Sante Pacs Server vulnerabilities
10 known vulnerabilities affecting sante/pacs_server.
Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH4MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2022-2272P2CRITICALCVSS 9.8v3.0.42022-08-03
CVE-2022-2272 [CRITICAL] CWE-89 CVE-2022-2272: This vulnerability allows remote attackers to bypass authentication on affected installations of San
This vulnerability allows remote attackers to bypass authentication on affected installations of Sante PACS Server 3.0.4. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the login endpoint. When parsing the username element, the process does not properly validate a user-supplied
nvd
CVE-2024-1863P2CRITICALCVSS 9.8v3.3.32024-04-01
CVE-2024-1863 [CRITICAL] CWE-89 CVE-2024-1863: Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability. This vulnerabili
Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the processing of HTTP requests on port 3000. When parsi
nvd
CVE-2025-14501P3HIGHCVSS 7.5v4.2.22025-12-23
CVE-2025-14501 [HIGH] CWE-476 CVE-2025-14501: Sante PACS Server HTTP Content-Length Header Handling NULL Pointer Dereference Denial-of-Service Vul
Sante PACS Server HTTP Content-Length Header Handling NULL Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of
nvd
CVE-2025-0568P3HIGHCVSS 7.5v4.0.92025-01-30
CVE-2025-0568 [HIGH] CWE-119 CVE-2025-0568: Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerabi
Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the parsing of DCM files. The issue results
nvd
CVE-2025-0569P3HIGHCVSS 7.5v4.0.92025-01-30
CVE-2025-0569 [HIGH] CWE-119 CVE-2025-0569: Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerabi
Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the parsing of DCM files. The issue results
nvd
CVE-2025-0574P3HIGHCVSS 7.5v4.0.92025-01-30
CVE-2025-0574 [HIGH] CWE-119 CVE-2025-0574: Sante PACS Server URL path Memory Corruption Denial-of-Service Vulnerability. This vulnerability all
Sante PACS Server URL path Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the parsing of URLs in the web server module. The i
nvd
CVE-2025-0570P3MEDIUMCVSS 6.5v4.0.92025-01-30
CVE-2025-0570 [MEDIUM] CWE-119 CVE-2025-0570: Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. Thi
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability.
The specific flaw exists within the parsing of DCM files. The issu
nvd
CVE-2025-0571P3MEDIUMCVSS 6.5v4.0.92025-01-30
CVE-2025-0571 [MEDIUM] CWE-119 CVE-2025-0571: Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. Thi
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability.
The specific flaw exists within the parsing of DCM files. The issu
nvd
CVE-2025-0573P3MEDIUMCVSS 5.3v4.0.92025-01-30
CVE-2025-0573 [MEDIUM] CWE-22 CVE-2025-0573: Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This vuln
Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the parsing of DCM files. The issue results from th
nvd
CVE-2025-0572P4MEDIUMCVSS 4.3v4.0.92025-01-30
CVE-2025-0572 [MEDIUM] CWE-22 CVE-2025-0572: Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability
Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability.
The specific flaw exists within the parsing of DCM files. The issue results
nvd