Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2015-3955

    Stack-based buffer overflow in Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    • EPSS Score: %16.51
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2001-1594

    GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics printer FTP service, (4) eNTEGRA for the eNTEGRA P&R user... Read more

    Affected Products : entegra_p\&r
    • EPSS Score: %0.57
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2002-2445

    GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password of (1) root.genie for the root user, (2) "service." for the service user, (3) admin.genie for the admin user, (4) reboot for the reboot user, and (5) shutdown for the shutdown user, whic... Read more

    • EPSS Score: %0.57
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2004-2777

    GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, a... Read more

    Affected Products : centricity_image_vault_firmware
    • EPSS Score: %0.42
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2009-5143

    GE Healthcare Discovery 530C has a password of #bigguy1 for the (1) acqservice user and (2) wsservice user of the Xeleris System, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or depen... Read more

    Affected Products : discovery_530c_firmware
    • EPSS Score: %0.57
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2010-5308

    GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. NOTE: this might not qualify for inclusion... Read more

    Affected Products : optima_mr360_firmware
    • EPSS Score: %0.63
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2010-5310

    The Acquisition Workstation for the GE Healthcare Revolution XQ/i has a password of adw3.1 for the sdc user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another syste... Read more

    Affected Products : revolution_xq\/i
    • EPSS Score: %0.57
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2011-5322

    GE Healthcare Centricity Analytics Server 1.1 has a default password of (1) V0yag3r for the SQL Server sa user, (2) G3car3s for the analyst user, (3) G3car3s for the ccg user, (4) V0yag3r for the viewer user, and (5) geservice for the geservice user in th... Read more

    Affected Products : centricity_analytics_server
    • EPSS Score: %0.42
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-9736

    GE Healthcare Centricity Clinical Archive Audit Trail Repository has a default password of initinit for the (1) SSL key manager and (2) server keystore; (3) keystore_password for the server truststore; and atna for the (4) primary storage database and (5)... Read more

    • EPSS Score: %0.43
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2897

    Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote attackers to obtain administrative access via a (1) SSH or (2) TELNET session.... Read more

    • EPSS Score: %0.01
    • Published: Aug. 08, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-6695

    GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of ddpadmin for the ddpadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system o... Read more

    • EPSS Score: %0.62
    • Published: Aug. 04, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-2135

    Unspecified vulnerability in HP Intelligent Provisioning 1.00 through 1.62(a), 2.00, and 2.10 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : intelligent_provisioning
    • EPSS Score: %25.87
    • Published: Aug. 31, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-9208

    Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %19.99
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5082

    Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.... Read more

    Affected Products : firewall endian_firewall
    • EPSS Score: %86.67
    • Published: Sep. 28, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-7916

    Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug 15342751.... Read more

    Affected Products : android
    • EPSS Score: %0.22
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-1538

    Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted atoms in MP4 data that trigger an unchecked multiplicati... Read more

    Affected Products : android
    • EPSS Score: %87.78
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3836

    The Parse_wave function in arm-wt-22k/lib_src/eas_mdls.c in the Sonivox DLS-to-EAS converter in Android before 5.1.1 LMY48I does not reject a negative value for a certain size field, which allows remote attackers to execute arbitrary code or cause a denia... Read more

    Affected Products : android
    • EPSS Score: %4.34
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-5538

    Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown ve... Read more

    • EPSS Score: %1.96
    • Published: Sep. 17, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3874

    The Sonivox components in Android before 5.1.1 LMY48T allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 23335715, 23307276, and 23286323.... Read more

    Affected Products : android
    • EPSS Score: %1.47
    • Published: Oct. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3877

    Skia, as used in Android before 5.1.1 LMY48T, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 20723696.... Read more

    Affected Products : android
    • EPSS Score: %1.47
    • Published: Oct. 06, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 290940 Results