6.3
CVE-2025-58441 - Knowage is vulnerable to blind server-side request forgery (SSRF)
Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, there is a blind server-side request forgery vulnerability. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not able to read the response, the impact of โฆ
5.3
CVE-2026-22539 - INFORMATION DISCLOSURE VIA CURL REQUESTS (OCPP)
As the service interaction is performed without authentication, an attacker with some knowledge of the protocol could obtain information about the charger via OCPP v1.6.
8.8
CVE-2026-21679 - iccDEV has heap-buffer-overflow vulnerability in CIccLocalizedUnicode::GetText()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap-buffer-overflow in CIccLocalizedUnicode::GetText(). This issue has been patched in version 2.3.1.2.
7.8
CVE-2026-21678 - iccDEV has heap-buffer-overflow vulnerability on IccTagXml()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap-buffer-overflow vulnerability in IccTagXml(). This issue has been patched in version 2.3.1.2.
5.5
CVE-2026-21506 - iccDEV is Vulnerable to Null Pointer Dereference in CIccProfileXml::ParseBasic() Leading to Denial โฆ
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to Null pointer dereference in CIccProfileXml::ParseBasic(), leading to denial of service. This issue has been โฆ
5.5
CVE-2026-21505 - iccDEV has Undefined Behavior (UB) - Invalid Enum Value
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to an invalid enum value. This issue has been patched in version 2.3.1.2.
6.1
CVE-2026-21503 - iccDEV has Undefined Behavior - Null Pointer Passed to memcpy() in CIccTagSparseMatrixArray
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to a null pointer passed to memcpy() in CIccTagSparseMatrixArray. This issue has been patched in vโฆ
6.6
CVE-2026-21504 - Heap Buffer Overflow in iccDEV ToneMap Parser
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap buffer overflow in the ToneMap parser. This issue has been patched in version 2.3.1.2.
5.5
CVE-2026-21501 - Stack Overflow in iccDEV Calculator Parser
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to stack overflow in the calculator parser. This issue has been patched in version 2.3.1.2.
5.5
CVE-2026-21502 - NULL Pointer Dereference in iccDEV XML Tag Parser
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML tag parser. This issue has been patched in version 2.3.1.2.