VYPR

Vendor CVEs

Toshiba

All CVEs

67 total · sorted by risk
  • CVE-2024-27145CriJun 14, 2024
    risk 0.64cvss 9.8epss 0.01

    The Toshiba printers provide several ways to upload files using the admin web interface. An attacker can remotely compromise any Toshiba printer. An attacker can overwrite any insecure files. This vulnerability can be executed in combination with other vulnerabilities and …

  • CVE-2017-2237CriJul 7, 2017
    risk 0.64cvss 9.8epss 0.02

    Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

  • CVE-2017-2236CriJul 7, 2017
    risk 0.64cvss 9.8epss 0.01

    Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier uses hard-coded credentials, which may allow attackers to perform operations on device with administrative privileges.

  • CVE-2017-2235CriJul 7, 2017
    risk 0.64cvss 9.8epss 0.01

    Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to bypass access restriction to change the administrator account password via unspecified vectors.

  • CVE-2017-2234CriJul 7, 2017
    risk 0.64cvss 9.8epss 0.02

    Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier may allow remote attackers to access a non-documented developer screen to perform operations on device with administrative privileges.

  • CVE-2024-36248CriNov 26, 2024
    risk 0.59cvss 9.1epss 0.01

    API keys for some cloud services are hardcoded in the "main" binary. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

  • CVE-2011-1265HigJul 13, 2011
    risk 0.58cvss 8.8epss 0.06

    The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that (1) were not properly initialized or (2) have been deleted, which allows remote attackers to execute arbitrary code via crafted Bluetooth…

  • CVE-2026-8676HigMay 26, 2026
    risk 0.57cvss 8.8epss 0.00

    An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond.

  • CVE-2017-2238HigJul 7, 2017
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier and Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows remote attackers to hijack the authentication of administrators via…

  • CVE-2017-2149HigApr 28, 2017
    risk 0.57cvss 8.8epss 0.03

    Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Configuration Software V3.0.2 and earlier,…

  • CVE-2024-27170HigJun 14, 2024
    risk 0.48cvss 7.4epss 0.00

    It was observed that all the Toshiba printers contain credentials used for WebDAV access in the readable file. Then, it is possible to get a full access with WebDAV to the printer. As for the affected products/models/versions, see the reference URL.

  • CVE-2024-27158HigJun 14, 2024
    risk 0.48cvss 7.4epss 0.00

    All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL.

  • CVE-2026-21011MedApr 13, 2026
    risk 0.44cvss 6.8epss 0.00

    Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Extend Unlock.

  • CVE-2024-27157MedJun 14, 2024
    risk 0.44cvss 6.8epss 0.00

    The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL.

  • CVE-2024-27163MedJun 14, 2024
    risk 0.42cvss 6.5epss 0.00

    Toshiba printers will display the password of the admin user in clear-text and additional passwords when sending 2 specific HTTP requests to the internal API. An attacker stealing the cookie of an admin or abusing a XSS vulnerability can recover this password in clear-text and…

  • CVE-2019-8921MedNov 29, 2021
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting…

  • CVE-2024-27161MedJun 14, 2024
    risk 0.40cvss 6.2epss 0.00

    all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other…

  • CVE-2016-4840MedApr 21, 2017
    risk 0.38cvss 5.9epss 0.01

    Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL certificates.

  • CVE-2016-3839MedAug 5, 2016
    risk 0.36cvss 5.5epss 0.00

    Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to cause a denial of service (loss of Bluetooth 911 functionality) via a crafted application that sends a signal to a Bluetooth process, aka internal bug…

  • CVE-2017-2162MedMay 22, 2017
    risk 0.28cvss 4.3epss 0.01

    FlashAirTM SDHC Memory Card (SD-WE Series ) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series ) V2.00.04 and earlier allows default credentials to be set for wireless LAN connections to the product when enabling the PhotoShare function through a…

  • CVE-2016-4863MedMay 22, 2017
    risk 0.28cvss 4.3epss 0.01

    The Toshiba FlashAir SD-WD/WC series Class 6 model with firmware version 1.00.04 and later, FlashAir SD-WD/WC series Class 10 model W-02 with firmware version 2.00.02 and later, FlashAir SD-WE series Class 10 model W-03, FlashAir Class 6 model with firmware version 1.00.04 and…

  • CVE-2014-4876LowDec 31, 2015
    risk 0.24cvss 3.7epss 0.02

    Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly restricted, allows remote attackers to read potentially sensitive system environment variables via a crafted request to TCP port 54138.

  • CVE-2017-2161LowMay 22, 2017
    risk 0.23cvss 3.5epss 0.00

    FlashAirTM SDHC Memory Card (SD-WE Series ) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series ) V2.00.04 and earlier allows authenticated attackers to bypass access restrictions to obtain unauthorized image data via unspecified vectors.

  • CVE-2008-0399Jan 23, 2008
    risk 0.04cvss epss 0.08

    Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort and (2) SetIpAddress methods.

  • CVE-2014-1990Apr 19, 2014
    risk 0.03cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the authentication of administrators for requests that change passwords.

  • CVE-2012-1239Apr 6, 2012
    risk 0.03cvss epss 0.05

    The TopAccess web-based management interface on TOSHIBA TEC e-Studio multi-function peripheral (MFP) devices with firmware 30x through 302, 35x through 354, and 4xx through 421 allows remote attackers to bypass authentication and obtain administrative privileges via unspecified…

  • CVE-2024-0045Mar 11, 2024
    risk 0.00cvss epss 0.00

    In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-0016Feb 16, 2024
    risk 0.00cvss epss 0.00

    In multiple locations, there is a possible out of bounds read due to a missing bounds check. This could lead to paired device information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-0030Feb 16, 2024
    risk 0.00cvss epss 0.00

    In btif_to_bta_response of btif_gatt_util.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-40080Dec 4, 2023
    risk 0.00cvss epss 0.00

    In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21380Oct 30, 2023
    risk 0.00cvss epss 0.00

    In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21361Oct 30, 2023
    risk 0.00cvss epss 0.00

    In Bluetooth, there is a possibility of code-execution due to a use after free. This could lead to paired device escalation of privilege in the privileged Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21314Oct 30, 2023
    risk 0.00cvss epss 0.00

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-40129Oct 27, 2023
    risk 0.00cvss epss 0.00

    In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35684Sep 11, 2023
    risk 0.00cvss epss 0.00

    In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to an integer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35681Sep 11, 2023
    risk 0.00cvss epss 0.01

    In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35666Sep 11, 2023
    risk 0.00cvss epss 0.00

    In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35658Sep 11, 2023
    risk 0.00cvss epss 0.00

    In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21273Aug 14, 2023
    risk 0.00cvss epss 0.00

    In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21250Jul 12, 2023
    risk 0.00cvss epss 0.01

    In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2022-30421Jan 31, 2023
    risk 0.00cvss epss 0.00

    Improper Authentication vulnerability in Toshiba Storage Security Software V1.2.0.7413 is that allows for sensitive information to be obtained via(local) password authentication module.

  • CVE-2022-21767Jul 6, 2022
    risk 0.00cvss epss 0.00

    In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430.

  • CVE-2022-30725Jun 7, 2022
    risk 0.00cvss epss 0.00

    Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionError function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.

  • CVE-2022-30723Jun 7, 2022
    risk 0.00cvss epss 0.00

    Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in activateVoiceRecognitionWithDevice function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.

  • CVE-2022-20046Feb 9, 2022
    risk 0.00cvss epss 0.00

    In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410.

  • CVE-2021-25427Jul 8, 2021
    risk 0.00cvss epss 0.00

    SQL injection vulnerability in Bluetooth prior to SMR July-2021 Release 1 allows unauthorized access to paired device information

  • CVE-2020-11154Nov 2, 2020
    risk 0.00cvss epss 0.01

    u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to lack of check of buffer size before copying' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon…

  • CVE-2020-0413Oct 14, 2020
    risk 0.00cvss epss 0.01

    In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2012-4981Jan 23, 2020
    risk 0.00cvss epss 0.03

    Toshiba ConfigFree 8.0.38 has a CF7 File Remote Command Execution Vulnerability

  • CVE-2012-4980Dec 27, 2019
    risk 0.00cvss epss 0.02

    Multiple stack-based buffer overflows in CFProfile.exe in Toshiba ConfigFree Utility 8.0.38 allow user-assisted attackers to execute arbitrary code.

Page 1 of 2