22 matches found
Astra Linux – Vulnerability in gdcm
There is an out-of-bounds read vulnerability in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to exploit this vulnerability...
Astra Linux – Vulnerability in gdcm
There is an out-of-bounds write vulnerability in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to exploit this vulnerability...
gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
A heap-based buffer overflow vulnerability was discovered in GIMP’s DICOM DCM file parser. The flaw occurs because the application fails to properly validate the length of user-supplied data before copying it to a heap buffer. This can lead to arbitrary code execution when a user opens a speciall...
gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
A heap-based buffer overflow vulnerability was discovered in GIMP’s DICOM DCM file parser. The flaw occurs because the application fails to properly validate the length of user-supplied data before copying it to a heap buffer. This can lead to arbitrary code execution when a user opens a speciall...
CVE-2025-53619
An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function nullconvert is called based of...
EUVD-2025-203851
An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2025-48429
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to...
DEBIAN-CVE-2025-52582
An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-53618
An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function grayscaleconvert is called base...
Grassroot DICOM Overlay::GrabOverlayFromPixelData out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2025-2211 Grassroot DICOM Overlay::GrabOverlayFromPixelData out-of-bounds read vulnerability December 16, 2025 CVE Number CVE-2025-52582 SUMMARY An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM...
Grassroot DICOM JPEGBITSCodec::InternalCode out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2025-2210 Grassroot DICOM JPEGBITSCodec::InternalCode out-of-bounds read vulnerability December 16, 2025 CVE Number CVE-2025-53619,CVE-2025-53618 SUMMARY An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM...
CVE-2025-11266
An out-of-bounds write vulnerability exists in the Grassroots DICOM library GDCM. The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments compressed image data stored as multiple fragments. This vulnerability leads to a segmentation fault caused...
gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
A heap-based buffer overflow vulnerability was discovered in GIMP’s DICOM DCM file parser. The flaw occurs because the application fails to properly validate the length of user-supplied data before copying it to a heap buffer. This can lead to arbitrary code execution when a user opens a speciall...
Astra Linux – Vulnerability in dcmtk
A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service DoS attack through a crafted DICOM file...
UBUNTU-CVE-2025-25472
A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service DoS via a crafted DCM file...
CVE-2025-25475
CVE-2025-25475 affects DCMTK v3.6.9+ DEV and is caused by a NULL pointer dereference in /libsrc/dcrleccd.cc, enabling a crafted DICOM file to trigger a Denial of Service. Connected advisories confirm this issue and note fixes in various Linux distros (e.g., Debian DLA-4227, openSUSE SUSE advisory...
CVE-2025-25475
A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service DoS via a crafted DICOM file...
SUSE CVE-2024-22373
An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
SUSE CVE-2024-25569
An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-22373
An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...