CVSS: 7.7EPSS: 0%CPEs: 5EXPL: 0CVE-2024-1630 – Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component
https://notcve.org/view.php?id=CVE-2024-1630
Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component Vulnerabilidad de Path Traversal en la función “getAllFolderContents” de Common Service Desktop, un componente del dispositivo de ultrasonido de GE HealthCare • https://securityupdate.gehealthcare.com • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2024-1629 – Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component
https://notcve.org/view.php?id=CVE-2024-1629
Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component Vulnerabilidad de Path Traversal en la función "deleteFiles" de Common Service Desktop, un componente del dispositivo de ultrasonido de GE HealthCare • https://securityupdate.gehealthcare.com • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 0CVE-2024-1628 – OS command injection vulnerabilities in GE HealthCare ultrasound devices
https://notcve.org/view.php?id=CVE-2024-1628
OS command injection vulnerabilities in GE HealthCare ultrasound devices Vulnerabilidades de inyección de comandos del sistema operativo en dispositivos de ultrasonido GE HealthCare • https://securityupdate.gehealthcare.com • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-1486 – Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices
https://notcve.org/view.php?id=CVE-2024-1486
Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices Elevación de privilegios mediante lista de control de acceso mal configurada en dispositivos de ultrasonido de GE HealthCare • https://securityupdate.gehealthcare.com • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-5909 – Improper Validation of Certificate with Host Mismatch in PTC KEPServerEx
https://notcve.org/view.php?id=CVE-2023-5909
KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect. KEPServerEX no valida adecuadamente los certificados de los clientes, lo que puede permitir que se conecten usuarios no autenticados. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-03 • CWE-295: Improper Certificate Validation CWE-297: Improper Validation of Certificate with Host Mismatch •