Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2025/12/24 8:15 p.m.5 views

CVE-2018-25142

NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity XXE injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack...

9.8CVSS0.00029EPSS
Exploits1References3
CVE
CVEadded 2025/12/24 7:27 p.m.8 views

CVE-2018-25142

NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 is affected by an unauthenticated XML External Entity (XXE) injection in XML preference import settings. The root cause is an XXE vulnerability that allows crafted XML files with DTD parameter entities to retrieve arbitrary system files via an out-of-...

9.8CVSS7.3AI score0.00029EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/12/24 7:27 p.m.27 views

CVE-2018-25142 NovaRad NovaPACS Diagnostics Viewer 8.5 XML External Entity Injection

NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity XXE injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack...

9.8CVSS0.00029EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/12/24 7:27 p.m.2 views

CVE-2018-25142 NovaRad NovaPACS Diagnostics Viewer 8.5 XML External Entity Injection

NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity XXE injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack...

9.8CVSS7.3AI score0.00029EPSS
Exploits1References3
CNNVD
CNNVDadded 2025/12/24 12:0 a.m.2 views

NovaRad NovaPACS Diagnostics Viewer 安全漏洞

NovaRad NovaPACS Diagnostics Viewer is a medical imaging diagnostics viewer from NovaRad Philippines. A security vulnerability exists in NovaRad NovaPACS Diagnostics Viewer version 8.5.19.75, which stems from an XML preferences import that has XML external entity injection, which could lead to...

9.8CVSS6.9AI score0.00029EPSS
Exploits1References3
0day.today
0day.todayadded 2018/09/06 12:0 a.m.53 views

NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection Vulnerability

Exploit for xml platform in category web applications Title: NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection File Disclosure Author: Gjoko 'LiquidWorm' Krstic @zeroscience Vendor: NovaRad Corporation Product web page: https://www.novarad.net Affected version: 8.5.19.75...

Exploits0
Exploit DB
Exploit DBadded 2018/09/06 12:0 a.m.30 views

NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection (File Disclosure)

Title: NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection File Disclosure Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-09-07 Vendor: NovaRad Corporation Product web page: https://www.novarad.net Affected version: 8.5.19.75 Diagnostics Viewer, Study Browser Tested...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2018/09/05 12:0 a.m.51 views

NovaRad NovaPACS Diagnostics Viewer 8.5 File Disclosure

NovaRad NovaPACS Diagnostics Viewer v8.5 OOB XXE File Disclosure Vendor: NovaRad Corporation Product web page: https://www.novarad.net Affected version: 8.5.19.75 Diagnostics Viewer, Study Browser Summary: NovaPACS revolutionary workflow infrastructure has been designed and developed using the...

7.4AI score
Exploits0
Rows per page
Query Builder