2392 matches found
CVE-2025-0570
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The specifi...
CVE-2025-0571
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The specifi...
CVE-2025-0572 Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability
Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The specific flaw...
CVE-2025-0572
CVE-2025-0572 – Sante PACS Server Web Portal DCM File Parsing Directory Traversal : The vulnerability affects the Sante PACS Server Web Portal, entering via DCM file parsing where a user-supplied path is not properly validated before file operations. This allows remote attackers to write arbitrar...
CVE-2025-0571
The CVE-2025-0571 entry concerns Sante PACS Server Web Portal and is supported by multiple sources (NVD, ZDI, CVE List). The underlying issue is a memory corruption caused by improper validation during DCM file parsing, leading to a denial-of-service condition. Attacker authentication is required...
CVE-2025-0571 Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The specifi...
CVE-2025-0570 Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The specifi...
CVE-2025-24814
Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that 1 use the "FileSystemConfigSetService" component the default in "standalone" or "user-managed" mode, and 2 are running without authentication and authorization are vulnerable to a sort...
CVE-2025-24814
Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that 1 use the "FileSystemConfigSetService" component the default in "standalone" or "user-managed" mode, and 2 are running without authentication and authorization are vulnerable to a sort...
CVE-2024-13354
The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via HTML tags in several widgets in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping. Thi...
CVE-2024-13590
The Ketchup Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spacer' shortcode in all versions up to, and including, 0.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability
This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of a...
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validati...
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validati...
Ivanti Endpoint Manager MyResolveEventHandler Untrusted Search Path Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the MyResolveEventHandler method. The issue results from loadi...
Ivanti Endpoint Manager updateAssetInfo SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the updateAssetInfo method. The issue results from the lack of...
GHSA-8VMR-H7H5-CQHG matrix-media-repo (MMR) allows unauthenticated writes to the media repository, which may allow planting of problematic content
Impact MMR before version 1.3.5 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the local homeserver in an unauthenticated wa...
CVE-2024-49375
Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution. The prerequisites for this are: 1. The HTTP API must be enabled on t...
CVE-2024-49375 Remote Code Execution via Remote Model Loading in Rasa
Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution. The prerequisites for this are: 1. The HTTP API must be enabled on t...
CVE-2024-49375
CVE-2024-49375 affects Rasa (Open Source and Pro). Remote Code Execution is possible when a malicious model is loaded into a Rasa instance via the HTTP API, with API enabled (--enable-api) and depending on authentication configuration. Unauthenticated RCE requires no auth and is more severe; auth...