CVE-2026-10528

A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking...

CVE-2026-10528 Orthanc DICOM Server DCMTK FromDcmtkBridge.cpp read stack-based overflow

A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking...

Linux Distros Unpatched Vulnerability : CVE-2026-10194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file...

CVE-2026-10194

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...

UBUNTU-CVE-2026-10194

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...

CVE-2026-10194 OFFIS DCMTK dcmqrscp dcmqrdbi.cc deleteOldestImages heap-based overflow

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...

CVE-2026-10194

A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched...

Astra Linux - уязвимость в dcmtk

The service class user SCU of OFFIS DCMTK all versions prior to 3.6.7 is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could enable remote code execution...

Astra Linux - уязвимость в dcmtk

OFFIS DCMTK’s all versions prior to 3.6.7 has a NULL pointer dereference vulnerability when processing DICOM files, which may lead to a denial-of-service condition...

dcmtk-3.7.0-2.1 on GA media (moderate)

dcmtk-3.7.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10502-1 Rating: moderate Cross-References: CVE-2026-5663 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the dcmtk-3.7.0-2.1 packa...

OPENSUSE-SU-2026:10502-1 dcmtk-3.7.0-2.1 on GA media

These are all security issues fixed in the dcmtk-3.7.0-2.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2026-5663

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

CVE-2026-5663

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

UBUNTU-CVE-2026-5663

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

CVE-2026-5663 OFFIS DCMTK storescp storescp.cc executeOnEndOfStudy os command injection

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

CVE-2026-5663

OFFIS DCMTK up to 3.7.0 contains a vulnerability in the storescp component (dcmnet/apps/storescp.cc: executeOnReception/executeOnEndOfStudy) that allows os command injection through manipulation. Remote exploitation is possible. A patch (edbb085e45788dccaf0e64d71534cfca925784b8) is available and ...

Linux Distros Unpatched Vulnerability : CVE-2026-5663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file...

PT-2026-30606

Name of the Vulnerable Software and Affected Versions OFFIS DCMTK versions up to 3.7.0 Description A security flaw exists in OFFIS DCMTK up to version 3.7.0. The issue affects the executeOnReception/executeOnEndOfStudy function within the dcmnet/apps/storescp.cc file of the storescp component...

Mageia: Security Advisory (MGASA-2026-0040)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-4443 : dcmtk - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4443 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4443-1 [email protected]...