Marco Eichelberg

7 exploits Active since May 2024
CVE-2026-12805 WRITEUP MEDIUM WRITEUP
OFFIS DCMTK ofxml.cc parseFile heap-based overflow
A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. This patch is called 1d4b3815c0987840a983160bfc671fef63a3105b. It is best practice to apply a patch to resolve this issue. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
CVSS 6.3
CVE-2026-5663 WRITEUP HIGH WRITEUP
OFFIS DCMTK storescp storescp.cc executeOnEndOfStudy os command injection
A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The patch is named edbb085e45788dccaf0e64d71534cfca925784b8. Applying a patch is the recommended action to fix this issue.
CVSS 7.3
CVE-2024-34508 WRITEUP MEDIUM WRITEUP
DCMTK < 3.6.9 - Denial of Service via Invalid DIMSE Message
dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
CVSS 4.3
CVE-2024-34509 WRITEUP MEDIUM WRITEUP
DCMTK < 3.6.9 - Denial of Service via Invalid DIMSE Message
dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
CVSS 5.3
CVE-2025-14607 WRITEUP MEDIUM WRITEUP
OFFIS DCMTK <3.6.9 - Memory Corruption
A vulnerability was detected in OFFIS DCMTK up to 3.6.9. Affected by this issue is the function DcmByteString::makeDicomByteString of the file dcmdata/libsrc/dcbytstr.cc of the component dcmdata. The manipulation results in memory corruption. The attack can be launched remotely. Upgrading to version 3.7.0 can resolve this issue. The patch is identified as 4c0e5c10079392c594d6a7abd95dd78ac0aa556a. You should upgrade the affected component.
CVSS 6.3
CVE-2025-14841 WRITEUP LOW WRITEUP
OFFIS DCMTK <3.6.9 - Null Pointer Dereference
A flaw has been found in OFFIS DCMTK up to 3.6.9. The impacted element is the function DcmQueryRetrieveIndexDatabaseHandle::startFindRequest/DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest in the library dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. This manipulation causes null pointer dereference. The attack requires local access. Upgrading to version 3.7.0 is sufficient to resolve this issue. Patch name: ffb1a4a37d2c876e3feeb31df4930f2aed7fa030. You should upgrade the affected component.
CVSS 3.3
CVE-2025-25475 WRITEUP HIGH WRITEUP
DCMTK - Denial of Service via NULL Pointer Dereference in dcrleccd.cc
A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file.
CVSS 7.5