Vulnerabilities > Santesoft > Sante Pacs Server

DATE CVE VULNERABILITY TITLE RISK
2025-03-13 CVE-2025-2263 Out-of-bounds Write vulnerability in Santesoft Sante Pacs Server 4.1.0
During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password.
network
low complexity
santesoft CWE-787
critical
 9.8
9.8
2025-03-13 CVE-2025-2264 Path Traversal vulnerability in Santesoft Sante Pacs Server 4.1.0
A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe".
network
low complexity
santesoft CWE-22
7.5
7.5
2025-01-30 CVE-2025-0568 Out-of-bounds Write vulnerability in Santesoft Sante Pacs Server
Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability.
network
low complexity
santesoft CWE-787
7.5
7.5
2025-01-30 CVE-2025-0569 Out-of-bounds Write vulnerability in Santesoft Sante Pacs Server
Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability.
network
low complexity
santesoft CWE-787
7.5
7.5
2025-01-30 CVE-2025-0570 Out-of-bounds Write vulnerability in Santesoft Sante Pacs Server
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability.
network
low complexity
santesoft CWE-787
6.5
6.5
2025-01-30 CVE-2025-0571 Out-of-bounds Write vulnerability in Santesoft Sante Pacs Server
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability.
network
low complexity
santesoft CWE-787
6.5
6.5
2025-01-30 CVE-2025-0572 Path Traversal vulnerability in Santesoft Sante Pacs Server
Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability.
network
low complexity
santesoft CWE-22
4.3
4.3
2025-01-30 CVE-2025-0573 Path Traversal vulnerability in Santesoft Sante Pacs Server
Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability.
network
low complexity
santesoft CWE-22
5.3
5.3
2025-01-30 CVE-2025-0574 Out-of-bounds Write vulnerability in Santesoft Sante Pacs Server
Sante PACS Server URL path Memory Corruption Denial-of-Service Vulnerability.
network
low complexity
santesoft CWE-787
7.5
7.5
2022-08-03 CVE-2022-2272 Unspecified vulnerability in Santesoft Sante Pacs Server 3.0.4
This vulnerability allows remote attackers to bypass authentication on affected installations of Sante PACS Server 3.0.4.
network
low complexity
santesoft
critical
 9.8
9.8