Filtered by vendor Offis Dicom
Subscriptions
Filtered by product Dcmtk Toolkit
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-44628 | 1 Offis Dicom | 1 Dcmtk Toolkit | 2026-07-01 | 7.5 High |
| An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record. | ||||
| CVE-2026-52868 | 1 Offis Dicom | 1 Dcmtk Toolkit | 2026-07-01 | 8.2 High |
| An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation. | ||||
| CVE-2026-35505 | 1 Offis Dicom | 1 Dcmtk Toolkit | 2026-07-01 | 7.5 High |
| An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart. | ||||
| CVE-2026-50254 | 1 Offis Dicom | 1 Dcmtk Toolkit | 2026-07-01 | 7.5 High |
| An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it. | ||||
| CVE-2026-50003 | 1 Offis Dicom | 1 Dcmtk Toolkit | 2026-07-01 | 9.8 Critical |
| A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative (../) paths and absolute paths. | ||||
Page 1 of 1.