A vulnerability, which was classified as problematic, was found in CodeAstro Patient Record Management System 1.0. Affected is an unknown function. The manipulation leads to cross-site request forgery
MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint (/MILLENSYS/settings) that is accessible without authentication. This page leaks plaintext database credentials,
An unauthenticated attacker with access to the local network of the
medical office can query an unprotected Fast Healthcare Interoperability
Resources (FHIR) API to get access to sensitive electroni
Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an authorization bypass vulnerability in the patient portal signature e
Dräger Infinity M300 patient worn monitors with software version VG2.3.1 and earlier contain a network-based denial of service vulnerability that allows network-adjacent attackers to repeatedly trigge
An insecure implementation of the proprietary protocol DNET in Product CGM MEDICO allows attackers within the intranet to eavesdrop and manipulate data on the protocol because encryption is optional f
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit t
A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted .php file can lead to elevated capabilities. An attacker can
The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata i
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9
could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.
A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credent
Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software remedi
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that allows remote attackers to cause the monitor to reboot by sending a malformed network packet.
A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security
Insufficient protection mechanisms in the Health Module may lead to partial information disclosure.
OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, an arbitrary file exfiltration vulnerability in the fax
Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom-0 backup file containing sensitive information by sending a simple GET request.
The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database ser
BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installation