CRITICAL9.8CVE-2013-7455Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers… from 0, < 2.6-1
HIGH7.5CVE-2026-41254Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplic… from 0, < 2.12~rc1-2+deb11u1
HIGH7.5CVE-2025-29070A heap buffer overflow vulnerability has been identified in thesmooth2() in cmsgamma.c in lcms2-2.16 which allows a remote attacker to caus… from 0
HIGH7.1lcms2 - security update
from 0, < 2.2+git20110628-2.2+deb7u2
HIGH7.1lcms2 - security update
from 0, < 2.6-3+deb8u1
HIGH7.1lcms2 - security update
from 0, < 2.8-4
MEDIUM5.5lcms2 - security update
from 0, < 2.8-4+deb9u1
MEDIUM5.5lcms2 - security update
from 0, < 2.9-3
MEDIUM5.5lcms2 - security update
from 0, < 2.6-3+deb8u2
MEDIUM4.0Little CMS (lcms2) 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c.
from 0, < 2.16-2+deb13u2
—Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unkno…
from 0, < 2.6-1
—Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL…
from 0, < 2.2+git20110628-2.3