Missing Release of Memory after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime during handling of DICOM files containing non-standard VR types in their file meta-information. An attacker can cause excessive memory consumption and resource exhaustion by supplying a...

Your MRI is Online: The Hidden Risks of Exposed DICOM Servers in UK Healthcare

Hospitals invest heavily in physical security: Clinical areas are access-controlled, sensitive rooms are locked, and patient records are governed by strict handling procedures. Network exposure does not always receive the same level of scrutiny. Rapid7 Labs identified more than 30 UK-based system...

EUVD-2025-203849

An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function grayscaleconvert is called base...

CVE-2018-25124 PacsOne Server 6.6.2 DICOM Web Viewer Directory Traversal LFI

PacsOne Server version 6.6.2 prior versions are likely affected contains a directory traversal vulnerability within the web-based DICOM viewer component. Successful exploitation allows a remote unauthenticated attacker to read arbitrary files via the 'nocache.php' endpoint with a crafted 'path'...

CVE-2020-36855

A security vulnerability has been detected in DCMTK up to 3.6.5. The affected element is the function parseQuota of the component dcmqrscp. The manipulation of the argument StorageQuota leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been...

EUVD-2007-3633

Malware in sbrugna...

EUVD-2024-20305

Malicious code in bioql PyPI...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on July 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-198-01 Leviton AcquiSuite and Energy Monitoring Hub ICSMA-25-198-01 Panoramic Corporati...

The vulnerability of the library for working with the DICOM format in DCMT, related to improper memory release before deleting the last reference, allows a violator to trigger a service failure.

The vulnerability of the library for working with the DICOM format in DCMT is related to improper memory release before deleting the last reference. Exploiting this vulnerability could allow an attacker to cause service failures...

The vulnerability of the library for working with the DICOM format in DCMT, related to the repeated memory release, allows a perpetrator to trigger a service failure.

The vulnerability of the library for working with the DICOM format in DCMT is related to the repeated memory release. Exploiting this vulnerability could allow a malicious actor to cause service failures...

CVE-2024-22774

An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component...

The vulnerability of the EctEnhancedCT method in the DICOM DCMT format allows a intruder to gain unauthorized access to protected information.

The vulnerability of the EctEnhancedCT method in the DICOM DCMT library lies in the copying of buffers without checking the input data. Exploiting this vulnerability could allow an unauthorized actor to gain unauthorized access to protected information...

CVE-2025-0573

Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The specific flaw exists...

MicroDicom DICOM Viewer Security Vulnerability

MicroDicom DICOM Viewer is a lightweight and easy-to-use application from MicroDicom Inc. for processing and viewing medical images in DICOM format. A security vulnerability exists in versions of MicroDicom DICOM Viewer prior to 2024.2 that stems from the presence of a stack-based buffer overflow...

CVE-2024-22774

An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component...

CVE-2024-22774

An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component...

CVE-2024-22774

An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component...

CVE-2024-22774

CVE-2024-22774 affects Panoramic Corporation Digital Imaging Software v9.1.2.7600. Connected documents describe a DLL hijacking flaw in the software’s ccsservice.exe component that could let a local user escalate privileges to NT AUTHORITY/SYSTEM. The Red Hat and CVE listings also reiterate local...

Santesoft Sante DICOM Viewer Pro 安全漏洞

Santesoft Sante DICOM Viewer Pro is a powerful viewer, anonymizer, converter and PACS client from Santesoft Cyprus. Works with all models and manufacturers of DICOM files. A security vulnerability exists in Santesoft Sante DICOM Viewer Pro, which stems from a security flaw in DCM image parsing,...

IMAGE CONQUEST DICOM SERVER 命令注入漏洞

IMAGE CONQUEST DICOM SERVER is IMAGE an open source application. It can store, validate, query and retrieve through programmable SQL database tables. A security vulnerability exists in CONQUEST DICOM SERVER before 1.5.0, which can be exploited by attackers to execute malicious code...