Lucene search
K

13 matches found

Cvelist
Cvelist
added 2026/06/09 9:9 p.m.33 views

CVE-2026-25860 OpenClinic GA 5.351.19 Reflected XSS via DICOM Image Upload Handler

OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embedding malicious payloads in DICOM file metadata fields. Attackers can craft a DICOM file with...

6.1CVSS0.00293EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/06/09 9:9 p.m.8 views

CVE-2026-25860 OpenClinic GA 5.351.19 Reflected XSS via DICOM Image Upload Handler

OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embedding malicious payloads in DICOM file metadata fields. Attackers can craft a DICOM file with...

6.1CVSS5.6AI score0.00293EPSS
Exploits1References3
OSV
OSV
added 2026/04/09 3:16 p.m.3 views

DEBIAN-CVE-2026-5443

A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...

9.8CVSS5.7AI score0.0057EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 3:16 p.m.3 views

UBUNTU-CVE-2026-5443

A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...

9.8CVSS6AI score0.0057EPSS
Exploits0References5
Debian
Debian
added 2025/10/28 7:36 p.m.7 views

[SECURITY] [DSA 6043-1] gimp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6043-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 28, 2025 https://www.debian.org/security/faq -...

7.8CVSS8.7AI score0.0715EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/28 12:0 a.m.9 views

Debian dsa-6043 : gimp - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6043 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6043-1 [email protected] https://www.debian.org/securit...

7.8CVSS8.4AI score0.0715EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-37422

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00922EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.7 views

CVE-2023-33255

An issue was discovered in Papaya Viewer 1.0.1449. User-supplied input in form of DICOM or NIFTI images can be loaded into the Papaya web application without any kind of sanitization. This allows injection of arbitrary JavaScript code into image metadata, which is executed when that metadata is...

6.1CVSS7.4AI score0.00922EPSS
Exploits2References1
OSV
OSV
added 2023/05/26 8:15 p.m.5 views

CVE-2023-33255

An issue was discovered in Papaya Viewer 1.0.1449. User-supplied input in form of DICOM or NIFTI images can be loaded into the Papaya web application without any kind of sanitization. This allows injection of arbitrary JavaScript code into image metadata, which is executed when that metadata is...

6.1CVSS5.9AI score0.00922EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2023/05/26 8:15 p.m.8 views

CVE-2023-33255

An issue was discovered in Papaya Viewer 1.0.1449. User-supplied input in form of DICOM or NIFTI images can be loaded into the Papaya web application without any kind of sanitization. This allows injection of arbitrary JavaScript code into image metadata, which is executed when that metadata is...

6.1CVSS6.5AI score0.00922EPSS
Exploits2References6
CNNVD
CNNVD
added 2021/12/16 12:0 a.m.5 views

Siemens Syngo FastView 缓冲区错误漏洞

Siemens Syngo FastView is a standalone viewer of Dicom 2 images available on Dicom exchange media from Siemens, Germany. An out-of-bounds write vulnerability exists in Siemens Syngo FastView, which stems from a lack of proper validation of user-supplied data when parsing BMP files. An attacker...

7.8CVSS5.9AI score0.00323EPSS
Exploits0References6
securityvulns
securityvulns
added 2013/12/09 12:0 a.m.45 views

CVE-2013-4425: Private key disclosure, Osirix (lite, 64bit and FDA cleader version) (Medical Application)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Private key disclosure, Osirix lite, 64bit and FDA cleader version CVE-2013-4425 version 1.09 CVSS Score: 8.4 Background: =========== OsiriX is an image processing software dedicated to DICOM images files with a ".dcm" / ".DCM" extension produced by...

1.9CVSS6.7AI score0.0035EPSS
Exploits0
securityvulns
securityvulns
added 2010/03/11 12:0 a.m.32 views

XNView buffer overflow

Integer overflow on DICOM images parsing leading to buffer overflow...

9.3CVSS5.4AI score0.04607EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder