196 matches found
EUVD-2018-10682
Malware in sbrugna...
EUVD-2021-18960
Malware in sbrugna...
EUVD-2020-4352
Malware in sbrugna...
EUVD-2020-8184
Malware in sbrugna...
EUVD-2017-3303
Malware in sbrugna...
EUVD-2024-27230
Malicious code in bioql PyPI...
EUVD-2025-1815
Malicious code in bioql PyPI...
Lightweight Electronic Signatures and Reliable Access Control Included in Sensor Networks to Prevent Cyber Attacks from Modifying Patient Data
Digital terrorism is a major cause of securing patient/healthcare providers data and information. Sensitive topics that may have an impact on a patient's health or even national security include patient health records and information on healthcare providers. Health databases and data sets have be...
CVE-2024-1228
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive data stored in the database. The password is the same among all Eurosoft Przychodnia installations. This issue affects Eurosoft Przychodnia software before version 20240417.001 from that version...
CVE-2022-47376
The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password after the installation. No patient health data is stored in the database, although some site installations may choose to store personal data...
CVE-2021-32101
The Patient Portal of OpenEMR 5.0.2.1 is affected by a incorrect access control system in portal/patient/machineconfig.php. To exploit the vulnerability, an unauthenticated attacker can register an account, bypassing the permission check of this portal's API. Then, the attacker can then manipulat...
CVE-2020-16218
In Patient Information Center iX PICiX Versions B.02, C.02, C.03, the software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is then used as a webpage and served to other users. Successful exploitation could lead to unauthorized access t...
CVE-2020-12036
Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...
Interlock Ransomware Say It Stole 20TB of DaVita Healthcare Data
Interlock ransomware group claims it stole 20TB of sensitive patient data from DaVita Healthcare. While the group has…...
Ransomware Surge Hits US Healthcare: AOA, DaVita and Bell Ambulance Breached
AOA, DaVita, and Bell Ambulance hit by ransomware in 2025. Over 245K affected as hackers steal patient data,…...
CVE-2025-3184 projectworlds Online Doctor Appointment Booking System profile.php sql injection
A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This issue affects some unknown processing of the file /patient/profile.php?patientId=1. The manipulation of the argument patientFirstName leads to sql injection. The attack may be...
CVE-2025-0683
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...
CVE-2025-0683 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Contec Health CMS8000 Patient Monitor
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...
CVE-2025-0683 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Contec Health CMS8000 Patient Monitor
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...
Contec Health CMS8000 Patient Monitor (Update A)
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely send specially formatted UDP requests or connect to an unknown external network that would allow them to write arbitrary data, resulting in remote code execution. The device may also leak patient...