Lucene search
K

60 matches found

CNNVD
CNNVD
added 2025/08/29 12:0 a.m.3 views

Changing Clinic Image System SQL注入漏洞

Changing Clinic Image System is a computer system for managing and displaying medical images from Changing Taiwan, China. The Changing Clinic Image System suffers from a SQL injection vulnerability that stems from susceptibility to SQL injection attacks, which could lead to an unauthenticated...

8.7CVSS8.1AI score0.00395EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/29 12:0 a.m.3 views

PT-2025-35179

Name of the Vulnerable Software and Affected Versions: Clinic Image System versions affected versions not specified Description: Clinic Image System developed by Changing is susceptible to a SQL Injection issue. This allows unauthenticated remote attackers to inject arbitrary SQL commands,...

8.7CVSS7.4AI score0.00395EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/08/29 12:0 a.m.4 views

PT-2025-35178

Name of the Vulnerable Software and Affected Versions: Clinic Image System affected versions not specified Description: The Clinic Image System developed by Changing contains hard-coded credentials. This allows unauthenticated remote attackers to log into the system using administrator credential...

9.8CVSS6.4AI score0.00492EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/08/29 12:0 a.m.4 views

Changing Clinic Image System 信任管理问题漏洞

Changing Clinic Image System is a computer system that manages and displays medical images from Changing, a Taiwan, China-based company. A trust management issue vulnerability exists in the Changing Clinic Image System, which stems from hard-coded credentials, and could allow an unauthenticated,...

9.8CVSS6.8AI score0.00492EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 9:20 a.m.6 views

CVE-2024-38467

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...

7.5CVSS5.8AI score0.00379EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:1 a.m.5 views

CVE-2024-20055

In imgsys, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation Patch ID: ALPS08518692; Issue ID: MSV-1012...

6.3CVSS5.2AI score0.00079EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:6 a.m.5 views

CVE-2023-20846

In imgsyscmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354023; Issue ID: ALPS07340098...

4.2CVSS5.2AI score0.00091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:6 a.m.6 views

CVE-2023-20850

In imgsyscmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381...

6.5CVSS6.6AI score0.00094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:6 a.m.6 views

CVE-2023-20845

In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07197795; Issue ID: ALPS07340357...

4.2CVSS5.2AI score0.00091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:6 a.m.5 views

CVE-2023-20800

In imgsys, there is a possible system crash due to a mssing ptr check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420955...

6.5CVSS6.6AI score0.00089EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/03/13 12:0 a.m.7 views

The vulnerability of the DCM files on the medical image and data management system, as well as the Sante PACS Server, allows a perpetrator to trigger a service failure.

The vulnerability of the DCM files on the medical image and data management system, as well as those on the Sante PACS Server, is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

7.8CVSS7.2AI score0.0097EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/13 12:0 a.m.4 views

The vulnerability of the DCM files on the medical image and data management system, as well as the Sante PACS Server, allows a perpetrator to trigger a service failure.

The vulnerability of the DCM files on the medical image and data management system, as well as those on the Sante PACS Server, is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.8CVSS6.5AI score0.00916EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/13 12:0 a.m.5 views

The vulnerability of the DCM files on the medical image and data management system, as well as the Sante PACS Server, allows a perpetrator to trigger a service failure.

The vulnerability of the DCM files on the medical image and data management system, as well as those on the Sante PACS Server, is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.8CVSS6.5AI score0.00916EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/13 12:0 a.m.5 views

The vulnerability of the DCM files on the medical image and data management system, as well as the Sante PACS Server, allows a perpetrator to trigger a service failure.

The vulnerability of the DCM files on the medical image and data management system, as well as those on the Sante PACS Server, is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

7.8CVSS7.2AI score0.0097EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/06/16 4:15 p.m.4 views

CVE-2024-38465

Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error...

5.3CVSS5.8AI score0.0025EPSS
Exploits0References1
OSV
OSV
added 2024/06/16 4:15 p.m.4 views

CVE-2024-38467

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...

7.5CVSS5.8AI score0.00379EPSS
Exploits0References1
OSV
OSV
added 2024/06/16 4:15 p.m.5 views

CVE-2024-38468

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API...

9.8CVSS5.8AI score0.00421EPSS
Exploits0References1
OSV
OSV
added 2024/06/16 4:15 p.m.5 views

CVE-2024-38466

Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password...

9.8CVSS5.8AI score0.00421EPSS
Exploits0References1
NVD
NVD
added 2024/06/16 4:15 p.m.24 views

CVE-2024-38465

Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error...

5.3CVSS0.0025EPSS
Exploits0References1
NVD
NVD
added 2024/06/16 4:15 p.m.23 views

CVE-2024-38467

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API...

7.5CVSS0.00379EPSS
Exploits0References1
Rows per page
Query Builder