CVE-2026-3650

A flaw was found in the Grassroots DICOM library GDCM. This memory leak vulnerability occurs when the library processes maliciously crafted DICOM files containing non-standard value representation VR types in their file meta-information. A remote attacker can exploit this by providing such a file...

CVE-2026-25982

A flaw was found in ImageMagick, a software suite for image manipulation. When processing specially crafted DICOM Digital Imaging and Communications in Medicine files, a vulnerability allows the software to read beyond its intended memory boundaries. This can lead to a Denial of Service, causing...

Out-of-bounds Read

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Read

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Read

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Out-of-bounds Read

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Read

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

Out-of-bounds Read

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Read

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

EUVD-2022-34406

Malicious code in bioql PyPI...

EUVD-2022-34405

Malicious code in bioql PyPI...

EUVD-2023-57402

Malicious code in bioql PyPI...

EUVD-2023-43155

Malicious code in bioql PyPI...

[SECURITY] Fedora 42 Update: gdcm-3.0.24-8.fc42

Grassroots DiCoM GDCM is a C++ library for DICOM medical files. It supports ACR-NEMA version 1 and 2 huffman compression is not supported, RAW, JPEG, JPEG 2000, JPEG-LS, RLE and deflated transfer syntax. It comes with a super fast scanner implementation to quickly scan hundreds of DICOM files. It...

CVE-2021-40367

A vulnerability has been identified in syngo fastView All versions. The affected application lacks proper validation of user-supplied data when parsing DICOM files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to...

Updated dcmtk packages fix security vulnerabilities

An improper array index validation vulnerability exists in the nowindow functionality of OFFIS. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability, CVE-2024-47796. An improper array index validation vulnerabili...

MGASA-2025-0017 Updated dcmtk packages fix security vulnerabilities

An improper array index validation vulnerability exists in the nowindow functionality of OFFIS. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability, CVE-2024-47796. An improper array index validation vulnerabili...

CVE-2024-47796

An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

PT-2025-2931

Name of the Vulnerable Software and Affected Versions OFFIS DCMTK version 3.6.8 Description An improper array index validation issue exists in the determineMinMax functionality. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger...

PT-2025-3965 · Sante · Sante Pacs Server Dcm

Name of the Vulnerable Software and Affected Versions: Sante PACS Server DCM affected versions not specified Description: The issue is a Directory Traversal Arbitrary File Write Vulnerability that allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. No...