Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Sante — Vulnerabilities & Security Advisories 34

Browse all 34 CVE security advisories affecting Sante. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Sante primarily functions as an open-source Electronic Health Record (EHR) system designed to manage patient data and clinical workflows. Its architecture, often deployed in healthcare environments, has historically exposed it to significant security risks, resulting in thirty-four recorded Common Vulnerabilities and Exposures. The most prevalent flaw categories include Remote Code Execution and Cross-Site Scripting, which allow attackers to inject malicious scripts or gain unauthorized system access. Additionally, privilege escalation vulnerabilities have been documented, enabling lower-level users to bypass administrative controls and access sensitive medical records. These issues often stem from insufficient input validation and weak authentication mechanisms within the application’s web interface. While no single catastrophic breach has been widely publicized, the cumulative nature of these defects highlights critical gaps in data protection. Organizations utilizing this platform must prioritize rigorous patching and strict access controls to mitigate the risk of data exfiltration and unauthorized system modification.

Top products by Sante: DICOM Viewer Pro PACS Server PACS Server PG
CVE IDTitleCVSSSeverityPublished
CVE-2026-2034 Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability — DICOM Viewer ProCWE-120 7.8AIHighAI2026-02-20
CVE-2025-14501 Sante PACS Server HTTP Content-Length Header Handling NULL Pointer Dereference Denial-of-Service Vulnerability — PACS ServerCWE-476 7.5AIHighAI2025-12-23
CVE-2025-5481 Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — DICOM Viewer ProCWE-787 7.8AIHighAI2025-06-06
CVE-2025-0574 Sante PACS Server URL path Memory Corruption Denial-of-Service Vulnerability — PACS ServerCWE-119 7.5 -2025-01-30
CVE-2025-0572 Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability — PACS ServerCWE-22 6.5 -2025-01-30
CVE-2025-0573 Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability — PACS ServerCWE-22 7.5 -2025-01-30
CVE-2025-0569 Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability — PACS ServerCWE-119 7.5 -2025-01-30
CVE-2025-0571 Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability — PACS ServerCWE-119 6.5 -2025-01-30
CVE-2025-0570 Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability — PACS ServerCWE-119 6.5 -2025-01-30
CVE-2025-0568 Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability — PACS ServerCWE-119 7.5 -2025-01-30
CVE-2023-51637 Sante PACS Server PG Patient Query SQL Injection Remote Code Execution Vulnerability — PACS Server PGCWE-89 9.8AICriticalAI2024-05-22
CVE-2023-35734 Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Information Disclosure Vulnerability — DICOM Viewer ProCWE-416 5.5 -2024-05-03
CVE-2023-34297 Sante DICOM Viewer Pro JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — DICOM Viewer ProCWE-787 7.8 -2024-05-03
CVE-2023-34296 Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — DICOM Viewer ProCWE-787 7.8 -2024-05-03
CVE-2023-34295 Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — DICOM Viewer ProCWE-787 7.8 -2024-05-03
CVE-2023-34294 Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Information Disclosure Vulnerability — DICOM Viewer ProCWE-416 5.5 -2024-05-03
CVE-2023-32134 Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Remote Code Execution Vulnerability — DICOM Viewer ProCWE-416 7.8 -2024-05-03
CVE-2023-32135 Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Information Disclosure Vulnerability — DICOM Viewer ProCWE-416 5.5 -2024-05-03
CVE-2023-32133 Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — DICOM Viewer ProCWE-787 7.8 -2024-05-03
CVE-2023-32132 Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — DICOM Viewer ProCWE-787 7.8 -2024-05-03
CVE-2023-32131 Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — DICOM Viewer ProCWE-787 7.8 -2024-05-03
CVE-2024-1863 Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability — PACS ServerCWE-89 9.8 -2024-04-01
CVE-2022-2272 Santesoft Sante PACS Server SQL注入漏洞 — PACS ServerCWE-89 9.8 -2022-08-03
CVE-2022-28668 Santesoft Sante DICOM Viewer Pro 缓冲区错误漏洞 — DICOM Viewer ProCWE-787 7.8 -2022-08-03
CVE-2022-24064 Santesoft Dicom Viewer Pro 缓冲区错误漏洞 — DICOM Viewer ProCWE-787 7.8 -2022-02-18
CVE-2022-24063 Santesoft Dicom Viewer Pro 缓冲区错误漏洞 — DICOM Viewer ProCWE-119 7.8 -2022-02-18
CVE-2022-24062 Santesoft DICOM Viewer Pro 安全漏洞 — DICOM Viewer ProCWE-416 7.8 -2022-02-18
CVE-2022-24061 Santesoft Dicom Viewer Pro 资源管理错误漏洞 — DICOM Viewer ProCWE-416 5.5 -2022-02-18
CVE-2022-24060 Santesoft Dicom Viewer Pro 缓冲区错误漏洞 — DICOM Viewer ProCWE-125 5.5 -2022-02-18
CVE-2022-24059 Santesoft DICOM Viewer Pro 安全漏洞 — DICOM Viewer ProCWE-787 7.8 -2022-02-18

This page lists every published CVE security advisory associated with Sante. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.