Vulnerabilities > Philips

DATE CVE VULNERABILITY TITLE RISK
2021-12-27 CVE-2021-43552 Unspecified vulnerability in Philips Patient Information Center IX B.02/C.02/C.03
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03.
local
low complexity
philips
5.5
2021-11-19 CVE-2021-26248 Unspecified vulnerability in Philips MRI 1.5T Firmware and MRI 3T Firmware
Philips MRI 1.5T and MRI 3T Version 5.x.x assigns an owner who is outside the intended control sphere to a resource.
local
low complexity
philips
5.5
2021-11-19 CVE-2021-26262 Unspecified vulnerability in Philips MRI 1.5T Firmware and MRI 3T Firmware
Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
local
low complexity
philips
5.5
2021-11-19 CVE-2021-42744 Unspecified vulnerability in Philips MRI 1.5T Firmware and MRI 3T Firmware
Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not explicitly authorized to have access.
local
low complexity
philips
5.5
2021-08-24 CVE-2021-39375 SQL Injection vulnerability in Philips Tasy Electronic Medical Record 3.06
Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the WAdvancedFilter/getDimensionItemsByCode FilterValue parameter.
network
low complexity
philips CWE-89
8.8
2021-08-24 CVE-2021-39376 SQL Injection vulnerability in Philips Tasy Electronic Medical Record 3.06
Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the CorCad_F2/executaConsultaEspecifico IE_CORPO_ASSIST or CD_USUARIO_CONVENIO parameter.
network
low complexity
philips CWE-89
8.8
2021-01-26 CVE-2020-27298 OS Command Injection vulnerability in Philips products
Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10).
low complexity
philips CWE-78
6.5
2020-12-21 CVE-2018-7580 Resource Exhaustion vulnerability in Philips HUE Firmware
Philips Hue is vulnerable to a Denial of Service attack.
network
low complexity
philips CWE-400
7.5
2020-09-18 CVE-2020-16247 Exposure of Resource to Wrong Sphere vulnerability in Philips Clinical Collaboration Platform 12.2.1
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.
local
low complexity
philips CWE-668
7.1
2020-09-18 CVE-2020-16200 Unspecified vulnerability in Philips Clinical Collaboration Platform 12.2.1
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.
low complexity
philips
6.5