Lucene search
K

4 matches found

NVD
NVD
added 2025/12/24 8:15 p.m.8 views

CVE-2018-25142

NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity XXE injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack...

9.8CVSS0.00371EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/24 7:27 p.m.4 views

CVE-2018-25142 NovaRad NovaPACS Diagnostics Viewer 8.5 XML External Entity Injection

NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity XXE injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack...

9.8CVSS7.3AI score0.00371EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/24 7:27 p.m.32 views

CVE-2018-25142 NovaRad NovaPACS Diagnostics Viewer 8.5 XML External Entity Injection

NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity XXE injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack...

9.8CVSS0.00371EPSS
Exploits1References3
CVE
CVE
added 2025/12/24 7:27 p.m.14 views

CVE-2018-25142

NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 is affected by an unauthenticated XML External Entity (XXE) injection in XML preference import settings. The root cause is an XXE vulnerability that allows crafted XML files with DTD parameter entities to retrieve arbitrary system files via an out-of-...

9.8CVSS7.3AI score0.00371EPSS
Exploits1References3
Rows per page
Query Builder