Vulnerabilities > Philips

DATE CVE VULNERABILITY TITLE RISK
2021-08-24 CVE-2021-39376 SQL Injection vulnerability in Philips Tasy Electronic Medical Record 3.06
Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the CorCad_F2/executaConsultaEspecifico IE_CORPO_ASSIST or CD_USUARIO_CONVENIO parameter.
network
low complexity
philips CWE-89
6.5
2021-01-26 CVE-2020-27298 OS Command Injection vulnerability in Philips products
Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10).
low complexity
philips CWE-78
3.3
2020-12-21 CVE-2018-7580 Resource Exhaustion vulnerability in Philips HUE Firmware
Philips Hue is vulnerable to a Denial of Service attack.
network
low complexity
philips CWE-400
5.0
2020-09-18 CVE-2020-16247 Exposure of Resource to Wrong Sphere vulnerability in Philips Clinical Collaboration Platform 12.2.1
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.
local
low complexity
philips CWE-668
3.6
2020-09-18 CVE-2020-16200 Algorithm Downgrade vulnerability in Philips Clinical Collaboration Platform 12.2.1
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.
low complexity
philips CWE-757
3.3
2020-09-18 CVE-2020-16198 Protection Mechanism Failure vulnerability in Philips Clinical Collaboration Platform 12.2.1
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.
low complexity
philips CWE-693
5.8
2020-09-18 CVE-2020-14525 Unspecified vulnerability in Philips Clinical Collaboration Platform 12.2.1
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.
low complexity
philips
2.7
2020-09-18 CVE-2020-14506 Cross-Site Request Forgery (CSRF) vulnerability in Philips Clinical Collaboration Platform 12.2.1
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.
network
philips CWE-352
4.3
2020-09-11 CVE-2020-16224 Improper Handling of Length Parameter Inconsistency vulnerability in Philips Patient Information Center IX C.02/C.03
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior.
low complexity
philips CWE-130
3.3
2020-09-11 CVE-2020-16220 Improper Validation of Syntactic Correctness of Input vulnerability in Philips products
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90 Versions N and prior, IntelliVue X3 and X2 Versions N and prior.
low complexity
philips CWE-1286
3.3