Vulnerabilities > Philips

DATE CVE VULNERABILITY TITLE RISK
2021-08-24 CVE-2021-39375 SQL Injection vulnerability in Philips Tasy Electronic Medical Record 3.06
Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the WAdvancedFilter/getDimensionItemsByCode FilterValue parameter.
network
low complexity
philips CWE-89
6.5
6.5
2021-08-24 CVE-2021-39376 SQL Injection vulnerability in Philips Tasy Electronic Medical Record 3.06
Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the CorCad_F2/executaConsultaEspecifico IE_CORPO_ASSIST or CD_USUARIO_CONVENIO parameter.
network
low complexity
philips CWE-89
6.5
6.5
2021-01-26 CVE-2020-27298 OS Command Injection vulnerability in Philips products
Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10).
low complexity
philips CWE-78
3.3
3.3
2020-12-21 CVE-2018-7580 Resource Exhaustion vulnerability in Philips HUE Firmware
Philips Hue is vulnerable to a Denial of Service attack.
network
low complexity
philips CWE-400
5.0
5.0
2020-09-18 CVE-2020-16247 Exposure of Resource to Wrong Sphere vulnerability in Philips Clinical Collaboration Platform 12.2.1
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.
local
low complexity
philips CWE-668
3.6
3.6
2020-09-18 CVE-2020-16200 Algorithm Downgrade vulnerability in Philips Clinical Collaboration Platform 12.2.1
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.
low complexity
philips CWE-757
3.3
3.3
2020-09-18 CVE-2020-16198 Protection Mechanism Failure vulnerability in Philips Clinical Collaboration Platform 12.2.1
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.
low complexity
philips CWE-693
5.8
5.8
2020-09-18 CVE-2020-14525 Unspecified vulnerability in Philips Clinical Collaboration Platform 12.2.1
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.
low complexity
philips
2.7
2.7
2020-09-18 CVE-2020-14506 Cross-Site Request Forgery (CSRF) vulnerability in Philips Clinical Collaboration Platform 12.2.1
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.
network
philips CWE-352
4.3
4.3
2020-09-11 CVE-2020-16224 Improper Handling of Length Parameter Inconsistency vulnerability in Philips Patient Information Center IX C.02/C.03
In Patient Information Center iX (PICiX) Versions C.02, C.03, the software parses a formatted message or structure but does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data, causing the application on the surveillance station to restart.
low complexity
philips CWE-130
6.5
6.5