本ページは microdicom dicom_viewer に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-1002 | MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's certificate, which could make it possible for attackers in a privileged network position to alter network traffic and carry out a machine-in-the-middle (MITM) attack. This allows the attackers to modify the server's response and deliver a malicious update to the user. | [email protected] | 5.7 | 0.15% | 2025-02-10 | 2026-06-17 |
| CVE-2024-33606 | An attacker could retrieve sensitive files (medical images) as well as plant new medical images or overwrite existing medical images on a MicroDicom DICOM Viewer system. User interaction is required to exploit this vulnerability. | [email protected] | 8.6 | 0.46% | 2024-06-11 | 2026-06-17 |
| CVE-2024-28877 | MicroDicom DICOM Viewer is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. User interaction is required to exploit this vulnerability. | [email protected] | 8.7 | 0.69% | 2024-06-11 | 2026-06-17 |
| CVE-2024-25578 | MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior contain a lack of proper validation of user-supplied data, which could result in memory corruption within the application. | [email protected] | 7.8 | 0.24% | 2024-02-29 | 2026-06-17 |
| CVE-2024-22100 | MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior are affected by a heap-based buffer overflow vulnerability, which could allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. A user must open a malicious DCM file in order to exploit the vulnerability. | [email protected] | 7.8 | 0.26% | 2024-02-29 | 2026-06-17 |