Vulnerabilities > Philips
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-23 | CVE-2020-6007 | Out-of-bounds Write vulnerability in Philips HUE Bridge V2 Firmware Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution. | 7.9 |
| 2019-12-20 | CVE-2019-18263 | Inadequate Encryption Strength vulnerability in Philips products An issue was found in Philips Veradius Unity, Pulsera, and Endura Dual WAN Router, Veradius Unity (718132) with wireless option (shipped between 2016-August 2018), Veradius Unity (718132) with ViewForum option (shipped between 2016-August 2018), Pulsera (718095) and Endura (718075) with wireless option (shipped between 26-June-2017 through 07-August 2018), Pulsera (718095) and Endura (718075) with ViewForum option (shipped between 26-June-2017 through 07-August 2018). | 3.3 |
| 2019-11-26 | CVE-2019-18241 | Inadequate Encryption Strength vulnerability in Philips products In Philips IntelliBridge EC40 and EC80, IntelliBridge EC40 Hub all versions, and IntelliBridge EC80 Hub all versions, the SSH server running on the affected products is configured to allow weak ciphers. | 3.3 |
| 2019-11-14 | CVE-2019-18980 | Missing Authentication for Critical Function vulnerability in Philips Taolight Smart Wi-Fi WIZ Connected LED Bulb 9290022656 Firmware On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. | 5.0 |
| 2019-11-08 | CVE-2019-13557 | Information Exposure vulnerability in Philips Tasy EMR and Tasy Webportal In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker to access system and configuration information. | 5.0 |
| 2019-10-25 | CVE-2019-13546 | Exposure of Resource to Wrong Sphere vulnerability in Philips Intellispace Perinatal K In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace Perinatal application environment could enable an unauthorized attacker with physical access to a locked application screen, or an authorized remote desktop session host application user to break-out from the containment of the application and access unauthorized resources from the Windows operating system as the limited-access Windows user. | 7.2 |
| 2019-09-12 | CVE-2019-13534 | Download of Code Without Integrity Check vulnerability in Philips products Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). | 6.5 |
| 2019-09-12 | CVE-2019-13530 | Use of Hard-coded Credentials vulnerability in Philips products Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). | 6.5 |
| 2019-09-04 | CVE-2019-10988 | Information Exposure vulnerability in Philips HDI 4000 Firmware In Philips HDI 4000 Ultrasound Systems, all versions running on old, unsupported operating systems such as Windows 2000, the HDI 4000 Ultrasound System is built on an old operating system that is no longer supported. | 3.6 |
| 2019-07-24 | CVE-2019-10968 | Improper Access Control vulnerability in Philips Zymed Holter 2010 Philips Holter 2010 Plus, all versions. | 2.1 |