How severe is CVE-2025-3482?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2025-3482?

This is classified as CWE-121, which is a common weakness in software security.

CVE-2025-3482

CRITICAL Year: 2025

CVSS v3 Score

9.8

Critical

Weakness Type

CWE-121

View all →

Vulnerability Description

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of DICOM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-25826.

CVE-2014-9163

CRITICAL

CVSS:9.8(Critical)

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code ...

CWE-1212014

CVE-2014-9189

CRITICAL

CVSS:9.8(Critical)

Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that coul...

CWE-1212014

CVE-2015-1006

CRITICAL

CVSS:9.8(Critical)

A vulnerable file in Opto 22 PAC Project Professional versions prior to R9.4006, PAC Project Basic versions prior to R9.4006, PAC Display Basic versions prior to R9.4f, PAC Display Professional versio...

CWE-1212015

CVE-2016-6563

CRITICAL

CVSS:9.8(Critical)

Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, U...

CWE-1212016

CVE-2017-12194

CRITICAL

CVSS:9.8(Critical)

A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbi...

CWE-1212017

CVE-2017-12706

CRITICAL

CVSS:9.8(Critical)

A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validati...

CWE-1212017

CVE-2025-3482

Vulnerability Description

Related Vulnerabilities

CVE-2014-9163

CVE-2014-9189

CVE-2015-1006

CVE-2016-6563

CVE-2017-12194

CVE-2017-12706