Filtered by vendor Sony
Subscribe
Search
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-41796 | 1 Sony | 1 Content Transfer | 2023-08-08 | N/A | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of Content Transfer (for Windows) Ver.1.3 and prior allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2019-19364 | 1 Sony | 2 Catalyst Browse, Catalyst Production Suite | 2022-01-01 | 4.4 MEDIUM | 7.8 HIGH |
| A weak malicious user can escalate its privilege whenever CatalystProductionSuite.2019.1.exe (version 1.1.0.21) and CatalystBrowseSuite.2019.1.exe (version 1.1.0.21) installers run. The vulnerability is in the form of DLL Hijacking. The installers try to load DLLs that don’t exist from its current directory; by doing so, an attacker can quickly escalate its privileges. | |||||
| CVE-2021-20793 | 1 Sony | 2 Audio Usb Driver, Hap Music Transfer | 2021-09-01 | 4.4 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-16593 | 1 Sony | 105 Kd-43xe7000, Kd-43xe7002, Kd-43xe7003 and 102 more | 2020-08-24 | 8.3 HIGH | 8.8 HIGH |
| The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection. | |||||
| CVE-2019-11889 | 1 Sony | 2 Bravia, Bravia Firmware | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| Sony BRAVIA Smart TV devices allow remote attackers to cause a denial of service (device hang) via a crafted web page over HbbTV. | |||||
| CVE-2019-11890 | 1 Sony | 2 Bravia, Bravia Firmware | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| Sony Bravia Smart TV devices allow remote attackers to cause a denial of service (device hang or reboot) via a SYN flood attack over a wired or Wi-Fi LAN. | |||||
| CVE-2019-15416 | 1 Sony | 2 Xperia Xzs, Xperia Xzs Firmware | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| The Sony keyaki_kddi Android device with a build fingerprint of Sony/keyaki_kddi/keyaki_kddi:7.1.1/TONE3-3.0.0-KDDI-170517-0326/1:user/dev-keys contains a pre-installed app with a package name of com.kddi.android.packageinstaller app (versionCode=70008, versionName=08.10.03) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app. | |||||
| CVE-2019-5981 | 1 Sony | 1 Vaio Update | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors. | |||||
| CVE-2019-5982 | 1 Sony | 1 Vaio Update | 2020-08-24 | 5.4 MEDIUM | 7.5 HIGH |
| Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed. | |||||
| CVE-2020-5589 | 1 Sony | 22 Wf-1000x, Wf-1000x Firmware, Wf-sp700n and 19 more | 2020-06-23 | 8.3 HIGH | 8.8 HIGH |
| SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N with firmware versions prior to 4.5.2 have vulnerability that someone within the Bluetooth range can make the Bluetooth pairing and operate such as changing volume of the product. | |||||
| CVE-2018-0690 | 1 Sony | 1 Music Center For Pc | 2019-10-03 | 5.1 MEDIUM | 7.5 HIGH |
| An unvalidated software update vulnerability in Music Center for PC version 1.0.02 and earlier could allow a man-in-the-middle attacker to tamper with an update file and inject executable files. | |||||
| CVE-2018-16594 | 1 Sony | 105 Kd-43xe7000, Kd-43xe7002, Kd-43xe7003 and 102 more | 2019-06-24 | 4.8 MEDIUM | 8.1 HIGH |
| The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Directory Traversal. | |||||
| CVE-2019-11336 | 1 Sony | 89 Kdl-50w800c, Kdl-50w805c, Kdl-50w807c and 86 more | 2019-05-21 | 4.3 MEDIUM | 8.1 HIGH |
| Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backdoor API command, a different vulnerability than CVE-2019-10886. | |||||
| CVE-2018-3937 | 1 Sony | 28 Snc-eb600, Snc-eb600 Firmware, Snc-eb600b and 25 more | 2018-11-16 | 6.5 MEDIUM | 7.2 HIGH |
| An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2018-0656 | 1 Sony | 1 Digital Paper App | 2018-11-06 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in The installer of Digital Paper App version 1.4.0.16050 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0600 | 2 Microsoft, Sony | 2 Windows, Playmemories Home | 2018-08-17 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of PlayMemories Home for Windows ver.5.5.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-17010 | 1 Sony | 1 Content Manager Assistant | 2018-01-11 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Content Manager Assistant for PlayStation version 3.55.7671.0901 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10909 | 1 Sony | 1 Music Center | 2018-01-09 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10892 | 1 Sony | 1 Music Center | 2017-12-14 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-10891 | 1 Sony | 1 Media Go | 2017-12-14 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Media Go version 3.2.0.191 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2287 | 1 Sony | 1 Nfc Port Software Remover | 2017-08-23 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in NFC Port Software remover Ver.1.3.0.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2286 | 1 Sony | 12 Nfc Net Installer, Nfc Port Firmware, Pc\/sc Activator For Type B and 9 more | 2017-08-23 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2017-2276 | 1 Sony | 2 Wg-c10, Wg-c10 Firmware | 2017-07-26 | 9.0 HIGH | 7.2 HIGH |
| Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary commands via unspecified vectors. | |||||
| CVE-2017-2275 | 1 Sony | 2 Wg-c10, Wg-c10 Firmware | 2017-07-26 | 9.0 HIGH | 7.2 HIGH |
| WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2016-7830 | 1 Sony | 10 Pcs-xc1, Pcs-xc1 Firmware, Pcs-xg100 and 7 more | 2017-06-22 | 5.8 MEDIUM | 8.8 HIGH |
| Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors. | |||||
| CVE-2016-7834 | 1 Sony | 81 Snc-ch115, Snc-ch120, Snc-ch160 and 78 more | 2017-04-25 | 3.3 LOW | 8.8 HIGH |
| SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C network cameras with firmware before Ver.1.86.00 and SONY SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL network cameras with firmware before Ver.2.7.2 are prone to sensitive information disclosure. This may allow an attacker on the same local network segment to login to the device with administrative privileges and perform operations on the device. | |||||