CVE-2025-2229
- EPSS 0.02%
- Veröffentlicht 13.03.2025 19:15:52
- Zuletzt bearbeitet 13.03.2025 19:15:52
A token is created using the username, current date/time, and a fixed AES-128 encryption key, which is the same across all installations.
CVE-2025-2230
- EPSS 0.04%
- Veröffentlicht 13.03.2025 19:15:52
- Zuletzt bearbeitet 13.03.2025 19:15:52
A flaw exists in the Windows login flow where an AuthContext token can be exploited for replay attacks and authentication bypass.
CVE-2018-14787
- EPSS 0.06%
- Veröffentlicht 22.08.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:49:47
In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 2.x or prior and Xcelera Version 4.1 or prior), an attacker with escalated privileges could access folders which contain executables where authenticated users have write permission...
CVE-2018-14789
- EPSS 0.09%
- Veröffentlicht 22.08.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:49:47
In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 3.1 or prior and Xcelera Version 4.1 or prior), an unquoted search path or element vulnerability has been identified, which may allow an attacker to execute arbitrary code and esca...
CVE-2018-5438
- EPSS 0.33%
- Veröffentlicht 20.03.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:08:48
Philips ISCV application prior to version 2.3.0 has an insufficient session expiration vulnerability where an attacker could reuse the session of a previously logged in user. This vulnerability exists when using ISCV together with an Electronic Medic...
CVE-2017-14111
- EPSS 1.61%
- Veröffentlicht 17.11.2017 20:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier and Xcelera R4.1L1 and earlier records domain authentication credentials, which if accessed allows an attacker to use credentials to access the applicati...