CVE-2025-54156

Critical CVSS: 9.1

The Sante PACS Server Web Portal sends credential information without encryption.

Vendor

Product

CWE

Yayın Tarihi

2025-08-18 22:15:28

Güncelleme

2025-10-17 17:28:02

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

CWE-319 Sante Pacs Server CRITICAL Santesoft 2025

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-224-01

High

CVE-2026-2034

Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows r…

High

CVE-2025-53948

The Sante PACS Server allows a remote attacker to crash the main thread by sending a crafted HL7 message, causing a deni…

Medium

CVE-2025-54759

Sante PACS Server is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes redirectin…

Medium

CVE-2025-54862

Sante PACS Server web portal is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes…

High

CVE-2025-5481

Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allo…

High

CVE-2025-5307

Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability. A local attacker could exploit this issue t…