Filtered by vendor Ge
Subscribe
Total
128 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10613 | 1 Ge | 1 Mds Pulsenet | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior. | |||||
| CVE-2018-10611 | 1 Ge | 1 Mds Pulsenet | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services. | |||||
| CVE-2017-7908 | 2 Ge, Gigasoft | 2 Ge Communicator, Proessentials | 2024-11-21 | 6.8 MEDIUM | 7.6 HIGH |
| A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls. | |||||
| CVE-2017-14008 | 1 Ge | 1 Centricity Pacs Ra1000 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices. | |||||
| CVE-2017-14006 | 1 Ge | 1 Xeleris | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices. | |||||
| CVE-2017-14004 | 1 Ge | 1 Gemnet License Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| GE GEMNet License server (EchoServer) all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices. | |||||
| CVE-2017-14002 | 1 Ge | 2 Infinia Hawkeye 4, Infinia Hawkeye 4 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices. | |||||
| CVE-2012-6663 | 1 Ge | 4 D200, D200 Firmware, D20me and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| General Electric D20ME devices are not properly configured and reveal plaintext passwords. | |||||