CVE-2026-20439

In imgsys, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10431955; Issue ID: MSV-5826...

CVE-2026-20439

In imgsys, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10431955; Issue ID: MSV-5826...

PT-2026-22564

In imgsys, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10431955; Issue ID: MSV-5826...

CVE-2026-20409

In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10363246; Issue ID: MSV-5779...

CVE-2026-20414

In imgsys, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362999; Issue ID: MSV-5625...

CVE-2026-20410

In imgsys, a vulnerability CVE-2026-20410 is described as an out-of-bounds write caused by a missing bounds check in a component of imgsys. The impact is local escalation of privilege to System with confidentiality, integrity, and availability impact rated high in the CVSS vector (LOCAL, HIGH imp...

CVE-2026-20410

In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362552; Issue ID: MSV-5760...

CVE-2026-20409

In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10363246; Issue ID: MSV-5779...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities, which stem from improper locking mechanisms in the imgsys component, potentially leading to local denial-of-service attacks...

MedDream PACS Premium security vulnerability

MedDream PACS Premium is an enterprise-level image storage and management server suite developed by MedDream Corporation. Version 7.3.6.870 of MedDream PACS Premium contains a security vulnerability caused by a reflective cross-site scripting vulnerability in the existingUser function, which may...

MedDream PACS Premium Cross-site Scripting Vulnerability

MedDream PACS Premium is an enterprise-level image storage and management server suite developed by MedDream Corporation. Version 7.3.6.870 of MedDream PACS Premium contains a cross-site scripting vulnerability. This vulnerability stems from the reflective cross-site scripting vulnerability prese...

CVE-2025-20796

In imgsys, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10314745; Issue ID: MSV-5553...

CVE-2025-20796

CVE-2025-20796 affects imgsys with an out-of-bounds write caused by improper input validation. The issue can lead to local privilege escalation if an attacker already has System privileges and must involve user interaction for exploitation. A patch is referenced (ALPS10314745; MSV-5553). CVSS v3....

EUVD-2024-37349

Malicious code in bioql PyPI...

EUVD-2025-26168

Malicious code in bioql PyPI...

CVE-2025-8858

Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-8858

Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-8858 Changing｜Clinic Image System - SQL Injection

Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-8858

CVE-2025-8858 concerns the Clinic Image System developed by Changing. The connected documents confirm a SQL Injection vulnerability that enables unauthenticated remote attackers to inject arbitrary SQL to read database contents. No explicit affected versions or fixed/patch information are provide...

CVE-2025-8857

CVE-2025-8857 concerns the Clinic Image System developed by Changing, where the vulnerability arises from hard-coded administrator credentials embedded in the source code. The impact described across connected documents is unauthenticated remote login to the system, potentially compromising confi...