Meddream

Pacs Server

39 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-26469

Exploit
  • EPSS 0.08%
  • Veröffentlicht 28.07.2025 13:36:21
  • Zuletzt bearbeitet 03.11.2025 20:18:01

An incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues functionality of MedDream PACS Premium 7.3.3.840. A specially crafted application can decrypt credentials stored in a configuration-related registry key....

9.8

CVE-2025-27724

Exploit
  • EPSS 0.07%
  • Veröffentlicht 28.07.2025 13:36:19
  • Zuletzt bearbeitet 03.11.2025 20:18:06

A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted .php file can lead to elevated capabilities. An attacker can upload a malicious file to trigger this vulnerabi...

6.1

CVE-2025-32731

Exploit
  • EPSS 0.06%
  • Veröffentlicht 28.07.2025 13:36:18
  • Zuletzt bearbeitet 03.11.2025 20:18:28

A reflected cross-site scripting (xss) vulnerability exists in the radiationDoseReport.php functionality of meddream MedDream PACS Premium 7.3.5.860. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can p...

7.5

CVE-2025-24485

Exploit
  • EPSS 0.04%
  • Veröffentlicht 28.07.2025 13:36:15
  • Zuletzt bearbeitet 03.11.2025 20:17:56

A server-side request forgery vulnerability exists in the cecho.php functionality of MedDream PACS Premium 7.3.5.860. A specially crafted HTTP request can lead to SSRF. An attacker can make an unauthenticated HTTP request to trigger this vulnerabilit...

6.5

CVE-2025-3480

  • EPSS 0.01%
  • Veröffentlicht 22.05.2025 00:51:28
  • Zuletzt bearbeitet 15.08.2025 16:58:54

MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of MedDream WEB DICOM Viewer. Authe...

7.8

CVE-2025-3481

  • EPSS 0.21%
  • Veröffentlicht 22.05.2025 00:51:24
  • Zuletzt bearbeitet 11.07.2025 14:38:14

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not req...

7.8

CVE-2025-3482

  • EPSS 0.21%
  • Veröffentlicht 22.05.2025 00:51:20
  • Zuletzt bearbeitet 11.07.2025 14:38:42

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not req...

7.8

CVE-2025-3483

  • EPSS 0.21%
  • Veröffentlicht 22.05.2025 00:51:15
  • Zuletzt bearbeitet 11.07.2025 14:38:53

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not req...

9.8

CVE-2025-3484

  • EPSS 0.88%
  • Veröffentlicht 22.05.2025 00:51:10
  • Zuletzt bearbeitet 11.07.2025 14:39:05

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not req...