Vulnerabilities > Hospira

DATE CVE VULNERABILITY TITLE RISK
2019-03-26 CVE-2014-5401 Code Injection vulnerability in Hospira Mednet 5.8
Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise Application Platform software that may allow unauthenticated users to execute arbitrary code on the target system.
network
low complexity
hospira CWE-94
critical
9.8
2016-01-22 CVE-2015-7909 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hospira Communication Engine and Lifecare PCA Infusion System
Stack-based buffer overflow in Hospira Communication Engine (CE) before 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via traffic on TCP port 5000.
network
low complexity
hospira CWE-119
7.3