Lucene search
+L

1501 matches found

redhatcve
redhatcve
added 2026/04/14 7:23 p.m.7 views

CVE-2026-5444

A heap buffer overflow vulnerability exists in the PAM image parsing logic. When Orthanc processes a crafted PAM image embedded in a DICOM file, image dimensions are multiplied using 32-bit unsigned arithmetic. Specially chosen values can cause an integer overflow during buffer size calculation,...

7.1CVSS6AI score0.00162EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/04/14 7:23 p.m.8 views

CVE-2026-5442

A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation VR Unsigned Long UL, instead of the expected VR Unsigned Short US, which allows extremely large dimensions to be processed. This causes an integer overflow during frame...

9.8CVSS6AI score0.00598EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/04/14 7:23 p.m.8 views

CVE-2026-5441

An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafte...

7.1CVSS6AI score0.00136EPSS
Exploits0References1
euvd
euvd
added 2026/04/09 3:35 p.m.6 views

EUVD-2026-20924

A heap buffer overflow vulnerability exists in the PAM image parsing logic. When Orthanc processes a crafted PAM image embedded in a DICOM file, image dimensions are multiplied using 32-bit unsigned arithmetic. Specially chosen values can cause an integer overflow during buffer size calculation,...

6.2AI score0.00162EPSS
Exploits0References4
euvd
euvd
added 2026/04/09 3:35 p.m.4 views

EUVD-2026-20920

A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation VR Unsigned Long UL, instead of the expected VR Unsigned Short US, which allows extremely large dimensions to be processed. This causes an integer overflow during frame...

6.1AI score0.00598EPSS
Exploits0References4
euvd
euvd
added 2026/04/09 3:35 p.m.7 views

EUVD-2026-20926

An out-of-bounds read vulnerability exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic used for PALETTE COLOR images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size...

5.9AI score0.00666EPSS
Exploits0References4
euvd
euvd
added 2026/04/09 3:35 p.m.4 views

EUVD-2026-20913

An out-of-bounds read vulnerability exists in DicomStreamReader during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocated metadata buffer. Although this issue does not typically crash the server or expose data directly ...

5.9AI score0.00641EPSS
Exploits0References4
euvd
euvd
added 2026/04/09 3:35 p.m.6 views

EUVD-2026-20922

A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...

6.2AI score0.0057EPSS
Exploits0References4
euvd
euvd
added 2026/04/09 3:35 p.m.8 views

EUVD-2026-20918

An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafte...

6AI score0.00136EPSS
Exploits0References4
osv
osv
added 2026/04/09 3:16 p.m.6 views

DEBIAN-CVE-2026-5442

A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation VR Unsigned Long UL, instead of the expected VR Unsigned Short US, which allows extremely large dimensions to be processed. This causes an integer overflow during frame...

9.8CVSS5.6AI score0.00598EPSS
Exploits0References1
nvd
nvd
added 2026/04/09 3:16 p.m.7 views

CVE-2026-5443

A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...

9.8CVSS0.0057EPSS
Exploits0References3
nvd
nvd
added 2026/04/09 3:16 p.m.4 views

CVE-2026-5442

A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation VR Unsigned Long UL, instead of the expected VR Unsigned Short US, which allows extremely large dimensions to be processed. This causes an integer overflow during frame...

9.8CVSS0.00598EPSS
Exploits0References3
nvd
nvd
added 2026/04/09 3:16 p.m.12 views

CVE-2026-5445

An out-of-bounds read vulnerability exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic used for PALETTE COLOR images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size...

9.1CVSS0.00666EPSS
Exploits0References3
nvd
nvd
added 2026/04/09 3:16 p.m.11 views

CVE-2026-5444

A heap buffer overflow vulnerability exists in the PAM image parsing logic. When Orthanc processes a crafted PAM image embedded in a DICOM file, image dimensions are multiplied using 32-bit unsigned arithmetic. Specially chosen values can cause an integer overflow during buffer size calculation,...

7.1CVSS0.00162EPSS
Exploits0References3
osv
osv
added 2026/04/09 3:16 p.m.3 views

DEBIAN-CVE-2026-5445

An out-of-bounds read vulnerability exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic used for PALETTE COLOR images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size...

9.1CVSS7.6AI score0.00666EPSS
Exploits0References1
osv
osv
added 2026/04/09 3:16 p.m.3 views

DEBIAN-CVE-2026-5443

A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...

9.8CVSS5.7AI score0.0057EPSS
Exploits0References1
osv
osv
added 2026/04/09 3:16 p.m.4 views

DEBIAN-CVE-2026-5441

An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafte...

7.1CVSS5.6AI score0.00136EPSS
Exploits0References1
nvd
nvd
added 2026/04/09 3:16 p.m.7 views

CVE-2026-5437

An out-of-bounds read vulnerability exists in DicomStreamReader during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocated metadata buffer. Although this issue does not typically crash the server or expose data directly ...

7.5CVSS0.00641EPSS
Exploits0References3
osv
osv
added 2026/04/09 3:16 p.m.8 views

DEBIAN-CVE-2026-5437

An out-of-bounds read vulnerability exists in DicomStreamReader during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocated metadata buffer. Although this issue does not typically crash the server or expose data directly ...

7.5CVSS7.6AI score0.00641EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2026/04/09 3:16 p.m.6 views

CVE-2026-5442

A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation VR Unsigned Long UL, instead of the expected VR Unsigned Short US, which allows extremely large dimensions to be processed. This causes an integer overflow during frame...

9.8CVSS6AI score0.00598EPSS
Exploits0References4
Rows per page
Query Builder