8 matches found
PT-2026-35981
Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attackers can submit POST requests to /servlet/actions/merge-viewer/summary with login credentials to hija...
CVE-2025-27721
Unauthorized users can access INFINITT PACS System Manager without proper authorization, which could lead to unauthorized access to system resources...
CVE-2025-24489 INFINITT Healthcare INFINITT PACS Unrestricted Upload of File with Dangerous Type
An attacker could exploit this vulnerability by uploading arbitrary files via a specific service, which could lead to system compromise...
CVE-2025-27714 INFINITT Healthcare INFINITT PACS Unrestricted Upload of File with Dangerous Type
An attacker could exploit this vulnerability by uploading arbitrary files via the a specific endpoint, leading to unauthorized remote code execution or system compromise...
CVE-2025-27721 INFINITT Healthcare INFINITT PACS Exposure of Sensitive System Information to an Unauthorized Control Sphere
Unauthorized users can access INFINITT PACS System Manager without proper authorization, which could lead to unauthorized access to system resources...
CVE-2025-53948
The Sante PACS Server allows a remote attacker to crash the main thread by sending a crafted HL7 message, causing a denial-of-service condition. The application would require a manual restart and no authentication is required...
CVE-2023-40704
The product does not require unique and complex passwords to be created during installation. Using Philips's default password could jeopardize the PACS system if the password was hacked or leaked. An attacker could gain access to the database impacting system availability and data integrity...
PT-2022-10902 · Philips · Philips Vue Myvue Pacs
Name of the Vulnerable Software and Affected Versions: Philips Vue MyVue PACS versions prior to 12.2.x.x Description: The issue allows authenticated users to perform Path Traversal, accessing files stored outside of the web root through the VideoStream function. Recommendations: For Philips Vue...