Sante Pacs Server Security Vulnerabilities and Issues — Sante Pacs Server CVE List

Lucene search

SantesoftSante Pacs Server

10 matches found

CVE•added 2025/03/13 5:15 p.m.•58 views

CVE-2025-2264

A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed.

7.5CVSS7.4AI score0.69451EPSS

CVE•added 2022/08/03 4:15 p.m.•49 views

CVE-2022-2272

This vulnerability allows remote attackers to bypass authentication on affected installations of Sante PACS Server 3.0.4. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the login endpoint. When parsing the username element, t...

9.8CVSS9.8AI score0.00239EPSS

CVE•added 2025/01/30 9:15 p.m.•47 views

CVE-2025-0570

Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The specific ...

6.5CVSS6.6AI score0.00196EPSS

CVE•added 2025/01/30 9:15 p.m.•47 views

CVE-2025-0574

Sante PACS Server URL path Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The specific flaw exists wit...

8.2CVSS8.3AI score0.00208EPSS

CVE•added 2025/01/30 9:15 p.m.•43 views

CVE-2025-0571

6.5CVSS6.6AI score0.00187EPSS

CVE•added 2025/01/30 9:15 p.m.•41 views

CVE-2025-0568

Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The specific flaw ex...

7.5CVSS7.7AI score0.00257EPSS

CVE•added 2025/01/30 9:15 p.m.•41 views

CVE-2025-0572

Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The specific flaw exis...

4.3CVSS4.5AI score0.01905EPSS

CVE•added 2025/03/13 5:15 p.m.•41 views

CVE-2025-2263

During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. A fixed 0x80-byte stack-based buffer is passed to the function as the output buffer. A stack-based buffer overflow exists if a long encrypted username or pas...

9.8CVSS9.9AI score0.01272EPSS

CVE•added 2025/01/30 9:15 p.m.•40 views

CVE-2025-0569

7.5CVSS7.7AI score0.00273EPSS

CVE•added 2025/01/30 9:15 p.m.•39 views

CVE-2025-0573

Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The specific flaw exists with...

5.3CVSS5.3AI score0.02872EPSS