28 matches found
CVE-2026-10528 Orthanc DICOM Server DCMTK FromDcmtkBridge.cpp read stack-based overflow
A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking...
UBUNTU-CVE-2026-5437
An out-of-bounds read vulnerability exists in DicomStreamReader during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocated metadata buffer. Although this issue does not typically crash the server or expose data directly ...
CVE-2026-5444 Heap Buffer Overflow in PAM Image Buffer Allocation
A heap buffer overflow vulnerability exists in the PAM image parsing logic. When Orthanc processes a crafted PAM image embedded in a DICOM file, image dimensions are multiplied using 32-bit unsigned arithmetic. Specially chosen values can cause an integer overflow during buffer size calculation,...
Grassroots DICOM 安全漏洞
Grassroots DICOM is a software library developed by Mathieu Malaterre. Grassroots DICOM GDCM has a security vulnerability that stems from memory leaks during the parsing of deformed DICOM files containing non-standard VR types. This vulnerability may lead to resource exhaustion and cause...
PT-2025-50980
Name of the Vulnerable Software and Affected Versions Grassroots DICOM library GDCM affected versions not specified Description An out-of-bounds write issue exists in the Grassroots DICOM library GDCM during the parsing of a malformed DICOM file. The issue occurs when processing encapsulated...
Alibaba Cloud Linux 3 : 0191: gimp:2.8 (ALINUX3-SA-2025:0191)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0191 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-10920: GIMP ICNS File Parsing...
[SECURITY] [DLA 4342-1] gimp security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4342-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler October 22, 2025 https://wiki.debian.org/LTS -...
CVE-2025-3484
MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not required to exploit this vulnerability. The specif...
CVE-2025-3481
MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not required to exploit this vulnerability. The specif...
CVE-2025-3483
MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not required to exploit this vulnerability. The specif...
MedDream PACS Server 安全漏洞
MedDream PACS Server is an image archiving and communication system from MedDream, Inc. It is used to store, archive, manage and view medical images. A security vulnerability exists in MedDream PACS Server versions prior to 7.3.5.860, which stems from a stack buffer overflow issue with DICOM file...
MedDream PACS Server 安全漏洞
MedDream PACS Server is an image archiving and communication system from MedDream, Inc. It is used to store, archive, manage and view medical images. A security vulnerability exists in MedDream PACS Server versions prior to 7.3.5.860, which stems from a stack buffer overflow issue with DICOM file...
MedDream PACS Server 安全漏洞
MedDream PACS Server is an image archiving and communication system from MedDream, Inc. It is used to store, archive, manage and view medical images. A security vulnerability exists in MedDream PACS Server versions prior to 7.3.5.860, which stems from a stack buffer overflow issue with DICOM file...
PT-2025-3964 · Sante · Sante Pacs Server Web Portal Dcm
Name of the Vulnerable Software and Affected Versions: Sante PACS Server Web Portal DCM affected versions not specified Description: This issue allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is required to exploit this issue. The...
PT-2025-3963 · Sante · Sante Pacs Server Web Portal Dcm
Name of the Vulnerable Software and Affected Versions: Sante PACS Server Web Portal DCM affected versions not specified Description: The issue is a denial-of-service vulnerability due to memory corruption in the analysis of DCM files. This vulnerability allows remote attackers to create a...
PT-2025-3961 · Unknown · Sante Pacs Server
Name of the Vulnerable Software and Affected Versions: Sante PACS Server affected versions not specified Description: This issue allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this issue. Th...
CVE-2023-32134
Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-32132
Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target...
CVE-2023-32131
Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target...
CVE-2023-34296
CVE-2023-34296 – Sante DICOM Viewer Pro : The vulnerability lies in the parsing of DCM files, where insufficient validation can cause a write past the end of an allocated object, enabling remote code execution in the context of the affected process. Documented impact is high and requires user int...