Vulnerabilities > Philips
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-21 | CVE-2020-16239 | Improper Authentication vulnerability in Philips Suresigns VS4 Firmware Philips SureSigns VS4, A.07.107 and prior. | 4.0 |
| 2020-08-21 | CVE-2020-16237 | Improper Input Validation vulnerability in Philips Suresigns VS4 Firmware Philips SureSigns VS4, A.07.107 and prior. | 2.1 |
| 2020-08-21 | CVE-2020-14518 | Information Exposure Through Log Files vulnerability in Philips Dreammapper Philips DreamMapper, Version 2.24 and prior. | 5.0 |
| 2020-08-13 | CVE-2020-7360 | Uncontrolled Search Path Element vulnerability in Philips Smartcontrol 4.3.15 An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. | 6.9 |
| 2020-06-26 | CVE-2020-14477 | Improper Authentication vulnerability in Philips products In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may use an alternate path or channel that does not require authentication of the alternate service login to view or modify information. | 3.6 |
| 2020-06-11 | CVE-2020-12023 | Information Exposure Through Log Files vulnerability in Philips Intellibridge Enterprise B.12 Philips IntelliBridge Enterprise (IBE), Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns (VS4), EarlyVue (VS30) and IntelliVue Guardian (IGS). | 2.7 |
| 2020-01-23 | CVE-2020-6007 | Out-of-bounds Write vulnerability in Philips HUE Bridge V2 Firmware Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution. | 7.9 |
| 2019-12-20 | CVE-2019-18263 | Inadequate Encryption Strength vulnerability in Philips products An issue was found in Philips Veradius Unity, Pulsera, and Endura Dual WAN Router, Veradius Unity (718132) with wireless option (shipped between 2016-August 2018), Veradius Unity (718132) with ViewForum option (shipped between 2016-August 2018), Pulsera (718095) and Endura (718075) with wireless option (shipped between 26-June-2017 through 07-August 2018), Pulsera (718095) and Endura (718075) with ViewForum option (shipped between 26-June-2017 through 07-August 2018). | 3.3 |
| 2019-11-26 | CVE-2019-18241 | Inadequate Encryption Strength vulnerability in Philips products In Philips IntelliBridge EC40 and EC80, IntelliBridge EC40 Hub all versions, and IntelliBridge EC80 Hub all versions, the SSH server running on the affected products is configured to allow weak ciphers. | 3.3 |
| 2019-11-14 | CVE-2019-18980 | Missing Authentication for Critical Function vulnerability in Philips Taolight Smart Wi-Fi WIZ Connected LED Bulb 9290022656 Firmware On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. | 5.0 |