Vulnerabilities > Philips
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-27 | CVE-2021-43552 | Use of Hard-coded Cryptographic Key vulnerability in Philips Patient Information Center IX B.02/C.02/C.03 The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03. | 2.1 |
| 2021-11-19 | CVE-2021-26248 | Incorrect Ownership Assignment vulnerability in Philips MRI 1.5T Firmware and MRI 3T Firmware Philips MRI 1.5T and MRI 3T Version 5.x.x assigns an owner who is outside the intended control sphere to a resource. | 2.1 |
| 2021-11-19 | CVE-2021-26262 | Unspecified vulnerability in Philips MRI 1.5T Firmware and MRI 3T Firmware Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a resource from an unauthorized actor. | 5.0 |
| 2021-11-19 | CVE-2021-42744 | Unspecified vulnerability in Philips MRI 1.5T Firmware and MRI 3T Firmware Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not explicitly authorized to have access. | 2.1 |
| 2021-08-24 | CVE-2021-39375 | SQL Injection vulnerability in Philips Tasy Electronic Medical Record 3.06 Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the WAdvancedFilter/getDimensionItemsByCode FilterValue parameter. | 6.5 |
| 2021-08-24 | CVE-2021-39376 | SQL Injection vulnerability in Philips Tasy Electronic Medical Record 3.06 Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the CorCad_F2/executaConsultaEspecifico IE_CORPO_ASSIST or CD_USUARIO_CONVENIO parameter. | 6.5 |
| 2021-01-26 | CVE-2020-27298 | OS Command Injection vulnerability in Philips products Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10). | 3.3 |
| 2020-12-21 | CVE-2018-7580 | Resource Exhaustion vulnerability in Philips HUE Firmware Philips Hue is vulnerable to a Denial of Service attack. | 5.0 |
| 2020-09-18 | CVE-2020-16247 | Exposure of Resource to Wrong Sphere vulnerability in Philips Clinical Collaboration Platform 12.2.1 Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. | 3.6 |
| 2020-09-18 | CVE-2020-16200 | Algorithm Downgrade vulnerability in Philips Clinical Collaboration Platform 12.2.1 Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. | 3.3 |