PT-2026-45673

A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking...

CVE-2020-37120

Rubo DICOM Viewer 2.0 contains a buffer overflow vulnerability in the DICOM server name input field that allows attackers to overwrite Structured Exception Handler SEH. Attackers can craft a malicious text file with carefully constructed payload to execute arbitrary code by overwriting SEH and...

CVE-2025-52582

An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2025-48429

An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability...

UBUNTU-CVE-2025-53618

An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function grayscaleconvert is called base...

Grassroot DICOM 安全漏洞

Grassroot DICOM is a Sourceforge open source C++ library for DICOM medical files. A security vulnerability exists in Grassroot DICOM version 3.024, which stems from an out-of-bounds read in the Overlay function that could lead to information disclosure...

EUVD-2019-14695

Malware in sbrugna...

EUVD-2021-8979

Malicious code in bioql PyPI...

CVE-2021-21807

An integer overflow vulnerability exists in the DICOM parsedicommetainfo functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2020-6152

A code execution vulnerability exists in the DICOM parsedicommetainfo functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause an out-of-bounds write. An attacker can trigger this vulnerability by providing a victim with a malicious DICOM file...

CVE-2024-52333

An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

OFFIS DCMTK 安全漏洞

OFFIS DCMTK is a collection of libraries and applications that implement most of the DICOM standards from OFFIS Germany. Software for inspecting, building and converting DICOM image files, processing offline media, sending and receiving images over a network connection, as well as a demo image...

Invesalius 3.1 Remote Code Execution Exploit

Invesalius versions 3.1.99991 through 3.1.99998 suffer from a remote code execution vulnerability. The exploitation steps of this vulnerability involve the use of a specifically crafted DICOM file which, once imported inside the victim's client application, allows an attacker to gain remote code...

Grassroot DICOM 缓冲区错误漏洞

Grassroot DICOM is a Sourceforge open source C++ library for DICOM medical files. A security vulnerability exists in Grassroot DICOM version 3.0.23, which stems from the presence of an out-of-bounds write vulnerability, where a specially crafted DICOM file may cause a heap buffer overflow...

SUSE CVE-2022-2120

OFFIS DCMTK's All versions prior to 3.6.7 service class user SCU is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution...

CVE-2004-1139

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service application crash...

ethereal -- multiple vulnerabilities

An Ethreal Security Advisories reports: Issues have been discovered in the following protocol dissectors: Matthew Bing discovered a bug in DICOM dissection that could make Ethereal crash. An invalid RTP timestamp could make Ethereal hang and create a large temporary file, possibly filling availab...