Every CVE whose affected-product data names Littlecms Lcms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2008-5316 — CVSS 10.0 (critical): Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to…
CVE-2008-5317 — CVSS 10.0 (critical): Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers…
CVE-2007-2741 — CVSS 9.3 (critical): Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2009-0793 — CVSS 4.3 (medium): cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of…