11 matches found
CVE-2017-0199
CVE-2017-0199 affects Microsoft Office client suites (Office 2007 SP3, 2010 SP2, 2013 SP1, 2016) and Windows platforms (Vista SP2, Server 2008 SP2, 7 SP1, 8.1). The vulnerability allows remote code execution via a crafted document, exploiting how Office components interact with the Windows API an...
CVE-2017-0143
CVE-2017-0143 concerns the SMBv1 server remote code execution vulnerability in various Windows versions. The connected documents indicate exploitation activity linked to EternalBlue in campaigns targeting SMBv1 (DLTMiner and related activity), with the vulnerability used to perform remote code ex...
CVE-2018-5464
Philips IntelliSpace Portal (ISP) is affected: all 8.0.x and 7.0.x versions disclose an untrusted SSL certificate vulnerability (CVE-2018-5464) that could allow an attacker to gain unauthorized access to resources and information. CVSS v3 base score is 7.5 (HIGH), with network access and no authe...
CVE-2018-5470
Philips IntelliSpace Portal (ISP) is affected by CVE-2018-5470 due to an unquoted search path/element vulnerability (CWE-428) in all 8.0.x and 7.0.x versions. An authorized local user could execute arbitrary code and escalate privileges. The NVD CVSS v3 base score is 7.8 (LOCAL, Privileges Requir...
CVE-2018-5468
Philips Intellispace Portal, all 7.0.x and 8.0.x versions, contains a remote desktop access vulnerability that could allow an attacker to gain unauthorized access and, in some cases, escalate privileges or execute arbitrary code. According to linked sources, the issue is being addressed by Philip...
CVE-2018-5458
CVE-2018-5458 affects Philips IntelliSpace Portal (ISP) versions 8.0.x and 7.0.x, with a vulnerability in SSL legacy encryption that could let an attacker gain unauthorized access to resources and information. The NVD entry confirms a cryptographic issue in ISP and lists a medium-to-high risk pro...
CVE-2018-5462
Philips IntelliSpace Portal (ISP) is affected for all 8.0.x and 7.0.x versions. The CVE-2018-5462 issue is an SSL hostname verification vulnerability (incorrect hostname certificate handling) that could allow an attacker to gain unauthorized access to resources and information. The connected docu...
CVE-2018-5472
CVE-2018-5472 affects Philips Intellispace Portal, across all 7.0.x and 8.0.x versions. The root cause is an insecure Windows permissions/permissions and access controls issue that could allow a local or unauthorized attacker to gain access, and in some cases escalate privileges or execute arbitr...
CVE-2018-5466
CVE-2018-5466 concerns Philips IntelliSpace Portal (ISP) versions 8.0.x and 7.0.x, reporting a self-signed SSL certificate vulnerability that could allow an attacker to gain unauthorized access to resources and information. The available connected documents corroborate this issue, with NVD noting...
CVE-2018-5454
CVE-2018-5454 affects Philips IntelliSpace Portal (all 8.0.x and 7.0.x). Vulnerability: leftover code debugging methods enabled, enabling remote arbitrary code execution atRuntime. Root cause: enabled debugging/debug code in ISP components. Exploitation status varies across sources; some document...
CVE-2018-5474
CVE-2018-5474 affects Philips IntelliSpace Portal (ISP), specifically all 7.0.x and 8.0.x versions. The issue is an input validation vulnerability in the ISP that could allow a remote attacker to execute arbitrary code or cause the application to crash. The NVD records a high-severity CVSS v3 bas...