news.russia.network | Published Advisories

ZDI-25-054: Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.3. The following CVEs are assigned: CVE-2025-0572...

ПОДРОБНЕЕ

ZDI-25-053: Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.3. The following CVEs are assigned: CVE-2025-0573...

ПОДРОБНЕЕ

ZDI-25-052: Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2025-0569...

ПОДРОБНЕЕ

ZDI-25-051: Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.5. The following CVEs are assigned: CVE-2025-0571...

ПОДРОБНЕЕ

ZDI-25-050: Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability

ПОДРОБНЕЕ

ZDI-25-049: Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability

ПОДРОБНЕЕ

ZDI-25-048: Apple WebKit WebCore ContainerNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple WebKit. User interaction is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-27856...

ПОДРОБНЕЕ

ZDI-25-047: WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-1240...

ПОДРОБНЕЕ