Vendor CVEs
Toshiba
All CVEs
67 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-27145 | Cri | 0.64 | 9.8 | 0.01 | Jun 14, 2024 | The Toshiba printers provide several ways to upload files using the admin web interface. An attacker can remotely compromise any Toshiba printer. An attacker can overwrite any insecure files. This vulnerability can be executed in combination with other vulnerabilities and … | ||
| CVE-2017-2237 | Cri | 0.64 | 9.8 | 0.02 | Jul 7, 2017 | Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | ||
| CVE-2017-2236 | Cri | 0.64 | 9.8 | 0.01 | Jul 7, 2017 | Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier uses hard-coded credentials, which may allow attackers to perform operations on device with administrative privileges. | ||
| CVE-2017-2235 | Cri | 0.64 | 9.8 | 0.01 | Jul 7, 2017 | Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to bypass access restriction to change the administrator account password via unspecified vectors. | ||
| CVE-2017-2234 | Cri | 0.64 | 9.8 | 0.02 | Jul 7, 2017 | Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier may allow remote attackers to access a non-documented developer screen to perform operations on device with administrative privileges. | ||
| CVE-2024-36248 | Cri | 0.59 | 9.1 | 0.01 | Nov 26, 2024 | API keys for some cloud services are hardcoded in the "main" binary. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]. | ||
| CVE-2011-1265 | Hig | 0.58 | 8.8 | 0.06 | Jul 13, 2011 | The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that (1) were not properly initialized or (2) have been deleted, which allows remote attackers to execute arbitrary code via crafted Bluetooth… | ||
| CVE-2026-8676 | Hig | 0.57 | 8.8 | 0.00 | May 26, 2026 | An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond. | ||
| CVE-2017-2238 | Hig | 0.57 | 8.8 | 0.01 | Jul 7, 2017 | Cross-site request forgery (CSRF) vulnerability in Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier and Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows remote attackers to hijack the authentication of administrators via… | ||
| CVE-2017-2149 | Hig | 0.57 | 8.8 | 0.03 | Apr 28, 2017 | Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Configuration Software V3.0.2 and earlier,… | ||
| CVE-2024-27170 | Hig | 0.48 | 7.4 | 0.00 | Jun 14, 2024 | It was observed that all the Toshiba printers contain credentials used for WebDAV access in the readable file. Then, it is possible to get a full access with WebDAV to the printer. As for the affected products/models/versions, see the reference URL. | ||
| CVE-2024-27158 | Hig | 0.48 | 7.4 | 0.00 | Jun 14, 2024 | All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL. | ||
| CVE-2026-21011 | Med | 0.44 | 6.8 | 0.00 | Apr 13, 2026 | Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Extend Unlock. | ||
| CVE-2024-27157 | Med | 0.44 | 6.8 | 0.00 | Jun 14, 2024 | The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL. | ||
| CVE-2024-27163 | Med | 0.42 | 6.5 | 0.00 | Jun 14, 2024 | Toshiba printers will display the password of the admin user in clear-text and additional passwords when sending 2 specific HTTP requests to the internal API. An attacker stealing the cookie of an admin or abusing a XSS vulnerability can recover this password in clear-text and… | ||
| CVE-2019-8921 | Med | 0.42 | 6.5 | 0.01 | Nov 29, 2021 | An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting… | ||
| CVE-2024-27161 | Med | 0.40 | 6.2 | 0.00 | Jun 14, 2024 | all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other… | ||
| CVE-2016-4840 | Med | 0.38 | 5.9 | 0.01 | Apr 21, 2017 | Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL certificates. | ||
| CVE-2016-3839 | Med | 0.36 | 5.5 | 0.00 | Aug 5, 2016 | Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to cause a denial of service (loss of Bluetooth 911 functionality) via a crafted application that sends a signal to a Bluetooth process, aka internal bug… | ||
| CVE-2017-2162 | Med | 0.28 | 4.3 | 0.01 | May 22, 2017 | FlashAirTM SDHC Memory Card (SD-WE Series ) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series ) V2.00.04 and earlier allows default credentials to be set for wireless LAN connections to the product when enabling the PhotoShare function through a… | ||
| CVE-2016-4863 | Med | 0.28 | 4.3 | 0.01 | May 22, 2017 | The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and… | ||
| CVE-2014-4876 | Low | 0.24 | 3.7 | 0.02 | Dec 31, 2015 | Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly restricted, allows remote attackers to read potentially sensitive system environment variables via a crafted request to TCP port 54138. | ||
| CVE-2017-2161 | Low | 0.23 | 3.5 | 0.00 | May 22, 2017 | FlashAirTM SDHC Memory Card (SD-WE Series ) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series ) V2.00.04 and earlier allows authenticated attackers to bypass access restrictions to obtain unauthorized image data via unspecified vectors. | ||
| CVE-2008-0399 | 0.04 | — | 0.08 | Jan 23, 2008 | Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort and (2) SetIpAddress methods. | |||
| CVE-2014-1990 | 0.03 | — | 0.01 | Apr 19, 2014 | Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the authentication of administrators for requests that change passwords. | |||
| CVE-2012-1239 | 0.03 | — | 0.05 | Apr 6, 2012 | The TopAccess web-based management interface on TOSHIBA TEC e-Studio multi-function peripheral (MFP) devices with firmware 30x through 302, 35x through 354, and 4xx through 421 allows remote attackers to bypass authentication and obtain administrative privileges via unspecified… | |||
| CVE-2024-0045 | 0.00 | — | 0.00 | Mar 11, 2024 | In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2024-0016 | 0.00 | — | 0.00 | Feb 16, 2024 | In multiple locations, there is a possible out of bounds read due to a missing bounds check. This could lead to paired device information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2024-0030 | 0.00 | — | 0.00 | Feb 16, 2024 | In btif_to_bta_response of btif_gatt_util.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2023-40080 | 0.00 | — | 0.00 | Dec 4, 2023 | In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2023-21380 | 0.00 | — | 0.00 | Oct 30, 2023 | In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2023-21361 | 0.00 | — | 0.00 | Oct 30, 2023 | In Bluetooth, there is a possibility of code-execution due to a use after free. This could lead to paired device escalation of privilege in the privileged Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2023-21314 | 0.00 | — | 0.00 | Oct 30, 2023 | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2023-40129 | 0.00 | — | 0.00 | Oct 27, 2023 | In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2023-35684 | 0.00 | — | 0.00 | Sep 11, 2023 | In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to an integer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2023-35681 | 0.00 | — | 0.01 | Sep 11, 2023 | In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2023-35666 | 0.00 | — | 0.00 | Sep 11, 2023 | In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2023-35658 | 0.00 | — | 0.00 | Sep 11, 2023 | In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2023-21273 | 0.00 | — | 0.00 | Aug 14, 2023 | In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2023-21250 | 0.00 | — | 0.01 | Jul 12, 2023 | In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||
| CVE-2022-30421 | 0.00 | — | 0.00 | Jan 31, 2023 | Improper Authentication vulnerability in Toshiba Storage Security Software V1.2.0.7413 is that allows for sensitive information to be obtained via(local) password authentication module. | |||
| CVE-2022-21767 | 0.00 | — | 0.00 | Jul 6, 2022 | In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430. | |||
| CVE-2022-30725 | 0.00 | — | 0.00 | Jun 7, 2022 | Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionError function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device. | |||
| CVE-2022-30723 | 0.00 | — | 0.00 | Jun 7, 2022 | Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in activateVoiceRecognitionWithDevice function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device. | |||
| CVE-2022-20046 | 0.00 | — | 0.00 | Feb 9, 2022 | In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410. | |||
| CVE-2021-25427 | 0.00 | — | 0.00 | Jul 8, 2021 | SQL injection vulnerability in Bluetooth prior to SMR July-2021 Release 1 allows unauthorized access to paired device information | |||
| CVE-2020-11154 | 0.00 | — | 0.01 | Nov 2, 2020 | u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to lack of check of buffer size before copying' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon… | |||
| CVE-2020-0413 | 0.00 | — | 0.01 | Oct 14, 2020 | In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for… | |||
| CVE-2012-4981 | 0.00 | — | 0.03 | Jan 23, 2020 | Toshiba ConfigFree 8.0.38 has a CF7 File Remote Command Execution Vulnerability | |||
| CVE-2012-4980 | 0.00 | — | 0.02 | Dec 27, 2019 | Multiple stack-based buffer overflows in CFProfile.exe in Toshiba ConfigFree Utility 8.0.38 allow user-assisted attackers to execute arbitrary code. |
- risk 0.64cvss 9.8epss 0.01
The Toshiba printers provide several ways to upload files using the admin web interface. An attacker can remotely compromise any Toshiba printer. An attacker can overwrite any insecure files. This vulnerability can be executed in combination with other vulnerabilities and …
- risk 0.64cvss 9.8epss 0.02
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.
- risk 0.64cvss 9.8epss 0.01
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier uses hard-coded credentials, which may allow attackers to perform operations on device with administrative privileges.
- risk 0.64cvss 9.8epss 0.01
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to bypass access restriction to change the administrator account password via unspecified vectors.
- risk 0.64cvss 9.8epss 0.02
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier may allow remote attackers to access a non-documented developer screen to perform operations on device with administrative privileges.
- risk 0.59cvss 9.1epss 0.01
API keys for some cloud services are hardcoded in the "main" binary. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
- risk 0.58cvss 8.8epss 0.06
The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that (1) were not properly initialized or (2) have been deleted, which allows remote attackers to execute arbitrary code via crafted Bluetooth…
- risk 0.57cvss 8.8epss 0.00
An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond.
- risk 0.57cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability in Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier and Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows remote attackers to hijack the authentication of administrators via…
- risk 0.57cvss 8.8epss 0.03
Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Configuration Software V3.0.2 and earlier,…
- risk 0.48cvss 7.4epss 0.00
It was observed that all the Toshiba printers contain credentials used for WebDAV access in the readable file. Then, it is possible to get a full access with WebDAV to the printer. As for the affected products/models/versions, see the reference URL.
- risk 0.48cvss 7.4epss 0.00
All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL.
- risk 0.44cvss 6.8epss 0.00
Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Extend Unlock.
- risk 0.44cvss 6.8epss 0.00
The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL.
- risk 0.42cvss 6.5epss 0.00
Toshiba printers will display the password of the admin user in clear-text and additional passwords when sending 2 specific HTTP requests to the internal API. An attacker stealing the cookie of an admin or abusing a XSS vulnerability can recover this password in clear-text and…
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting…
- risk 0.40cvss 6.2epss 0.00
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other…
- risk 0.38cvss 5.9epss 0.01
Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL certificates.
- risk 0.36cvss 5.5epss 0.00
Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to cause a denial of service (loss of Bluetooth 911 functionality) via a crafted application that sends a signal to a Bluetooth process, aka internal bug…
- risk 0.28cvss 4.3epss 0.01
FlashAirTM SDHC Memory Card (SD-WE Series ) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series ) V2.00.04 and earlier allows default credentials to be set for wireless LAN connections to the product when enabling the PhotoShare function through a…
- risk 0.28cvss 4.3epss 0.01
The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and…
- risk 0.24cvss 3.7epss 0.02
Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly restricted, allows remote attackers to read potentially sensitive system environment variables via a crafted request to TCP port 54138.
- risk 0.23cvss 3.5epss 0.00
FlashAirTM SDHC Memory Card (SD-WE Series ) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series ) V2.00.04 and earlier allows authenticated attackers to bypass access restrictions to obtain unauthorized image data via unspecified vectors.
- CVE-2008-0399Jan 23, 2008risk 0.04cvss —epss 0.08
Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort and (2) SetIpAddress methods.
- CVE-2014-1990Apr 19, 2014risk 0.03cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the authentication of administrators for requests that change passwords.
- CVE-2012-1239Apr 6, 2012risk 0.03cvss —epss 0.05
The TopAccess web-based management interface on TOSHIBA TEC e-Studio multi-function peripheral (MFP) devices with firmware 30x through 302, 35x through 354, and 4xx through 421 allows remote attackers to bypass authentication and obtain administrative privileges via unspecified…
- CVE-2024-0045Mar 11, 2024risk 0.00cvss —epss 0.00
In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2024-0016Feb 16, 2024risk 0.00cvss —epss 0.00
In multiple locations, there is a possible out of bounds read due to a missing bounds check. This could lead to paired device information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2024-0030Feb 16, 2024risk 0.00cvss —epss 0.00
In btif_to_bta_response of btif_gatt_util.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-40080Dec 4, 2023risk 0.00cvss —epss 0.00
In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-21380Oct 30, 2023risk 0.00cvss —epss 0.00
In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-21361Oct 30, 2023risk 0.00cvss —epss 0.00
In Bluetooth, there is a possibility of code-execution due to a use after free. This could lead to paired device escalation of privilege in the privileged Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-21314Oct 30, 2023risk 0.00cvss —epss 0.00
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-40129Oct 27, 2023risk 0.00cvss —epss 0.00
In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-35684Sep 11, 2023risk 0.00cvss —epss 0.00
In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to an integer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-35681Sep 11, 2023risk 0.00cvss —epss 0.01
In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-35666Sep 11, 2023risk 0.00cvss —epss 0.00
In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-35658Sep 11, 2023risk 0.00cvss —epss 0.00
In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-21273Aug 14, 2023risk 0.00cvss —epss 0.00
In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-21250Jul 12, 2023risk 0.00cvss —epss 0.01
In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2022-30421Jan 31, 2023risk 0.00cvss —epss 0.00
Improper Authentication vulnerability in Toshiba Storage Security Software V1.2.0.7413 is that allows for sensitive information to be obtained via(local) password authentication module.
- CVE-2022-21767Jul 6, 2022risk 0.00cvss —epss 0.00
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430.
- CVE-2022-30725Jun 7, 2022risk 0.00cvss —epss 0.00
Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionError function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.
- CVE-2022-30723Jun 7, 2022risk 0.00cvss —epss 0.00
Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in activateVoiceRecognitionWithDevice function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.
- CVE-2022-20046Feb 9, 2022risk 0.00cvss —epss 0.00
In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410.
- CVE-2021-25427Jul 8, 2021risk 0.00cvss —epss 0.00
SQL injection vulnerability in Bluetooth prior to SMR July-2021 Release 1 allows unauthorized access to paired device information
- CVE-2020-11154Nov 2, 2020risk 0.00cvss —epss 0.01
u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to lack of check of buffer size before copying' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon…
- CVE-2020-0413Oct 14, 2020risk 0.00cvss —epss 0.01
In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for…
- CVE-2012-4981Jan 23, 2020risk 0.00cvss —epss 0.03
Toshiba ConfigFree 8.0.38 has a CF7 File Remote Command Execution Vulnerability
- CVE-2012-4980Dec 27, 2019risk 0.00cvss —epss 0.02
Multiple stack-based buffer overflows in CFProfile.exe in Toshiba ConfigFree Utility 8.0.38 allow user-assisted attackers to execute arbitrary code.
Page 1 of 2