VYPR
Vendor

Sony

Sony Group Corporation, commonly referred to as Sony, is a Japanese multinational conglomerate headquartered at Sony City in Minato, Tokyo, Japan. The Sony Group encompasses various businesses, including electronics, imaging and sensing, film and television, music, video games, and others.

Founded 1946
Products
86
CVEs
75
Across products
62
Status
Private

Products

86
View all 86 products →

Recent CVEs

75
View all 75 CVEs →
  • CVE-2018-3937CriAug 14, 2018
    risk 0.60cvss 9.1epss 0.10

    An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to…

  • CVE-2018-3938CriAug 14, 2018
    risk 0.59cvss 9.1epss 0.03

    An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can…

  • CVE-2017-2277CriJul 22, 2017
    risk 0.59cvss 9.1epss 0.01

    WG-C10 v3.0.79 and earlier allows an attacker to bypass access restrictions to obtain or alter information stored in the external storage connected to the product via unspecified vectors.

  • CVE-2016-7834HigApr 13, 2017
    risk 0.58cvss 8.8epss 0.04

    SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H,…

  • CVE-2024-23934HigSep 23, 2024
    risk 0.57cvss 8.8epss 0.01

    Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. User interaction is required to exploit this vulnerability…

  • CVE-2016-7830HigJun 9, 2017
    risk 0.57cvss 8.8epss 0.01

    Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative…

  • CVE-2025-5124HigMay 24, 2025
    risk 0.53cvss 8.1epss 0.01

    A vulnerability classified as critical has been found in Sony SNC-M1, SNC-M3, SNC-RZ25N, SNC-RZ30N, SNC-DS10, SNC-CS3N and SNC-RX570N up to 1.30. This affects an unknown part of the component Administrative Interface. The manipulation leads to use of default credentials. It is…

  • CVE-2025-64772HigDec 1, 2025
    risk 0.51cvss 7.8epss 0.00

    The installer of INZONE Hub 1.0.10.3 to 1.0.17.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.

  • CVE-2018-0656HigSep 4, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in The installer of Digital Paper App version 1.4.0.16050 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2018-0600HigJun 26, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in the installer of PlayMemories Home for Windows ver.5.5.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-17010HigDec 27, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Content Manager Assistant for PlayStation version 3.55.7671.0901 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10909HigDec 22, 2017
    risk 0.51cvss 7.8epss 0.02

    Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10892HigDec 1, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10891HigDec 1, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Media Go version 3.2.0.191 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-2287HigAug 2, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in NFC Port Software remover Ver.1.3.0.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-2286HigAug 2, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and…

  • CVE-2009-2541HigJul 20, 2009
    risk 0.49cvss 7.5epss 0.03

    The web browser on the Sony PLAYSTATION 3 (PS3) allows remote attackers to cause a denial of service (memory consumption and console hang) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.

  • CVE-2025-64390HigJun 2, 2026
    risk 0.48cvss 7.4epss 0.00

    A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13.02. The BD-J (Blu-ray Disc Java) sandbox can be escaped through a malformed JAR file.

  • CVE-2025-64444HigNov 14, 2025
    risk 0.47cvss 7.2epss 0.01

    Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in NCP-HG100 1.4.48.16 and earlier. If exploited, a remote attacker who has obtained the authentication information to log in to the management page of the product may execute…

  • CVE-2017-2276HigJul 22, 2017
    risk 0.47cvss 7.2epss 0.02

    Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary commands via unspecified vectors.