Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6117 matches found

NVD
NVDadded 2018/09/26 7:29 p.m.18 views

CVE-2018-8846

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is then served to other users...

6.1CVSS6.2AI score0.01259EPSS
Exploits0References3
NVD
NVDadded 2018/09/26 7:29 p.m.18 views

CVE-2018-8848

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software, upon installation, sets incorrect permissions for an object that exposes it to an unintended actor...

7.5CVSS7.5AI score0.02026EPSS
Exploits0References3
OSV
OSVadded 2018/09/26 7:29 p.m.3 views

CVE-2018-8844

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request...

8.8CVSS5.8AI score
Exploits0References3
OSV
OSVadded 2018/09/26 7:29 p.m.2 views

CVE-2018-8848

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software, upon installation, sets incorrect permissions for an object that exposes it to an unintended actor...

7.5CVSS5.8AI score0.02026EPSS
Exploits0References3
OSV
OSVadded 2018/09/26 7:29 p.m.2 views

CVE-2018-8846

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is then served to other users...

6.1CVSS5.8AI score0.01259EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2018/09/26 7:29 p.m.3 views

CVE-2018-8856

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software contains hard-coded cryptographic key, which it uses for encryption of internal data...

9.8CVSS5.4AI score0.01378EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2018/09/26 7:29 p.m.3 views

CVE-2018-8850

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not validate input properly, allowing an attacker to craft the input in a form that is not expected by the rest of the application. This would lead to parts of the unit receiving unintended input, which may result ...

9.8CVSS6AI score0.03834EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2018/09/26 7:29 p.m.4 views

CVE-2018-8854

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not properly restrict the size or amount of resources requested or influenced by an actor, which can be used to consume more resources than intended...

7.5CVSS5.5AI score0.02523EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2018/09/26 7:29 p.m.2 views

CVE-2018-8852

Philips e-Alert Unit non-medical device, Version R2.1 and prior. When authenticating a user or otherwise establishing a new user session, the software gives an attacker the opportunity to steal authenticated sessions without invalidating any existing session identifier...

8.8CVSS5.5AI score0.01897EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2018/09/26 7:29 p.m.2 views

CVE-2018-8846

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is then served to other users...

6.1CVSS5.5AI score0.01259EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2018/09/26 7:29 p.m.3 views

CVE-2018-8844

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request...

8.8CVSS5.5AI score0.00873EPSS
Exploits0References4
Prion
Prionadded 2018/09/26 7:29 p.m.12 views

Code injection

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software, upon installation, sets incorrect permissions for an object that exposes it to an unintended actor...

5CVSS7.9AI score0.02026EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2018/09/26 7:29 p.m.7 views

Design/Logic Flaw

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not validate input properly, allowing an attacker to craft the input in a form that is not expected by the rest of the application. This would lead to parts of the unit receiving unintended input, which may result ...

7.5CVSS9.4AI score0.03834EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2018/09/26 7:29 p.m.9 views

Session fixation

Philips e-Alert Unit non-medical device, Version R2.1 and prior. When authenticating a user or otherwise establishing a new user session, the software gives an attacker the opportunity to steal authenticated sessions without invalidating any existing session identifier...

6.8CVSS8.7AI score0.01897EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2018/09/26 7:29 p.m.9 views

Design/Logic Flaw

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is then served to other users...

4.3CVSS6.3AI score0.01259EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2018/09/26 7:29 p.m.9 views

Hardcoded credentials

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software contains hard-coded cryptographic key, which it uses for encryption of internal data...

5CVSS9.4AI score0.01378EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2018/09/26 7:29 p.m.13 views

Code injection

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not properly restrict the size or amount of resources requested or influenced by an actor, which can be used to consume more resources than intended...

5CVSS7.8AI score0.02523EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2018/09/26 7:29 p.m.2 views

CVE-2018-8842

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. The Philips e-Alert communication channel is not encrypted which could therefore lead to...

8.8CVSS5.5AI score0.0057EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2018/09/26 7:29 p.m.3 views

CVE-2018-8848

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software, upon installation, sets incorrect permissions for an object that exposes it to an unintended actor...

7.5CVSS5.5AI score0.02026EPSS
Exploits0References4
CVE
CVEadded 2018/09/26 7:0 p.m.39 views

CVE-2018-8854

CVE-2018-8854 affects Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The issue is Uncontrolled Resource Consumption (Resource Exhaustion): the software does not properly restrict the size/amount of resources requested, allowing an attacker to consume resources. Affects Philips...

7.5CVSS7.3AI score0.02523EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder