Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-08-08 | CVE-2015-2897 | Information Exposure vulnerability in Sierrawireless Aleos Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote attackers to obtain administrative access via a (1) SSH or (2) TELNET session. | 10.0 |
| 2015-08-07 | CVE-2015-4674 | Insufficient Verification of Data Authenticity vulnerability in Timedoctor 1.4.72.3 The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file. | 9.3 |
| 2015-08-04 | CVE-2014-9736 | Credentials Management vulnerability in Gehealthcare Centricity Clinical Archive Audit Trail Repository GE Healthcare Centricity Clinical Archive Audit Trail Repository has a default password of initinit for the (1) SSL key manager and (2) server keystore; (3) keystore_password for the server truststore; and atna for the (4) primary storage database and (5) archive storage database, which has unspecified impact and attack vectors. | 10.0 |
| 2015-08-04 | CVE-2014-7233 | Credentials Management vulnerability in Gehealthcare Precision Thunis-800+ GE Healthcare Precision THUNIS-800+ has a default password of (1) 1973 for the factory default System Utilities menu, (2) TH8740 for installation using TH8740_122_Setup.exe, (3) hrml for "Setup and Activation" using DSASetup, and (4) an empty string for Shutter Configuration, which has unspecified impact and attack vectors. | 10.0 |
| 2015-08-04 | CVE-2014-7232 | Credentials Management vulnerability in Gehealthcare Discovery Xr656 and Discovery Xr656 G2 GE Healthcare Discovery XR656 and XR656 G2 has a password of (1) 2getin for the insite user, (2) 4$xray for the xruser user, and (3) #superxr for the root user, which has unspecified impact and attack vectors. | 10.0 |
| 2015-08-04 | CVE-2013-7442 | Credentials Management vulnerability in Gehealthcare Centricity Pacs Workstation 4.0/4.0.1 GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of (1) CANal1 for the Administrator user and (2) iis for the IIS user, which has unspecified impact and attack vectors related to TimbuktuPro. | 10.0 |
| 2015-08-04 | CVE-2013-7405 | Credentials Management vulnerability in Gehealthcare Centricity DMS 4.2 The Ad Hoc Reporting feature in GE Healthcare Centricity DMS 4.2 has a password of Never!Mind for the Administrator user, which has unspecified impact and attack vectors. | 10.0 |
| 2015-08-04 | CVE-2013-7404 | Credentials Management vulnerability in Gehealthcare Discovery NM 750B GE Healthcare Discovery NM 750b has a password of 2getin for the insite account for (1) Telnet and (2) FTP, which has unspecified impact and attack vectors. | 10.0 |
| 2015-08-04 | CVE-2012-6695 | Credentials Management vulnerability in Gehealthcare Centricity Pacs Workstation 4.0/4.0.1 GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of ddpadmin for the ddpadmin user, which has unspecified impact and attack vectors. | 10.0 |
| 2015-08-04 | CVE-2012-6694 | Credentials Management vulnerability in Gehealthcare products GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1, and Server 4.0, has a password of 2charGE for the geservice account, which has unspecified impact and attack vectors related to TimbuktuPro. | 10.0 |