Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
philips vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2020-16214
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the software saves user-provided information into a comma-separated value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is...
Philips Patient Information Center Ix B.02
Philips Patient Information Center Ix C.02
Philips Patient Information Center Ix C.03
2.7
CVSSv2
CVE-2020-16218
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is then used as a webpage and served to other users. Successful exploitation could lead to un...
Philips Patient Information Center Ix B.02
Philips Patient Information Center Ix C.02
Philips Patient Information Center Ix C.03
4.6
CVSSv2
CVE-2020-16212
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. The application on the surveillance station operates in kiosk mode, which is vuln...
Philips Patient Information Center Ix B.02
Philips Patient Information Center Ix C.02
Philips Patient Information Center Ix C.03
6.8
CVSSv2
CVE-2008-4875
Directory traversal vulnerability in the web server in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a GET request. NOTE: this can be leveraged with CVE-2008-4874 for unau...
Philips Electronics Voip841 Dect Phone 1.0.4.50
Philips Electronics Voip841 Dect Phone 1.0.4.48
1 EDB exploit
5
CVSSv2
CVE-2008-4874
The web component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 has a back door "service" account with "service" as its password, which makes it easier for remote malicious users to obtain access.
Philips Electronics Voip841 Dect Phone 1.0.4.50
Philips Electronics Voip841 Dect Phone 1.0.4.48
1 EDB exploit
4.3
CVSSv2
CVE-2008-4876
Cross-site scripting (XSS) vulnerability in the web server component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 allows remote malicious users to inject arbitrary web script or HTML via the request URL, which is not properly handled in a 404 web ...
Philips Electronics Voip841 Dect Phone 1.0.4.50
Philips Electronics Voip841 Dect Phone 1.0.4.48
1 EDB exploit
2.1
CVSSv2
CVE-2020-16237
Philips SureSigns VS4, A.07.107 and prior. The product receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly.
Philips Suresigns Vs4 Firmware
5
CVSSv2
CVE-2018-7498
In Philips Alice 6 System version R8.0.2 or prior, the lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys.
Philips Alice 6 Firmware
4
CVSSv2
CVE-2021-23173
The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data.
Philips Engage
6.1
CVSSv2
CVE-2017-9658
Certain 802.11 network management messages have been determined to invoke wireless access point blacklisting security defenses when not required, which can necessitate intervention by hospital staff to reset the device and reestablish a network connection to the Wi-Fi access poin...
Philips Intellivue Mx40 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »