📦 Dcmtk
by Offis
🔍 What is Dcmtk?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A NULL pointer dereference vulnerability in DCMTK's DICOM file processing component allows attackers to cause denial of service by sending specially crafted DICOM files. This affects systems running v...
An improper array index validation vulnerability in OFFIS DCMTK's determineMinMax function allows out-of-bounds writes when processing specially crafted DICOM files. This could lead to arbitrary code ...
An improper array index validation vulnerability in OFFIS DCMTK's nowindow functionality allows out-of-bounds writes when processing specially crafted DICOM files. Attackers can exploit this to potent...
A buffer overflow vulnerability in DCMTK v3.6.8 allows attackers to execute arbitrary code via the EctEnhancedCT method component. This affects systems running vulnerable versions of DCMTK, particular...
This vulnerability allows arbitrary code execution through incorrect type conversion when processing specially crafted DICOM files in OFFIS DCMTK. Attackers can achieve remote code execution by tricki...
CVE-2021-41688 is a double-free vulnerability in DCMTK's dcmqrdb program that allows attackers to cause denial of service by sending specific requests. This affects systems running DCMTK up to version...
CVE-2021-41690 is a memory leak vulnerability in DCMTK's dcmqrdb program where allocated memory for file information isn't properly freed. Attackers can send specific requests to cause memory exhausti...
This vulnerability in OFFIS DCMTK's service class user (SCU) allows attackers to write DICOM files to arbitrary directories via relative path traversal. This could lead to remote code execution by pla...
This CVE describes a stack-based buffer overflow vulnerability in DCMTK's dcmqrscp component. Attackers with local access can exploit the parseQuota function by manipulating StorageQuota arguments, po...
A memory corruption vulnerability in DCMTK's dcm2img component allows local attackers to potentially crash applications or execute arbitrary code. This affects DCMTK versions up to 3.6.9. The vulnerab...
A critical memory corruption vulnerability in DCMTK's JPEG-LS decoder allows remote attackers to potentially execute arbitrary code or crash applications. This affects systems using DCMTK 3.6.9 for me...
CVE-2024-34509 is a segmentation fault vulnerability in dcmdata component of DCMTK medical imaging toolkit. It allows denial of service attacks via specially crafted invalid DIMSE messages. Systems ru...