22 matches found
EUVD-2025-208104
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper oeHttp/oeHttpRequest disables SSL/TLS certificate verification by default verify: false, making all external HTTPS connections vulnerable ...
EUVD-2024-50123
Malicious code in bioql PyPI...
EUVD-2023-44277
Malicious code in bioql PyPI...
Minoritised Ethnic People'S Security and Privacy Concerns and Responses Towards Essential Online Services
Minoritised ethnic people are marginalised in society, and therefore at a higher risk of adverse online harms, including those arising from the loss of security and privacy of personal data. Despite this, there has been very little research focused on minoritised ethnic people's security and...
BayMark Health Services sends breach notifications after ransomware attack
BayMark Health Services, Inc. BayMark notified an unknown number of patients that attackers stole their personal and health information. BayMark profiles itself as North America’s largest provider of medication-assisted treatment MAT for substance use disorders helping tens of thousands of...
fcrc.albertahealthservices.ca Cross Site Scripting vulnerability OBB-3820779
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
fcrc.albertahealthservices.ca Cross Site Scripting vulnerability OBB-3803200
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-3631
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Medart Health Services Medart Notification Panel allows SQL Injection.This issue affects Medart Notification Panel: through 20231123. NOTE: The vendor was contacted early about this disclosure but...
CVE-2023-3631
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Medart Health Services Medart Notification Panel allows SQL Injection. This issue affects Medart Notification Panel: through 20231123. NOTE: The vendor was contacted early about this disclosure but...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Medart Health Services Medart Notification Panel allows SQL Injection.This issue affects Medart Notification Panel: through 20231123. NOTE: The vendor was contacted early about this disclosure but...
CVE-2023-3631 SQLi in Medart Notification Panel
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Medart Health Services Medart Notification Panel allows SQL Injection. This issue affects Medart Notification Panel: through 20231123. NOTE: The vendor was contacted early about this disclosure but...
Medart Health Services SQL Injection Vulnerability
Medart Health Services is an application from Medart, Inc. A SQL injection vulnerability exists in Medart Health Services Medart Notification Panel version 20231123 and prior versions, which stems from improper neutralization of special elements...
fcrc.albertahealthservices.ca Cross Site Scripting vulnerability OBB-3569604
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
androidx.health:health-services-client (>=1.0.0-alpha02 <=1.0.0-alpha03), androidx.security:security-crypto (=1.0.0-rc01) +70 more potentially affected by CVE-2022-3509 via com.google.protobuf:protobuf-javalite (>=3.10.0-rc-1 <=3.15.5)
com.google.protobuf:protobuf-javalite MAVEN version =3.10.0-rc-1, =1.0.0-alpha02, =1.2.2, =1.1, =2.15.3unofficial1, =2.15.3unofficial1, =0.2.35-snapshot, =1.3.0, =21.5.0, =25.1.2 and more Source cves: CVE-2022-3509 Source advisory: OSV:GHSA-G5WW-5JH7-63CX...
Cybersecurity Threats to Health Services: Why We Should Be Concerned
By Owais Sultan Hospitals and medical facilities are lucrative targets for hackers. It’s not enough anymore to keep software updated and… This is a post from HackRead.com Read the original post: Cybersecurity Threats to Health Services: Why We Should Be Concerned...
On the Irish Health Services Executive Hack
A detailed report of the 2021 ransomware attack against Ireland’s Health Services Executive lists some really bad security practices: The report notes that: The HSE did not have a Chief Information Security Officer CISO or a “single responsible owner for cybersecurity at either senior executive o...
public-health-services.ch Improper Access Control vulnerability OBB-2251355
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Takeaways from the Colonial Pipeline Ransomware Attack
If you feel like you’ve read a lot about ransomware in recent months, it’s because these attacks have indeed intensified. In 2020, ransomware attacks surged by 150 percent, with the average payment size increasing by more than 170 percent. Some of the notable victims include United Health Service...
Unsuccessful Conti Ransomware Attack Still Packs Costly Punch
Ireland’s department of health services continues to grapple with a ransomware attack that occurred last week by the Conti gang. Officials state the attack will cost tens of millions to repair, even though attackers were not successful in their attempt to encrypt systems on Ireland’s Department o...
Post-Cyberattack, Universal Health Services Faces $67M in Losses
The cyberattack that hit Universal Health Services UHS in September has cost the healthcare service provider a whopping $67 million in damages, according to financial statements. A fourth-quarter earnings report last week from UHS highlighted the “significant incremental labor expense” needed to...