Filtered by vendor Panasonic
Subscribe
Search
Total
16 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6315 | 1 Panasonic | 1 Fpwin Pro | 2024-01-02 | N/A | 7.8 HIGH |
| Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file. | |||||
| CVE-2023-6314 | 1 Panasonic | 1 Fpwin Pro | 2024-01-02 | N/A | 7.8 HIGH |
| Stack-based buffer overflow in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file. | |||||
| CVE-2023-28729 | 1 Panasonic | 1 Control Fpwin Pro | 2023-07-31 | N/A | 7.8 HIGH |
| A type confusion vulnerability in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | |||||
| CVE-2023-28730 | 1 Panasonic | 1 Control Fpwin Pro | 2023-07-31 | N/A | 7.8 HIGH |
| A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | |||||
| CVE-2023-28728 | 1 Panasonic | 1 Control Fpwin Pro | 2023-07-31 | N/A | 7.8 HIGH |
| A stack-based buffer overflow in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | |||||
| CVE-2017-5151 | 1 Panasonic | 1 Video Insight Web Client | 2021-09-09 | 7.5 HIGH | 7.3 HIGH |
| An issue was discovered in VideoInsight Web Client Version 6.3.5.11 and previous versions. A SQL Injection vulnerability has been identified, which may allow remote code execution. | |||||
| CVE-2020-16236 | 1 Panasonic | 1 Fpwin Pro | 2021-01-29 | 6.8 MEDIUM | 7.8 HIGH |
| FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2020-29194 | 1 Panasonic | 2 Wv-s2231l, Wv-s2231l Firmware | 2020-12-30 | 5.0 MEDIUM | 7.5 HIGH |
| Panasonic Security System WV-S2231L 4.25 allows a denial of service of the admin control panel (which will require a physical reset to restore administrative control) via Randomnum=99AC8CEC6E845B28&mode=1 in a POST request to the cgi-bin/set_factory URI. | |||||
| CVE-2019-6530 | 1 Panasonic | 1 Control Fpwin Pro | 2020-10-16 | 6.8 MEDIUM | 7.8 HIGH |
| Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user causing heap-based buffer overflows, which may lead to remote code execution. | |||||
| CVE-2019-6532 | 1 Panasonic | 1 Control Fpwin Pro | 2020-10-06 | 6.8 MEDIUM | 7.8 HIGH |
| Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution. | |||||
| CVE-2019-15429 | 1 Panasonic | 2 Eluga I9, Eluga I9 Firmware | 2020-05-19 | 7.2 HIGH | 7.8 HIGH |
| The Panasonic ELUGA_I9 Android device with a build fingerprint of Panasonic/ELUGA_I9/ELUGA_I9:7.0/NRD90M/1501740649:user/release-keys contains a pre-installed app with a package name of com.ovvi.modem app (versionCode=1, versionName=1) that allows unauthorized attacker-controlled at command via a confused deputy attack. This capability can be accessed by any app co-located on the device. | |||||
| CVE-2019-5996 | 1 Panasonic | 1 Video Insight Vms | 2019-09-13 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2018-16183 | 2 Microsoft, Panasonic | 6 Windows 10, Windows 7, Windows 8 and 3 more | 2019-02-26 | 6.8 MEDIUM | 7.8 HIGH |
| An unquoted search path vulnerability in some pre-installed applications on Panasonic PC run on Windows 7 (32bit), Windows 7 (64bit), Windows 8 (64bit), Windows 8.1 (64bit), Windows 10 (64bit) delivered in or later than October 2009 allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges. | |||||
| CVE-2018-0676 | 1 Panasonic | 2 Bn-sdwbp3, Bn-sdwbp3 Firmware | 2019-02-11 | 5.8 MEDIUM | 8.8 HIGH |
| BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to bypass authentication to access to the management screen and execute an arbitrary command via unspecified vectors. | |||||
| CVE-2017-2132 | 1 Panasonic | 2 Kx-hjb1000, Kx-hjb1000 Firmware | 2017-11-08 | 6.4 MEDIUM | 7.5 HIGH |
| Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to delete arbitrary files in a specific directory via unspecified vectors. | |||||
| CVE-2017-2133 | 1 Panasonic | 2 Kx-hjb1000, Kx-hjb1000 Firmware | 2017-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |||||