@hmcts/ccd-case-ui-toolkit (>=7.3.49-4369 <=7.3.51), @hmcts/media-viewer (>=4.2.16-4435 <=4.2.17-exui-4369-cve-fix-01) potentially affected by CVE-2026-44437 via @angular/ssr (>=20.3.18 <=20.3.24)

@angular/ssr NPM version =20.3.18, =7.3.49-4369, =4.2.16-4435, =4.2.17-exui-4369-cve-fix-01 Source cves: CVE-2026-44437 Source advisory: SNYK:JS-ANGULARSSR-16438975...

@hmcts/media-viewer (>=4.2.16-exui-4425 <=4.2.16-exui-4425-rel1) potentially affected by CVE-2026-27738 +1 more via @angular/ssr (=20.3.18)

@angular/ssr NPM version =20.3.18 is affected by a known vulnerability. The following packages have a transitive dependency on @angular/ssr and may be impacted: - @hmcts/media-viewer =4.2.16-exui-4425, =4.2.16-exui-4425-rel1 Source cves: CVE-2026-27738, CVE-2026-33397 Source advisory:...

@hmcts/media-viewer (>=4.2.16-exui-4425 <=4.2.16-exui-4425-rel1) potentially affected by CVE-2026-33397 via @angular/ssr (=20.3.18)

@angular/ssr NPM version =20.3.18 is affected by a known vulnerability. The following packages have a transitive dependency on @angular/ssr and may be impacted: - @hmcts/media-viewer =4.2.16-exui-4425, =4.2.16-exui-4425-rel1 Source cves: CVE-2026-33397 Source advisory: OSV:GHSA-VFX2-HV2G-XJ5F...

@cssninja/nuxt-media-viewer (>=0.0.1 <=0.0.15), @enab/uipkg (>=0.0.2-beta.0 <=0.0.2-beta.23) +4 more potentially affected by CVE-2025-54387 via ipx (>=1.0.0-2 <=1.1.0)

ipx NPM version =1.0.0-2, =0.0.1, =0.0.2-beta.0, =0.1.0, =1.0.0-27821548.ab054e4, =0.0.3, =0.0.4-beta-6 Source cves: CVE-2025-54387 Source advisory: SNYK:JS-IPX-11483961...

CVE-2024-29734

Uncontrolled search path element issue exists in SonicDICOM Media Viewer 2.3.2 and earlier, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

CVE-2024-29734

Uncontrolled search path element issue exists in SonicDICOM Media Viewer 2.3.2 and earlier, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

CVE-2024-29734

CVE-2024-29734 (SonicDICOM Media Viewer) involves an uncontrolled DLL search path element in SonicDICOM Media Viewer 2.3.2 and earlier. The root cause is a DLL search path issue (CWE-427) that may lead to insecure loading of Dynamic Link Libraries, allowing arbitrary code to execute with the priv...

CVE-2024-29734

Uncontrolled search path element issue exists in SonicDICOM Media Viewer 2.3.2 and earlier, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

CVE-2024-29734

Uncontrolled search path element issue exists in SonicDICOM Media Viewer 2.3.2 and earlier, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

PT-2024-22977 · Unknown · Sonicdicom Media Viewer

Name of the Vulnerable Software and Affected Versions: SonicDICOM Media Viewer versions 2.3.2 and earlier Description: An uncontrolled search path element issue exists, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of...

SonicDICOM Media Viewer may insecurely load Dynamic Link Libraries

Overview SonicDICOM Media Viewer provided by Fujidenolo Solutions Co., Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Taihei Shimamine of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to the developer and...

SonicDICOM Media Viewer 安全漏洞

SonicDICOM Media Viewer is a software for viewing medical image files from SonicDICOM, Inc. A security vulnerability exists in SonicDICOM Media Viewer 2.3.2 and prior versions, which stems from a contained DLL search path issue that could lead to unsafe loading of dynamic link libraries...

CVE-2021-1517

A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within the multimedia viewer feature. An attacker...

Shadowbox Local File Inclusion

Author: TUNISIAN CYBER + Exploit Title: Shadowbox LFI Vulnerability + Date: 03-02-2014 + Category: WebApp + Google Dork: : + Tested on: KaliLinux + Vendor: http://shadowbox-js.com/ + Friendly Sites: na3il.com,th3-creative.com +Description: Shadowbox is a web-based media viewer application that...