VYPR

Vendor CVEs

Sony

All CVEs

75 total · sorted by risk
  • CVE-2019-11889Jul 9, 2019
    risk 0.00cvss epss 0.04

    Sony BRAVIA Smart TV devices allow remote attackers to cause a denial of service (device hang) via a crafted web page over HbbTV.

  • CVE-2019-5982Jul 5, 2019
    risk 0.00cvss epss 0.00

    Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed.

  • CVE-2019-5981Jul 5, 2019
    risk 0.00cvss epss 0.01

    Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors.

  • CVE-2018-16593Jun 19, 2019
    risk 0.00cvss epss 0.01

    The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection.

  • CVE-2018-16594Jun 19, 2019
    risk 0.00cvss epss 0.01

    The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Directory Traversal.

  • CVE-2018-16595Jun 19, 2019
    risk 0.00cvss epss 0.01

    The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices has a Buffer Overflow.

  • CVE-2019-11336May 14, 2019
    risk 0.00cvss epss 0.03

    Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backdoor API command, a different vulnerability than CVE-2019-10886.

  • CVE-2018-14983Apr 25, 2019
    risk 0.00cvss epss 0.00

    The Sony Xperia L1 Android device with a build fingerprint of Sony/G3313/G3313:7.0/43.0.A.6.49/2867558199:user/release-keys contains the android framework (i.e., system_server) with a package name of android (versionCode=24, versionName=7.0) that has been modified by Sony or…

  • CVE-2019-10886Apr 19, 2019
    risk 0.00cvss epss 0.03

    An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs). This vulnerability allows an attacker to read arbitrary files without authentication over HTTP when Photo Sharing…

  • CVE-2019-10844Apr 4, 2019
    risk 0.00cvss epss 0.02

    nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka nnabla) through v1.0.14 relies on the HOME environment variable, which might be untrusted.

  • CVE-2018-0690Nov 15, 2018
    risk 0.00cvss epss 0.02

    An unvalidated software update vulnerability in Music Center for PC version 1.0.02 and earlier could allow a man-in-the-middle attacker to tamper with an update file and inject executable files.

  • CVE-2012-4881Sep 7, 2012
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in moviEZ HD 1.0 Build 2554-29894-A allows local users to gain privileges via a Trojan horse avrt.dll file in the current working directory, as demonstrated by a directory that contains a .mvz file. NOTE: the provenance of this information is…

  • CVE-2012-4880Sep 7, 2012
    risk 0.00cvss epss 0.00

    Multiple untrusted search path vulnerabilities in DVD Architect Pro 5.2 Build 133 and DVD Architect Studio 5.0 Build 156 allow local users to gain privileges via a Trojan horse (1) enc_mp2v.200 or (2) CFHDDecoder.dll file in the current working directory, as demonstrated by a…

  • CVE-2010-5242Sep 7, 2012
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in Sound Forge Pro 10.0b Build 474 allows local users to gain privileges via a Trojan horse MtxParhVegasPreview.dll file in the current working directory, as demonstrated by a directory that contains a .sfw file. NOTE: some of these details…

  • CVE-2008-1938Apr 25, 2008
    risk 0.00cvss epss 0.01

    Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly verify web server SSL certificates, which allows remote attackers to obtain sensitive information and conduct spoofing attacks.

  • CVE-2007-4785Sep 10, 2007
    risk 0.00cvss epss 0.02

    Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory.

  • CVE-2007-1728Mar 28, 2007
    risk 0.00cvss epss 0.02

    The Remote Play feature in Sony Playstation 3 (PS3) 1.60 and Playstation Portable (PSP) 3.10 OE-A allows remote attackers to cause a denial of service via a flood of UDP packets.

  • CVE-2006-4507Aug 31, 2006
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the Photo Viewer in the Sony PlaystationPortable (PSP) 2.00 through 2.80 allows local users to execute arbitrary code via crafted TIFF images. NOTE: due to lack of details, it is not clear whether this is related…

  • CVE-2006-4290Aug 22, 2006
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in Sony VAIO Media Server 2.x, 3.x, 4.x, and 5.x before 20060626 allows remote attackers to gain sensitive information via unspecified vectors.

  • CVE-2006-4289Aug 22, 2006
    risk 0.00cvss epss 0.06

    Buffer overflow in Sony VAIO Media Server 2.x, 3.x, 4.x, and 5.x before 20060626 allows remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2006-4235Aug 21, 2006
    risk 0.00cvss epss 0.05

    Buffer overflow in the import project functionality in Sony SonicStage Mastering Studio 1.1.00 through 2.2.01 allows remote attackers to execute arbitrary code via a crafted SMP file.

  • CVE-2005-3474Nov 3, 2005
    risk 0.00cvss epss 0.00

    The aries.sys driver in Sony First4Internet XCP DRM software hides any file, registry key, or process with a name that starts with "$sys$", which allows attackers to hide activities on a system that uses XCP.

  • CVE-2005-3084Sep 27, 2005
    risk 0.00cvss epss 0.01

    Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP 2.0 firmware allows remote attackers to cause a denial of service via a crafted TIFF image.

  • CVE-2005-1809Jun 1, 2005
    risk 0.00cvss epss 0.02

    Sony Ericsson P900 Beamer allows remote attackers to cause a denial of service (panic) via an obexftp session with a long filename in an OBEX File Transfer or OBEX Object Push.

  • CVE-2002-2108Dec 31, 2002
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the "VAIO Manual" software in certain Sony VAIO personal computers sold from November 2001 to January 2002, allows remote attackers to modify data via a web page or HTML e-mail.

Page 2 of 2