Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
philips vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2020-16214
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the software saves user-provided information into a comma-separated value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is...
Philips Patient Information Center Ix B.02
Philips Patient Information Center Ix C.02
Philips Patient Information Center Ix C.03
2.7
CVSSv2
CVE-2020-16218
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is then used as a webpage and served to other users. Successful exploitation could lead to un...
Philips Patient Information Center Ix B.02
Philips Patient Information Center Ix C.02
Philips Patient Information Center Ix C.03
2.1
CVSSv2
CVE-2021-43552
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03.
Philips Patient Information Center Ix B.02
Philips Patient Information Center Ix C.02
Philips Patient Information Center Ix C.03
6.8
CVSSv2
CVE-2008-4875
Directory traversal vulnerability in the web server in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a GET request. NOTE: this can be leveraged with CVE-2008-4874 for unau...
Philips Electronics Voip841 Dect Phone 1.0.4.50
Philips Electronics Voip841 Dect Phone 1.0.4.48
1 EDB exploit
4.3
CVSSv2
CVE-2008-4876
Cross-site scripting (XSS) vulnerability in the web server component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 allows remote malicious users to inject arbitrary web script or HTML via the request URL, which is not properly handled in a 404 web ...
Philips Electronics Voip841 Dect Phone 1.0.4.50
Philips Electronics Voip841 Dect Phone 1.0.4.48
1 EDB exploit
5
CVSSv2
CVE-2008-4874
The web component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 has a back door "service" account with "service" as its password, which makes it easier for remote malicious users to obtain access.
Philips Electronics Voip841 Dect Phone 1.0.4.50
Philips Electronics Voip841 Dect Phone 1.0.4.48
1 EDB exploit
3.6
CVSSv2
CVE-2019-10988
In Philips HDI 4000 Ultrasound Systems, all versions running on old, unsupported operating systems such as Windows 2000, the HDI 4000 Ultrasound System is built on an old operating system that is no longer supported. Thus, any unmitigated vulnerability in the old operating system...
Philips Hdi 4000 Firmware
7.5
CVSSv2
CVE-2018-5451
In Philips Alice 6 System version R8.0.2 or prior, when an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. This weakness can lead to the exposure of resources or functionality to unintended actors, possibly pr...
Philips Alice 6 Firmware
6.9
CVSSv2
CVE-2020-7360
An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in versio...
Philips Smartcontrol
5
CVSSv2
CVE-2018-7498
In Philips Alice 6 System version R8.0.2 or prior, the lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys.
Philips Alice 6 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »