汇总 microdicom 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
历史漏洞主要涉及 内存损坏与缓冲区溢出 等问题,部分漏洞可能导致 应用崩溃,并影响 生产负载与软件部署 相关场景。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2025-1002 | MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's certificate, which could make it possible for attackers in a privileged network position to alter network traffic and carry out a machine-in-the-middle (MITM) attack. This allows the attackers to modify the server's response and deliver a malicious update to the user. | [email protected] | 5.7 | 0.15% | 2025-02-10 | 2025-03-03 |
| CVE-2024-33606 | An attacker could retrieve sensitive files (medical images) as well as plant new medical images or overwrite existing medical images on a MicroDicom DICOM Viewer system. User interaction is required to exploit this vulnerability. | [email protected] | 8.6 | 0.28% | 2024-06-11 | 2025-04-23 |
| CVE-2024-28877 | MicroDicom DICOM Viewer is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. User interaction is required to exploit this vulnerability. | [email protected] | 8.7 | 0.43% | 2024-06-11 | 2025-04-10 |
| CVE-2024-25578 | MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior contain a lack of proper validation of user-supplied data, which could result in memory corruption within the application. | [email protected] | 7.8 | 0.07% | 2024-03-01 | 2025-03-06 |
| CVE-2024-22100 | MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior are affected by a heap-based buffer overflow vulnerability, which could allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. A user must open a malicious DCM file in order to exploit the vulnerability. | [email protected] | 7.8 | 0.04% | 2024-03-01 | 2025-03-06 |