154 matches found
[SECURITY] [DLA 4038-2] dcmtk regression update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4038-2 [email protected] https://www.debian.org/lts/security/ Adrian Bunk February 12, 2025 https://wiki.debian.org/LTS -...
CISA Releases Six Industrial Control Systems Advisories
CISA released six Industrial Control Systems ICS advisories on February 6, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-037-01 Schneider Electric EcoStruxure Power Monitoring Expert PME ICSA-25-037-02...
PT-2025-5866 · Unknown · Orthanc Dicom Server
Name of the Vulnerable Software and Affected Versions: Orthanc DICOM Server versions prior to 1.5.8 Description: The issue allows unauthorized access to medical images due to missing authentication. This exposes medical data to potential unauthorized access. Remote attackers can exploit this to...
PT-2026-20548
Name of the Vulnerable Software and Affected Versions Orthanc versions prior to 1.12.10 Description An authorisation logic flaw exists in the HTTP Basic Authentication implementation of Orthanc. Successful exploitation could lead to privilege escalation, potentially granting full administrative...
OPENSUSE-SU-2024:12383-1 orthanc-1.11.2-1.1 on GA media
These are all security issues fixed in the orthanc-1.11.2-1.1 package on the GA media of openSUSE Tumbleweed...
Cross Site Scripting (XSS)
Orthanc is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to a missing sanitization in the server's error reporting. This can lead to compromising Confidentiality and Integrity of the system...
CVE-2024-22725
Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting XSS vulnerability. The vulnerability was present in the server's error reporting...
DEBIAN-CVE-2024-22725
Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting XSS vulnerability. The vulnerability was present in the server's error reporting...
CVE-2024-22725
Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting XSS vulnerability. The vulnerability was present in the server's error reporting...
Cross site scripting
Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting XSS vulnerability. The vulnerability was present in the server's error reporting...
CVE-2024-22725
Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting XSS vulnerability. The vulnerability was present in the server's error reporting...
UBUNTU-CVE-2024-22725
Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting XSS vulnerability. The vulnerability was present in the server's error reporting...
Orthanc Security Breach
Orthanc is a free and open source software from Orthanc. A security vulnerability exists in versions of Orthanc prior to 1.12.2 that stems from vulnerability to reflective cross-site scripting XSS attacks...
CVE-2024-22725
Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting XSS vulnerability. The vulnerability was present in the server's error reporting...
CVE-2024-22725
CVE-2024-22725 affects Orthanc versions before 1.12.2, with a reflected XSS vulnerability in the server’s error reporting. • Affected: Orthanc prior to 1.12.2. • Root cause: reflected XSS in error reporting (per PT-2024-19545). • Impact: low confidentiality/integrity with no availability impact p...
CVE-2024-22725
Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting XSS vulnerability. The vulnerability was present in the server's error reporting...
PT-2024-19545 · Orthanc +1 · Orthanc +1
Name of the Vulnerable Software and Affected Versions: Orthanc versions prior to 1.12.2 Description: The issue is a reflected cross-site scripting XSS vulnerability. It was present in the server's error reporting. Recommendations: For Orthanc versions prior to 1.12.2, update to version 1.12.2 or...
Orthanc Osimis DICOM Web Viewer
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Orthanc Equipment : Osimis Web Viewer Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary...
Debian: Security Advisory (DLA-3562-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3562-1] orthanc security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3562-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky September 12, 2023 https://wiki.debian.org/LTS -...