Vulnerabilities > Offis

DATE CVE VULNERABILITY TITLE RISK
2022-12-02 CVE-2022-43272 Memory Leak vulnerability in Offis Dcmtk 3.6.7
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.
network
low complexity
offis CWE-401
7.5
2022-06-28 CVE-2021-41687 Memory Leak vulnerability in Offis Dcmtk
DCMTK through 3.6.6 does not handle memory free properly.
network
low complexity
offis CWE-401
7.5
2022-06-28 CVE-2021-41688 Double Free vulnerability in Offis Dcmtk
DCMTK through 3.6.6 does not handle memory free properly.
network
low complexity
offis CWE-415
7.5
2022-06-28 CVE-2021-41689 NULL Pointer Dereference vulnerability in Offis Dcmtk
DCMTK through 3.6.6 does not handle string copy properly.
network
low complexity
offis CWE-476
7.5
2022-06-28 CVE-2021-41690 Memory Leak vulnerability in Offis Dcmtk
DCMTK through 3.6.6 does not handle memory free properly.
network
low complexity
offis CWE-401
7.5
2022-06-24 CVE-2022-2119 Unspecified vulnerability in Offis Dcmtk
OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names.
network
low complexity
offis
critical
9.8
2022-06-24 CVE-2022-2120 Path Traversal vulnerability in Offis Dcmtk
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names.
network
low complexity
offis CWE-22
critical
9.8
2022-06-24 CVE-2022-2121 Unspecified vulnerability in Offis Dcmtk
OFFIS DCMTK's (All versions prior to 3.6.7) has a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service condition.
low complexity
offis
6.5
2019-07-22 CVE-2019-1010228 Out-of-bounds Write vulnerability in multiple products
OFFIS.de DCMTK 3.6.3 and below is affected by: Buffer Overflow.
network
low complexity
offis fedoraproject CWE-787
critical
9.8