Lucene search
+L

196 matches found

cnvd
cnvd
added 2022/06/20 12:0 a.m.13 views

Sourcecodester Hospital Patient Records Management System SQL注入漏洞(CNVD-2022-48748)

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. Management System contains a SQL injection vulnerability that originates in...

9.8CVSS1.9AI score0.01026EPSS
Exploits1References1
cnnvd
cnnvd
added 2022/06/14 12:0 a.m.5 views

Patient Records Management System SQL注入漏洞

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. Management System contains a SQL injection vulnerability that originates in...

9.8CVSS6AI score0.01026EPSS
Exploits1References2
trellix
trellix
added 2022/06/06 12:0 a.m.80 views

Connected Healthcare: A Cybersecurity Battlefield We Must Win

Connected Healthcare: A Cybersecurity Battlefield We Must Win By Trellix · June 6, 2022 This blog was written by Charles McFarland We are commonly taught to prioritize the most critical, severe, or impactful tasks when trying to conquer a list of intimidating problems. Yet, how is this possible...

7CVSS9.4AI score0.00228EPSS
Exploits0
malwarebytes
malwarebytes
added 2022/04/26 1:2 p.m.13 views

Hospitals taken offline after cyberattack

The GHT Coeur Grand Est has become a victim of a cyberattack on the hospital centers of Vitry-le-François and Saint-Dizier. The hospital’s administration has warned French that data have been exfiltrated and might be used for phishing in the future. As a consequence, the GHT Cœur Grand Est has cu...

0.3AI score
Exploits0
cve
cve
added 2022/04/11 7:38 p.m.80 views

CVE-2022-1067

The CVE-2022-1067 issue affects LifePoint Informatics Patient Portal (Product: LifePoint Informatics Patient Portal; Affected Version: LPI 3.5.12.P30). It is an Authentication Bypass using an alternate path or channel (CWE-288) where navigating to a URL with a patient ID causes the server to gene...

6.5CVSS6.5AI score0.0085EPSS
Exploits0References1Affected Software1
prion
prion
added 2022/04/06 2:15 a.m.22 views

Design/Logic Flaw

Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the sensitive information of patients without having the intended level of privilege. Despite OpenEyes returning a Forbidden error message, the contents of a patient's profile are still returned in the server response. This respons...

4CVSS6.2AI score0.01623EPSS
Exploits1References2Affected Software1
cve
cve
added 2022/04/06 1:25 a.m.71 views

CVE-2021-40375

CVE-2021-40375 affects OpenEyes 3.5.1 (Apperta Foundation). The vulnerability allows remote attackers to view sensitive patient information (PII, medication history) because the server responded with sensitive data in responses despite returning a Forbidden message. Underlying cause and mitigatio...

6.5CVSS6.2AI score0.01623EPSS
Exploits1References2Affected Software1
cnnvd
cnnvd
added 2022/04/06 12:0 a.m.6 views

Apperta Foundation OpenEyes 信息泄露漏洞

Apperta Foundation OpenEyes is an open source electronic medical record ERP from the Apperta Foundation. A security vulnerability exists in Apperta Foundation OpenEyes 3.5.1 that allows remote attackers to view sensitive patient information without the expected privilege level...

6.5CVSS6.6AI score0.01623EPSS
Exploits1References3
threatpost
threatpost
added 2022/02/01 9:32 p.m.29 views

Unpatched Security Bugs in Medical Wearables Allow Patient Tracking, Data Theft

Telehealth care is on the rise as medical service providers cope with the strain of a pandemic and rising costs. But the rush to roll out remote healthcare has also unleashed a universe of wearable medical devices to collect sensitive data, which researchers say are widely vulnerable to attack...

8AI score
Exploits0References5
cnnvd
cnnvd
added 2021/11/18 12:0 a.m.6 views

Philips Patient Information Center iX 输入验证错误漏洞

Philips Patient Information Center iX Philips Patient Information Center PIC iX, a Philips company in Europe, is at the heart of our patient monitoring system, which facilitates understanding of the patient's condition and helps caregivers to identify potential deterioration at an early stage, as...

6.5CVSS6.6AI score0.00366EPSS
Exploits0References5
cnnvd
cnnvd
added 2021/11/18 12:0 a.m.6 views

Philips IntelliBridge EC80 Hub 安全漏洞

Philips IntelliBridge Enterprise IBE is a solution from Philips Europe that provides a single point of contact between EHR Electronic Health Record and Philips clinical solutions. A security vulnerability exists in the Philips IntelliBridge EC 40 and EC 80 Hubs, which stems from the fact that...

8.8CVSS8AI score0.00453EPSS
Exploits0References5
cnnvd
cnnvd
added 2021/11/18 12:0 a.m.6 views

Philips Patient Information Center iX 安全漏洞

Philips Patient Information Center iX Philips Patient Information Center PIC iX, a Philips company in Europe, is at the heart of our patient monitoring system, which facilitates understanding of the patient's condition and helps caregivers to identify potential deterioration at an early stage, as...

6.1CVSS5.8AI score0.00213EPSS
Exploits0References5
cnnvd
cnnvd
added 2021/11/18 12:0 a.m.5 views

Philips Patient Information Center iX 加密问题漏洞

Philips Patient Information Center iX Philips Patient Information Center PIC iX, a Philips company in Europe, is at the heart of our patient monitoring system, which facilitates understanding of the patient's condition and helps caregivers to identify potential deterioration at an early stage,...

6.5CVSS6.7AI score0.00219EPSS
Exploits0References5
cnnvd
cnnvd
added 2021/11/18 12:0 a.m.6 views

Philips IntelliBridge EC80 Hub 信任管理问题漏洞

Philips IntelliBridge Enterprise IBE is a solution from Philips Europe that provides a single point of contact between EHR Electronic Health Record and Philips clinical solutions. The Philips IntelliBridge EC 40 and EC 80 Hubs have trust management issue vulnerabilities that stem from Successful...

8.8CVSS8.1AI score0.00272EPSS
Exploits0References5
ics
ics
added 2021/11/18 12:0 a.m.37 views

Philips IntelliBridge EC 40 and EC 80 Hub

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Low attack complexity Vendor: Philips Equipment: IntelliBridge EC 40 and EC 80 Hub Vulnerabilities: Use of Hard-coded Credentials, Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of these...

8.8CVSS9.2AI score0.00453EPSS
Exploits0References5
thn
thn
added 2021/11/08 1:12 p.m.29 views

Critical Flaws in Philips TASY EMR Could Expose Patient Data

The U.S. Cybersecurity and Infrastructure Security Agency CISA is warning of critical vulnerabilities affecting Philips Tasy electronic medical records EMR system that could be exploited by remote threat actors to extract sensitive personal data from patient databases. "Successful exploitation of...

8.8CVSS9.5AI score0.01285EPSS
Exploits2
cnvd
cnvd
added 2021/08/27 12:0 a.m.16 views

B. Braun SpaceCom2 input validation error vulnerability

B. Braun SpaceCom2, a hardware device from B. Braun, is used to connect to an external device to record data in a patient data management system, PC, or USB memory stick. A remote, unauthenticated attacker could use this vulnerability to gain user-level command-line access by passing a raw extern...

8.8CVSS2.8AI score0.00827EPSS
Exploits1References1
cnnvd
cnnvd
added 2021/08/25 12:0 a.m.5 views

B. Braun SpaceCom2 访问控制错误漏洞

B. Braun SpaceCom2, a hardware device from B. Braun, is used to connect to external devices to record data in a patient data management system, PC or USB stick.An access control error vulnerability exists in previous versions of B. Braun SpaceCom2 012U000062, which stems from a lack of...

8.6CVSS5.7AI score0.011EPSS
Exploits0References6
cnnvd
cnnvd
added 2021/08/25 12:0 a.m.6 views

B.Braun SpaceCom2 数据伪造问题漏洞

The B. Braun SpaceCom2 is a hardware device from B. Braun Germany designed to connect to external devices to record data in a patient data management system, PC, or USB memory stick. A security vulnerability exists in versions prior to B. Braun SpaceCom2 012U000062, which arises from insufficient...

10CVSS8.6AI score0.0558EPSS
Exploits1References6
cnvd
cnvd
added 2021/05/08 12:0 a.m.10 views

OpenEMR Access Control Error Vulnerability

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. An access control error vulnerability exists in OpenEMR version 5.0.2.1, which ste...

8.2CVSS6.7AI score0.01183EPSS
Exploits0References1
Rows per page
Query Builder