CVE-2020-12039

Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...

CVE-2020-12024

Baxter ExactaMix EM 2400 versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 does not restrict access to the USB interface from an unauthorized user with physical access. Successful exploitation of this vulnerability may allow an attacker with physical access to th...

CVE-2020-12020

Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13 and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 does not restrict non administrative users from gaining access to the operating system and editing the application startup script. Successful exploitation of this vulnerability may allow an...

CVE-2020-12037

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...

CVE-2020-12043

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24 when configured for wireless networking the FTP service operating on the WBM remains operational until the WBM is rebooted...

CVE-2020-12016

Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 have hard-coded administrative account...

CVE-2020-12012

Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13, and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 have hard-coded administrative account credentials f...

CVE-2020-12047

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24, when used with a Baxter Spectrum v8.x model 35700BAX2 in a factory-default wireless configuration enables an FTP service with hard-coded credentials...

CVE-2020-12032

Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive information in an unencrypted database. This could allow an attacker with network access to view or modify sensitive data including PHI...

Malicious code in baxter-wallet-store (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b73790756ad6d8ac9fb26c9a111aa56516c6073beac15d2a2e119fe18e816218 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-79739

Malicious code in baxter-wallet-store npm...

MAL-2025-99815 Malicious code in baxter-soluble-pot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7b143c6aa6002c5d78ce95fbdf93cfa1332d0af22c8b63db32460f751999f6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-79740

Malicious code in baxter-soluble-pot npm...

EUVD-2014-5322

Malware in sbrugna...

EUVD-2020-4324

Malware in sbrugna...

EUVD-2020-4348

Malware in sbrugna...

EUVD-2014-5319

Malware in sbrugna...

EUVD-2020-4353

Malware in sbrugna...

EUVD-2020-4328

Malware in sbrugna...

EUVD-2014-5320

Malware in sbrugna...