CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22391
https://notcve.org/view.php?id=CVE-2024-22391
A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico en la funcionalidad LookupTable::SetLUT de Mathieu Malaterre Grassroot DICOM 3.0.23. Un archivo con formato incorrecto especialmente manipulado puede provocar daños en la memoria. • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZJ4IG7EXMSMPHTK5ZFASCW6MHSOVZOE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5HXUKUJ7SG3TK456SGUWVZ4Z5D7JKOL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJA7QWWZWMY4AQFR35EA7S3CFVUTOQYG https://talosintelligence.com/vulnerability_reports/TALOS-2024-1924 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22373
https://notcve.org/view.php?id=CVE-2024-22373
An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Existe una vulnerabilidad de escritura fuera de los límites en la funcionalidad JPEG2000Codec::DecodeByStreamsCommon de Mathieu Malaterre Grassroot DICOM 3.0.23. Un archivo DICOM especialmente manipulado puede provocar un desbordamiento de búfer de almacenamiento dinámico. • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZJ4IG7EXMSMPHTK5ZFASCW6MHSOVZOE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5HXUKUJ7SG3TK456SGUWVZ4Z5D7JKOL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJA7QWWZWMY4AQFR35EA7S3CFVUTOQYG https://talosintelligence.com/vulnerability_reports/TALOS-2024-1935 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25569
https://notcve.org/view.php?id=CVE-2024-25569
An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability. Existe una vulnerabilidad de lectura fuera de los límites en la funcionalidad RAWCodec::DecodeBytes de Mathieu Malaterre Grassroot DICOM 3.0.23. Un archivo DICOM especialmente manipulado puede provocar una lectura fuera de los límites. • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZJ4IG7EXMSMPHTK5ZFASCW6MHSOVZOE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5HXUKUJ7SG3TK456SGUWVZ4Z5D7JKOL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJA7QWWZWMY4AQFR35EA7S3CFVUTOQYG https://talosintelligence.com/vulnerability_reports/TALOS-2024-1944 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-35308
https://notcve.org/view.php?id=CVE-2020-35308
CONQUEST DICOM SERVER before 1.5.0 has a code execution vulnerability which can be exploited by attackers to execute malicious code. CONQUEST DICOM SERVER versiones anteriores a 1.5.0, tiene una vulnerabilidad de ejecución de código que los atacantes pueden aprovechar para ejecutar código malicioso. • https://www.cnvd.org.cn/flaw/show/2017713 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2015-8979 – DCMTK storescp DICOM storage (C-STORE) SCP Remote Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-8979
Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.0 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a long string sent to TCP port 4242. Desbordamiento de búfer basado en pila en la función parsePresentationContext en storescp en DICOM dcmtk-3.6.0 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) a través de una cadena larga enviada al puerto TCP 4242. • http://packetstormsecurity.com/files/140191/DCMTK-storescp-DICOM-storage-C-STORE-SCP-Remote-Stack-Buffer-Overflow.html http://www.debian.org/security/2016/dsa-3749 http://www.openwall.com/lists/oss-security/2016/12/18/2 http://www.securityfocus.com/bid/94951 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php https://bugzilla.redhat.com/show_bug.cgi?id=1405919 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •