Vulnerabilities > Philips > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-18 | CVE-2023-40223 | Unspecified vulnerability in Philips VUE Pacs 12.2.8.0 Philips Vue PACS does not properly assign, modify, track, or check actor privileges, creating an unintended sphere of control for that actor. | 8.8 |
| 2023-11-09 | CVE-2018-8863 | Unspecified vulnerability in Philips Encoreanywhere 2.36.3.3 The HTTP header in Philips EncoreAnywhere contains data an attacker may be able to use to gain sensitive information. | 7.5 |
| 2022-04-01 | CVE-2021-27497 | Unspecified vulnerability in Philips products Philips Vue PACS versions 12.2.x.x and prior does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. | 7.5 |
| 2022-04-01 | CVE-2021-27501 | Unspecified vulnerability in Philips products Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities. | 7.5 |
| 2022-04-01 | CVE-2021-33020 | Operation on a Resource after Expiration or Release vulnerability in Philips products Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key. | 7.5 |
| 2020-09-11 | CVE-2020-16222 | Improper Authentication vulnerability in Philips products In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and PerformanceBridge Focal Point Version A.01, when an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct. | 8.8 |
| 2020-08-31 | CVE-2020-11618 | THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access via the TELNET protocol. | 7.2 |
| 2020-01-23 | CVE-2020-6007 | Out-of-bounds Write vulnerability in Philips HUE Bridge V2 Firmware Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution. | 7.9 |
| 2019-10-25 | CVE-2019-13546 | Exposure of Resource to Wrong Sphere vulnerability in Philips Intellispace Perinatal K In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace Perinatal application environment could enable an unauthorized attacker with physical access to a locked application screen, or an authorized remote desktop session host application user to break-out from the containment of the application and access unauthorized resources from the Windows operating system as the limited-access Windows user. | 7.2 |
| 2018-09-26 | CVE-2018-8850 | Improper Input Validation vulnerability in Philips E-Alert Firmware Philips e-Alert Unit (non-medical device), Version R2.1 and prior. | 7.5 |