VYPR

Sante PACS Server.exe

by Sante PACS Server

CVEs (3)

  • CVE-2025-2263CriMar 13, 2025
    risk 0.64cvss 9.8epss 0.01

    During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. A fixed 0x80-byte stack-based buffer is passed to the function as the output buffer. A stack-based buffer overflow exists if a long…

  • CVE-2025-2264HigMar 13, 2025
    risk 0.55cvss 7.5epss 0.39

    A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed.

  • CVE-2025-2265HigMar 13, 2025
    risk 0.51cvss 7.8epss 0.00

    The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte