📦 Iccdev
by Color
🔍 What is Iccdev?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2026-21675 is a use-after-free vulnerability in iccDEV's CIccXform::Create() function that can lead to arbitrary code execution. This affects applications using iccDEV libraries for ICC color prof...
A heap buffer overflow vulnerability in iccDEV allows reading past allocated memory boundaries when parsing ICC profile XML text description tags. This can cause application crashes and potentially al...
This CVE describes a buffer overlap vulnerability in iccDEV's CIccTagMultiProcessElement::Apply() function where SrcPixel and DestPixel stack buffers overlap, potentially allowing memory corruption. T...
This vulnerability in iccDEV allows attackers to trigger an out-of-bounds read by providing a malformed ICC color profile. This can lead to memory disclosure or cause the application to crash with a s...
A heap buffer overflow vulnerability in iccDEV's CIccIO::WriteUInt16Float() function allows attackers to cause denial of service or potentially execute arbitrary code by providing malformed XML input ...
A heap buffer overflow vulnerability exists in iccDEV's CIccFileIO::Read8() function when processing malformed ICC profile files. This allows attackers to execute arbitrary code or cause denial of ser...
A stack-buffer-overflow vulnerability in iccDEV's CIccTagFloatNum::GetValues() function allows memory corruption when processing malformed ICC color profiles. This could lead to information disclosure...
A memory corruption vulnerability in iccDEV library versions before 2.3.1.2 allows arbitrary code execution when processing malicious ICC color profiles. This affects any application using iccDEV for ...
CVE-2026-24410 is a vulnerability in iccDEV's ICC color management profile libraries where improper input validation in CIccProfileXml::ParseBasic() leads to undefined behavior and null pointer derefe...
CVE-2026-24411 is an undefined behavior vulnerability in iccDEV's CIccTagXmlSegmentedCurve::ToXml() function that allows attackers to perform denial of service, manipulate data, bypass application log...
A heap buffer overflow vulnerability in iccDEV's CIccTagXmlSegmentedCurve::ToXml() function allows attackers to execute arbitrary code or cause denial of service by supplying malicious ICC profile dat...
This vulnerability in iccDEV allows attackers to exploit undefined behavior and null pointer dereferences when processing user-controlled ICC color profiles. Successful exploitation could lead to deni...
CVE-2026-24406 is a heap buffer overflow vulnerability in iccDEV's CIccTagNamedColor2::SetSize() function that allows attackers to execute arbitrary code or cause denial of service. This affects any a...
CVE-2026-24407 is an undefined behavior vulnerability in iccDEV's icSigCalcOp() function that allows attackers to manipulate ICC color profile data. Successful exploitation could lead to denial of ser...
An integer overflow vulnerability in iccDEV's CIccProfile::CheckHeader() function allows attackers to trigger memory corruption or denial of service by manipulating ICC profile data. This could potent...
A null pointer dereference vulnerability in iccDEV's CIccXmlArrayType() function allows attackers to cause denial of service, manipulate data, bypass application logic, or potentially execute arbitrar...
A heap buffer overflow vulnerability in iccDEV's CIccMpeCalculator::Read() function allows attackers to execute arbitrary code or cause denial of service by providing malicious ICC profile data. This ...
A heap-buffer-overflow vulnerability in iccDEV's CIccCLUT::Init() function allows attackers to execute arbitrary code or cause denial of service by processing malicious ICC color profiles. This affect...
A heap-buffer-overflow vulnerability in iccDEV's SIccCalcOp::Describe() function allows attackers to execute arbitrary code or cause denial of service by processing malicious ICC color profiles. This ...
A type confusion vulnerability in iccDEV's ToXmlCurve() function allows attackers to potentially execute arbitrary code or cause denial of service by processing malicious ICC color profiles. This affe...
A type confusion vulnerability in iccDEV's SIccCalcOp::ArgsPushed() function allows attackers to potentially execute arbitrary code or cause denial of service by processing malicious ICC color profile...
CVE-2026-21693 is a type confusion vulnerability in iccDEV's CIccSegmentedCurveXml::ToXml() function that could allow memory corruption when processing malicious ICC color profiles. This affects appli...
A heap-buffer-overflow vulnerability in iccDEV's CIccProfileXml::ParseBasic() function allows attackers to execute arbitrary code or cause denial of service by processing malicious ICC color profiles....
This vulnerability involves undefined behavior in the CIccTagLut16::Read() function of the iccDEV library, which could lead to memory corruption when processing ICC color profiles. It affects any appl...
This vulnerability involves undefined behavior in the CIccTagLutAtoB::Validate() function of the iccDEV library, which could lead to crashes, memory corruption, or potential code execution when proces...
CVE-2026-21687 is an undefined behavior vulnerability in the CIccTagCurve constructor of the iccDEV library that processes ICC color profiles. This could lead to memory corruption, crashes, or potenti...
A type confusion vulnerability in iccDEV's CIccEvalCompare::EvaluateProfile() function allows attackers to execute arbitrary code or cause denial of service by processing malicious ICC color profiles....
This vulnerability involves undefined behavior in the CIccTagSpectralViewingConditions() function of the iccDEV library, which could lead to crashes, memory corruption, or potential code execution whe...
CVE-2026-21681 is an undefined behavior runtime error in iccDEV library versions before 2.3.1.2 that could lead to crashes or potentially arbitrary code execution when processing ICC color profiles. T...
CVE-2026-21682 is a heap buffer overflow vulnerability in iccDEV's CIccXmlArrayType::ParseText() function that allows attackers to execute arbitrary code or cause denial of service by processing malic...
CVE-2026-21678 is a heap-buffer-overflow vulnerability in the IccTagXml() function of iccDEV, a library for ICC color management profiles. It allows attackers to potentially execute arbitrary code or ...
CVE-2026-21679 is a heap buffer overflow vulnerability in iccDEV's CIccLocalizedUnicode::GetText() function that could allow attackers to execute arbitrary code or cause denial of service. This affect...
This vulnerability involves integer overflow/underflow in the CIccXmlArrayType::ParseTextCountNum() function of iccDEV library, which could allow memory corruption when processing malicious ICC color ...
CVE-2026-21507 is an infinite loop vulnerability in the CalcProfileID function of iccDEV's IccProfile.cpp. This allows attackers to cause denial of service by triggering resource exhaustion. Users of ...
A heap buffer over-read vulnerability in iccDEV library versions before 2.3.1.2 allows attackers to potentially leak heap memory contents and cause application crashes when processing malicious ICC co...
CVE-2026-21690 is a type confusion vulnerability in iccDEV's CIccTagXmlTagData::ToXml() function that could allow memory corruption when processing malicious ICC color profiles. This affects applicati...
A type confusion vulnerability in iccDEV's CIccTag::IsTypeCompressed() function allows attackers to potentially execute arbitrary code or cause denial of service by processing malicious ICC color prof...
A type confusion vulnerability in iccDEV's CIccProfileXml::ParseBasic() function allows attackers to potentially execute arbitrary code or cause denial of service by processing malicious ICC color pro...
A NULL pointer dereference vulnerability in iccDEV library versions before 2.3.1.2 can cause application crashes or denial of service when processing ICC color profiles. This affects any software usin...
CVE-2026-21501 is a stack overflow vulnerability in iccDEV's calculator parser that could allow attackers to execute arbitrary code or cause denial of service. This affects all systems using iccDEV li...
CVE-2026-21502 is a NULL pointer dereference vulnerability in iccDEV's XML tag parser that can cause application crashes or denial of service. This affects users of iccDEV libraries and tools for ICC ...
This vulnerability in iccDEV allows attackers to trigger undefined behavior by exploiting a null pointer passed to memcpy() in CIccTagSparseMatrixArray. This could potentially lead to crashes, memory ...
CVE-2026-21504 is a heap buffer overflow vulnerability in the ToneMap parser of iccDEV color management libraries. This allows attackers to execute arbitrary code or cause denial of service by process...
CVE-2026-21505 is an undefined behavior vulnerability in iccDEV color management libraries caused by an invalid enum value. This could potentially lead to crashes, memory corruption, or other unpredic...
This CVE describes a null pointer dereference vulnerability in iccDEV's CIccProfileXml::ParseBasic() function that can cause denial of service. Attackers can crash applications using vulnerable iccDEV...
A division by zero vulnerability exists in iccDEV's TIFF Image Reader component, which could cause application crashes or denial of service when processing malicious TIFF files. This affects all users...
CVE-2026-21496 is a NULL pointer dereference vulnerability in iccDEV's signature parser that can cause denial of service. This affects applications using iccDEV libraries for ICC color profile process...
A NULL pointer dereference vulnerability in iccDEV's unknown tag parser allows attackers to cause denial of service by crashing applications using the library. This affects all systems running iccDEV ...
A NULL pointer dereference vulnerability exists in iccDEV's XML calculator parser before version 2.3.1.2. This vulnerability could cause application crashes or denial of service when processing malici...
CVE-2026-21499 is a NULL pointer dereference vulnerability in iccDEV's XML parser that can cause application crashes or denial of service. This affects systems using iccDEV libraries for ICC color pro...
CVE-2026-21500 is a stack overflow vulnerability in iccDEV's XML calculator macro expansion that could allow attackers to execute arbitrary code or cause denial of service. This affects all systems us...
CVE-2026-21492 is a NULL pointer dereference vulnerability in iccDEV library versions before 2.3.1.2 that could cause application crashes or denial of service when processing malicious ICC color profi...
A heap buffer overflow vulnerability in iccDEV library's CIccTagLut8::Validate() function allows attackers to execute arbitrary code or cause denial of service by processing malicious ICC color profil...
A heap buffer overflow vulnerability in iccDEV library's CIccTagLut16::Validate() function allows attackers to execute arbitrary code or cause denial of service by processing malicious ICC color profi...
A buffer overflow vulnerability in iccDEV's CIccTagTextDescription function allows attackers to execute arbitrary code or crash applications by processing specially crafted ICC color profiles. This af...
CVE-2026-21674 is a memory leak vulnerability in iccDEV's XML parsing functionality (iccFromXml) that allows attackers to cause gradual memory exhaustion by repeatedly processing malicious XML files. ...