Vulnerabilities > Natus
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-10 | CVE-2023-47800 | Use of Hard-coded Credentials vulnerability in Natus Neuroworks EEG and Sleepworks Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL services. | 9.8 |
2018-06-01 | CVE-2017-2860 | Out-of-bounds Read vulnerability in Natus Xltek Neuroworks 8 An exploitable denial-of-service vulnerability exists in the lookup entry functionality of KeyTrees in Natus Xltek NeuroWorks 8. | 7.5 |
2018-06-01 | CVE-2017-2858 | Out-of-bounds Read vulnerability in Natus Xltek Neuroworks 8 An exploitable denial-of-service vulnerability exists in the traversal of lists functionality of Natus Xltek NeuroWorks 8. | 7.5 |
2018-06-01 | CVE-2017-2852 | Out-of-bounds Read vulnerability in Natus Xltek Neuroworks 8 An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. | 7.5 |
2018-04-05 | CVE-2017-2869 | Out-of-bounds Write vulnerability in Natus Xltek Neuroworks 8 An exploitable code execution vulnerability exists in the OpenProducer functionality of Natus Xltek NeuroWorks 8. | 9.8 |
2018-04-05 | CVE-2017-2868 | Out-of-bounds Write vulnerability in Natus Xltek Neuroworks 8 An exploitable code execution vulnerability exists in the NewProducerStream functionality of Natus Xltek NeuroWorks 8. | 9.8 |
2018-04-05 | CVE-2017-2867 | Out-of-bounds Write vulnerability in Natus Xltek Neuroworks 8 An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. | 9.8 |
2018-04-05 | CVE-2017-2861 | Out-of-bounds Read vulnerability in Natus Xltek Neuroworks 8 An exploitable Denial of Service vulnerability exists in the use of a return value in the NewProducerStream command in Natus Xltek NeuroWorks 8. | 7.5 |
2018-04-05 | CVE-2017-2853 | Out-of-bounds Write vulnerability in Natus Xltek Neuroworks 8 An exploitable Code Execution vulnerability exists in the RequestForPatientInfoEEGfile functionality of Natus Xltek NeuroWorks 8. | 9.8 |