Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect

RCE Vulnerability in Mirth Connect CVE-2023-37679 & CVE-2023-...

CVE-2025-8307

Asseco InfoMedica is a comprehensive solution used to manage both administrative and medical tasks in the healthcare sector. Passwords of all users are stored in a database in an encoded format. An attacker in possession of these encoded passwords is able to decode them by using an algorithm...

CVE-2025-35031

Medical Informatics Engineering Enterprise Health is affected by CVE-2025-35031, where the software includes the user’s current session token in debug output. This enables an attacker to impersonate the user if the token is exfiltrated (e.g., via the user sending debug output). The issue is fixed...

MV iDigital Clinic Enterprise 安全漏洞

MV iDigital Clinic Enterprise is software used for healthcare related services. A security vulnerability exists in MV iDigital Clinic Enterprise iDCE version 1.0 that stems from storing passwords in plaintext...

MedData Hbys SQL Injection Vulnerability (CNVD-2021-89683)

A SQL injection vulnerability exists in MedData Hbys, a healthcare software from MedData, Inc. The vulnerability stems from the fact that the product does not effectively filter special characters in input data. An unauthenticated attacker could obtain sensitive information through this...