cpp:5793 when reading through index during ICC prof...

7.8

CVE-2026-25502

Exploit
  • EPSS 0.02%
  • Veröffentlicht 03.02.2026 18:36:36
  • Zuletzt bearbeitet 10.02.2026 16:18:43

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, stack-based buffer overflow in icFixXml() function when processing malformed ICC pr...

7.1

CVE-2026-25503

Exploit
  • EPSS 0.06%
  • Veröffentlicht 03.02.2026 18:36:29
  • Zuletzt bearbeitet 10.02.2026 16:18:55

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, type confusion allowed malformed ICC profiles to trigger undefined behavior when lo...

7.8

CVE-2026-24856

Exploit
  • EPSS 0.02%
  • Veröffentlicht 28.01.2026 21:16:13
  • Zuletzt bearbeitet 03.02.2026 14:07:59

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Versions prior to 2.3.1.2 have an undefined behavior issue when floating-point NaN values are converted to un...

8.1

CVE-2026-24852

  • EPSS 0.01%
  • Veröffentlicht 28.01.2026 00:27:11
  • Zuletzt bearbeitet 03.02.2026 14:26:13

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen() function attempts to read a non-null-term...

8.8

CVE-2026-24412

Exploit
  • EPSS 0.17%
  • Veröffentlicht 24.01.2026 01:27:42
  • Zuletzt bearbeitet 30.01.2026 18:25:05

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml() function. This occurs whe...

8.8

CVE-2026-24411

Exploit
  • EPSS 0.2%
  • Veröffentlicht 24.01.2026 01:16:31
  • Zuletzt bearbeitet 30.01.2026 18:25:00

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in CIccTagXmlSegmentedCurve::ToXml(). This occurs when user-controllable input is u...

8.8

CVE-2026-24410

Exploit
  • EPSS 0.17%
  • Veröffentlicht 24.01.2026 01:12:32
  • Zuletzt bearbeitet 30.01.2026 18:24:57

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior and Null Pointer Deference in CIccProfileXml::ParseBasic(). This occurs when user-c...