Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

400 matches found

RedhatCVE
RedhatCVEadded 2 days ago5 views

CVE-2026-12805

A flaw was found in OFFIS DCMTK. A remote attacker could exploit this vulnerability by manipulating input to the XMLNode::parseFile function. This can lead to a heap-based buffer overflow, a type of memory corruption, which may result in information disclosure or denial of service. Mitigation Use...

7.5CVSS6.1AI score0.00279EPSS
Exploits0References11
Tenable Nessus
Tenable Nessusadded 2 days ago4 views

Linux Distros Unpatched Vulnerability : CVE-2026-12805

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a...

7.5CVSS6.3AI score0.00279EPSS
Exploits0References2
CVE
CVEadded 3 days ago12 views

CVE-2026-12805

The vulnerability CVE-2026-12805 affects OFFIS DCMTK up to 3.7.0, specifically the XMLNode::parseFile function in ofstd/libsrc/ofxml.cc. A heap-based buffer overflow can be triggered remotely via manipulation. An exploit has been published and may be used. The patch is tracked by commit 1d4b3815c...

7.5CVSS6.5AI score0.00279EPSS
Exploits0References8
Cvelist
Cvelistadded 2026/06/02 12:0 a.m.36 views

CVE-2026-10528 Orthanc DICOM Server DCMTK FromDcmtkBridge.cpp read stack-based overflow

A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking...

4.8CVSS0.00124EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/06/02 12:0 a.m.10 views

CVE-2026-10528

A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking...

4.8CVSS5.8AI score0.00124EPSS
Exploits0References8Affected Software1
CNNVD
CNNVDadded 2026/06/02 12:0 a.m.3 views

Orthanc DICOM Server 安全漏洞

Orthanc DICOM Server is a lightweight medical imaging storage and management server developed under the open-source Orthanc framework. Versions of Orthanc DICOM Server 1.12.11 and earlier contain security vulnerabilities. These vulnerabilities stem from issues with the DcmItem::read function in t...

4.8CVSS5.7AI score0.00124EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2026/06/01 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-10194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file...

6.5CVSS6.7AI score0.00247EPSS
Exploits0References3
NVD
NVDadded 2026/05/31 5:16 p.m.14 views

CVE-2026-10194

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...

6.5CVSS0.00247EPSS
Exploits0References5
OSV
OSVadded 2026/05/31 5:16 p.m.7 views

UBUNTU-CVE-2026-10194

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...

6.3CVSS6.7AI score0.00247EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/05/31 4:30 p.m.5 views

CVE-2026-10194 OFFIS DCMTK dcmqrscp dcmqrdbi.cc deleteOldestImages heap-based overflow

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...

6.5CVSS6AI score0.00247EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2026/05/31 4:30 p.m.14 views

CVE-2026-10194

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...

6.5CVSS6.8AI score0.00247EPSS
Exploits0
AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в dcmtk

A flaw has been discovered in OFFIS DCMTK up to version 3.6.9. The affected element is the function DcmQueryRetrieveIndexDatabaseHandle::startFindRequest/DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest in the library dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. This manipulation ca...

4.8CVSS5.2AI score0.00113EPSS
Exploits0References1
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.3 views

Astra Linux – Vulnerability in dcmtk

The service class user SCU of OFFIS DCMTK all versions prior to 3.6.7 is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could enable remote code execution...

9.8CVSS7.2AI score0.02822EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.3 views

Astra Linux – Vulnerability in dcmtk

OFFIS DCMTK’s all versions prior to 3.6.7 has a NULL pointer dereference vulnerability when processing DICOM files, which may lead to a denial-of-service condition...

7.5CVSS6.8AI score0.00711EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linuxadded 2026/04/09 12:0 a.m.5 views

dcmtk-3.7.0-2.1 on GA media (moderate)

dcmtk-3.7.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10502-1 Rating: moderate Cross-References: CVE-2026-5663 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the dcmtk-3.7.0-2.1 packa...

9.8CVSS7.1AI score0.01721EPSS
Exploits0
OSV
OSVadded 2026/04/08 12:0 a.m.2 views

OPENSUSE-SU-2026:10502-1 dcmtk-3.7.0-2.1 on GA media

These are all security issues fixed in the dcmtk-3.7.0-2.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS5.8AI score0.01721EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2026/04/07 11:29 p.m.3 views

SUSE CVE-2026-5663

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

9.8CVSS5.5AI score0.01721EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2026/04/06 3:17 p.m.1 views

CVE-2026-5663

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

9.8CVSS5.7AI score0.01721EPSS
Exploits0References7
OSV
OSVadded 2026/04/06 3:17 p.m.5 views

UBUNTU-CVE-2026-5663

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

9.8CVSS5.5AI score0.01721EPSS
Exploits0References8
Cvelist
Cvelistadded 2026/04/06 2:15 p.m.29 views

CVE-2026-5663 OFFIS DCMTK storescp storescp.cc executeOnEndOfStudy os command injection

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

7.5CVSS0.01721EPSS
Exploits0References6
Rows per page
Query Builder