53 matches found
CVE-2026-3650
A flaw was found in the Grassroots DICOM library GDCM. This memory leak vulnerability occurs when the library processes maliciously crafted DICOM files containing non-standard value representation VR types in their file meta-information. A remote attacker can exploit this by providing such a file...
CVE-2026-25982
A flaw was found in ImageMagick, a software suite for image manipulation. When processing specially crafted DICOM Digital Imaging and Communications in Medicine files, a vulnerability allows the software to read beyond its intended memory boundaries. This can lead to a Denial of Service, causing...
Out-of-bounds Read
Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Out-of-bounds Read
Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Out-of-bounds Read
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Out-of-bounds Read
Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Out-of-bounds Read
Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
Out-of-bounds Read
Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Out-of-bounds Read
Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
EUVD-2022-34406
Malicious code in bioql PyPI...
EUVD-2022-34405
Malicious code in bioql PyPI...
EUVD-2023-57402
Malicious code in bioql PyPI...
EUVD-2023-43155
Malicious code in bioql PyPI...
[SECURITY] Fedora 42 Update: gdcm-3.0.24-8.fc42
Grassroots DiCoM GDCM is a C++ library for DICOM medical files. It supports ACR-NEMA version 1 and 2 huffman compression is not supported, RAW, JPEG, JPEG 2000, JPEG-LS, RLE and deflated transfer syntax. It comes with a super fast scanner implementation to quickly scan hundreds of DICOM files. It...
CVE-2021-40367
A vulnerability has been identified in syngo fastView All versions. The affected application lacks proper validation of user-supplied data when parsing DICOM files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to...
MGASA-2025-0017 Updated dcmtk packages fix security vulnerabilities
An improper array index validation vulnerability exists in the nowindow functionality of OFFIS. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability, CVE-2024-47796. An improper array index validation vulnerabili...
Updated dcmtk packages fix security vulnerabilities
An improper array index validation vulnerability exists in the nowindow functionality of OFFIS. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability, CVE-2024-47796. An improper array index validation vulnerabili...
CVE-2024-47796
An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
PT-2025-2931
Name of the Vulnerable Software and Affected Versions OFFIS DCMTK version 3.6.8 Description An improper array index validation issue exists in the determineMinMax functionality. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger...
PT-2025-3965 · Sante · Sante Pacs Server Dcm
Name of the Vulnerable Software and Affected Versions: Sante PACS Server DCM affected versions not specified Description: The issue is a Directory Traversal Arbitrary File Write Vulnerability that allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. No...