ZDI-25-246: MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability

Read Time:13 Second

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of MedDream WEB DICOM Viewer. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.3. The following CVEs are assigned: CVE-2025-3480.

USN-7469-2: Apache Tomcat vulnerability

USN-7469-1 fixed a vulnerability in Apache Traffic Server. This update provides the corresponding updates for Apache Tomcat. Original advisory details:...

April 28, 2025

USN-7469-1: Apache Traffic Server vulnerability

It was discovered that Apache Traffic Server exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly...

April 28, 2025

USN-7468-1: Linux kernel (Azure, N-Series) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker...

April 28, 2025