1498 matches found
EUVD-2026-40422
A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...
DEBIAN-CVE-2026-50003
A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...
CVE-2026-50003 OFFIS DCMTK Toolkit Path Traversal
A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...
CVE-2026-50003
A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...
CVE-2026-50254 OFFIS DCMTK Toolkit Missing Release of Memory after Effective Lifetime
An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it...
CVE-2026-35505 OFFIS DCMTK Toolkit Missing Release of Memory after Effective Lifetime
An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...
CVE-2026-44628 OFFIS DCMTK Toolkit Type Confusion
An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record...
PT-2026-53992
Name of the Vulnerable Software and Affected Versions DCMTK affected versions not specified Description A compromised or malicious server can force a client to write files outside the designated output directory. This occurs when the client uses the bit-preserving C-GET storage mode, allowing the...
ImageMagick: ImageMagick: Denial of Service via crafted DCM image with invalid dimensions
A flaw was found in ImageMagick. A missing check in the DCM Digital Imaging and Communications in Medicine decoder allows a remote attacker to provide a specially crafted image with invalid dimensions. This can lead to crashes in other operations, resulting in a denial of service DoS for the...
Linux Distros Unpatched Vulnerability : CVE-2026-22879
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability CVE-2026-22879 Note that Nessus relies on the presence of the package as...
CVE-2026-22879
A flaw was found in vtk-dicom. A heap-based buffer overflow vulnerability exists in the vtkDICOMItem::NewDataElement function. A remote attacker could exploit this vulnerability without requiring user interaction or elevated privileges. Successful exploitation could lead to arbitrary code...
CVE-2026-22879
vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability...
DEBIAN-CVE-2026-22879
vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability...
EUVD-2026-36184
ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions...
CVE-2026-22879
vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability...
CVE-2026-22879
vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability...
CVE-2026-22879
The CVE concerns the vtk-dicom component, specifically the vtkDICOMItem::NewDataElement function. It is described as a heap-based buffer overflow vulnerability in vtk-dicom. The CVSSv3.1 vector indicates a high-severity issue (C:H, I:H, A:H) with network attack vector, high attack complexity, no ...
CVE-2026-56445
The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join without sanitization, allowing file writes to arbitrary paths...
CVE-2026-56445
The CVE-2026-56445 issue affects the qrscp application’s C-STORE handler. It directly uses an attacker-supplied DICOM dataset instance in os.path.join() without sanitization, enabling writes to arbitrary file paths on the system. This is a path traversal vulnerability in the file-write path, with...
CVE-2026-12473 OHIF Viewers DICOM Server-Side request forgery
Two data sources DICOMWebProxy and DICOMJSON shipped in the default configuration fetch an arbitrary URL parameter without validation. A global authentication service in OHIF automatically injects the authenticated user's OIDC Bearer token into the resulting requests, sending it to the...