Lucene search
K

96 matches found

Vulnrichment
Vulnrichment
added 2024/04/25 2:33 p.m.21 views

CVE-2024-25569

An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability...

6.5CVSS6.3AI score0.01083EPSS
Exploits1References4
Talos
Talos
added 2024/04/25 12:0 a.m.29 views

Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1944 Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability April 25, 2024 CVE Number CVE-2024-25569 SUMMARY An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A...

6.5CVSS7AI score0.01083EPSS
Exploits1
Talos
Talos
added 2024/04/25 12:0 a.m.35 views

Grassroot DICOM LookupTable::SetLUT out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2024-1924 Grassroot DICOM LookupTable::SetLUT out-of-bounds write vulnerability April 25, 2024 CVE Number CVE-2024-22391 SUMMARY A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23....

9.8CVSS7.9AI score0.01394EPSS
Exploits1
Talos
Talos
added 2024/04/25 12:0 a.m.35 views

Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2024-1935 Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability April 25, 2024 CVE Number CVE-2024-22373 SUMMARY An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu...

9.8CVSS8.2AI score0.01474EPSS
Exploits1
CNNVD
CNNVD
added 2024/04/25 12:0 a.m.4 views

Grassroot DICOM 缓冲区错误漏洞

Grassroot DICOM is a Sourceforge open source C++ library for DICOM medical files. A buffer error vulnerability exists in Grassroot DICOM version 3.0.23, which stems from the presence of an out-of-bounds read vulnerability, which can be caused by specially crafted DICOM files...

6.5CVSS7AI score0.01083EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/04/25 12:0 a.m.3 views

Grassroot DICOM 缓冲区错误漏洞

Grassroot DICOM is a Sourceforge open source C++ library for DICOM medical files. A security vulnerability exists in Grassroot DICOM version 3.0.23, which stems from the presence of an out-of-bounds write vulnerability, where a specially crafted DICOM file may cause a heap buffer overflow...

9.8CVSS7.4AI score0.01474EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/04/25 12:0 a.m.4 views

PT-2024-21011 · Mathieu Malaterre +1 · Grassroot Dicom +1

Name of the Vulnerable Software and Affected Versions: Mathieu Malaterre Grassroot DICOM version 3.0.23 Description: An out-of-bounds read issue exists in the RAWCodec::DecodeBytes functionality. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious...

6.5CVSS6.5AI score0.01083EPSS
Exploits1References17
CNNVD
CNNVD
added 2024/04/25 12:0 a.m.3 views

Grassroot DICOM 缓冲区错误漏洞

Grassroot DICOM is a Sourceforge open source C++ library for DICOM medical files. A buffer error vulnerability exists in Grassroot DICOM version 3.0.23, which stems from the presence of a heap-based buffer overflow vulnerability, where a specially crafted, incorrectly-formatted file could result ...

9.8CVSS7.2AI score0.01394EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/02/15 12:0 a.m.3 views

PT-2024-19372

Name of the Vulnerable Software and Affected Versions Mathieu Malaterre Grassroot DICOM version 3.0.23 Description An out-of-bounds write issue exists in the JPEG2000Codec::DecodeByStreamsCommon functionality. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can...

9.8CVSS6.9AI score0.01474EPSS
Exploits1References30
Positive Technologies
Positive Technologies
added 2024/02/15 12:0 a.m.4 views

PT-2024-19385

Name of the Vulnerable Software and Affected Versions Mathieu Malaterre Grassroot DICOM version 3.0.23 Description A heap-based buffer overflow issue exists in the LookupTable::SetLUT functionality. This can be triggered by a specially crafted malformed file, leading to memory corruption. An...

9.8CVSS7.9AI score0.01394EPSS
Exploits1References23
NVD
NVD
added 2021/04/19 7:15 p.m.13 views

CVE-2021-29455

Grassroot Platform is an application to make it faster, cheaper and easier to persistently organize and mobilize people in low-income communities. Grassroot Platform before master deployment as of 2021-04-16 did not properly verify the signature of JSON Web Tokens when refreshing an existing JWT...

7.5CVSS0.00757EPSS
Exploits0References3
OSV
OSV
added 2021/04/19 7:15 p.m.14 views

CVE-2021-29455

Grassroot Platform is an application to make it faster, cheaper and easier to persistently organize and mobilize people in low-income communities. Grassroot Platform before master deployment as of 2021-04-16 did not properly verify the signature of JSON Web Tokens when refreshing an existing JWT...

5.3CVSS6.7AI score
Exploits0References3
Prion
Prion
added 2021/04/19 7:15 p.m.9 views

Design/Logic Flaw

Grassroot Platform is an application to make it faster, cheaper and easier to persistently organize and mobilize people in low-income communities. Grassroot Platform before master deployment as of 2021-04-16 did not properly verify the signature of JSON Web Tokens when refreshing an existing JWT...

5CVSS5.2AI score0.00757EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/04/19 7:5 p.m.21 views

CVE-2021-29455 Missing validation of JWT signature in `grassrootza/grassroot-platform`

Grassroot Platform is an application to make it faster, cheaper and easier to persistently organize and mobilize people in low-income communities. Grassroot Platform before master deployment as of 2021-04-16 did not properly verify the signature of JSON Web Tokens when refreshing an existing JWT...

7.5CVSS7.7AI score0.00757EPSS
Exploits0References3
CVE
CVE
added 2021/04/19 7:5 p.m.55 views

CVE-2021-29455

Grassroot Platform (Grassroot Platform) has a JWT signature verification flaw during refresh, allowing forging a valid JWT. Root cause: JWTs are not properly verified when refreshing an existing token. Impact stated as enabling partial integrity compromise, with no confidentiality breach noted in...

7.5CVSS5.5AI score0.00757EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/04/19 12:0 a.m.5 views

Luke Jordan Grassroot Platform 数据伪造问题漏洞

Luke Jordan grassroot-platform is an open source application by Luke Jordan. An application that makes it faster, cheaper and easier to sustainably organize and mobilize people in low-income communities. A security vulnerability exists in Luke Jordan Grassroot Platform that allows for the forgery...

7.5CVSS5.8AI score0.00757EPSS
Exploits0References4
Rows per page
Query Builder