CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10968
https://notcve.org/view.php?id=CVE-2019-10968
Philips Holter 2010 Plus, all versions. A vulnerability has been identified that may allow system options that were not purchased to be enabled. Philips Holter 2010 Plus, todas las versiones una vulnerabilidad ha sido identificada que podría permitir opciones de sistema que no fueron compradas para ser habilitadas. • https://www.us-cert.gov/ics/advisories/icsma-19-192-01 • CWE-477: Use of Obsolete Function •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6562
https://notcve.org/view.php?id=CVE-2019-6562
In Philips Tasy EMR, Tasy EMR Versions 3.02.1744 and prior, the software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. En Philips Tasy EMR, Tasy EMR versiones 3.02.1744 y anteriores, el software neutraliza incorrectamente la entrada controlable por el usuario, antes de que se coloque en la salida que se usa como una página web que se sirve a otros usuarios. • https://ics-cert.us-cert.gov/advisories/ICSMA-19-120-01 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2018-19001
https://notcve.org/view.php?id=CVE-2018-19001
Philips HealthSuite Health Android App, all versions. The software uses simple encryption that is not strong enough for the level of protection required. Aplicación de Philips HealthSuite Health para Android, en todas las versiones. El software emplea un cifrado simple que no es lo suficientemente fuerte para el nivel de protección necesario. • http://www.securityfocus.com/bid/106126 https://ics-cert.us-cert.gov/advisories/ICSMA-18-340-01 • CWE-326: Inadequate Encryption Strength •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-17906
https://notcve.org/view.php?id=CVE-2018-17906
Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all versions. Default credentials and no authentication within third party software may allow an attacker to compromise a component of the system. Philips iSite e IntelliSpace PACS, iSite PACS, en todas las versiones, e IntelliSpace PACS, en todas las versiones. Las credenciales por defecto y la falta de autenticación con software de terceros podría permitir que un atacante comprometa un componente del sistema. • http://www.securityfocus.com/bid/105875 https://ics-cert.us-cert.gov/advisories/ICSMA-18-312-01 • CWE-306: Missing Authentication for Critical Function CWE-521: Weak Password Requirements CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-8854
https://notcve.org/view.php?id=CVE-2018-8854
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not properly restrict the size or amount of resources requested or influenced by an actor, which can be used to consume more resources than intended. Philips e-Alert Unit (dispositivo no médico), versiones R2.1 y anteriores. El software no restringe correctamente el tamaño o la cantidad de recursos solicitados o influenciados por un actor, lo que puede emplearse para consumir más recursos de los planeados. • http://www.securityfocus.com/bid/105194 https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01 https://www.usa.philips.com/healthcare/about/customer-support/product-security • CWE-400: Uncontrolled Resource Consumption •