VYPR

Vendor CVEs

Toshiba

All CVEs

67 total · sorted by risk
  • CVE-2019-9388Sep 27, 2019
    risk 0.00cvss epss 0.01

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2019-9368Sep 27, 2019
    risk 0.00cvss epss 0.00

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9506Aug 14, 2019
    risk 0.00cvss epss 0.03

    The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and…

  • CVE-2018-16197Jan 9, 2019
    risk 0.00cvss epss 0.01

    Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to bypass access restriction to access the information and files stored on the affected device.

  • CVE-2018-16200Jan 9, 2019
    risk 0.00cvss epss 0.01

    Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to execute arbitrary OS commands.

  • CVE-2018-16201Jan 9, 2019
    risk 0.00cvss epss 0.01

    Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute…

  • CVE-2018-16198Jan 9, 2019
    risk 0.00cvss epss 0.00

    Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device.

  • CVE-2018-16199Jan 9, 2019
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2014-4875Jun 24, 2015
    risk 0.00cvss epss 0.02

    CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server (BOSS) DB2 database credentials by leveraging knowledge of this key in conjunction with…

  • CVE-2015-0884Feb 28, 2015
    risk 0.00cvss epss 0.00

    Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space…

  • CVE-2009-0657Feb 20, 2009
    risk 0.00cvss epss 0.00

    Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user.

  • CVE-2006-6903Dec 31, 2006
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Toshiba Bluetooth stack allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors.

  • CVE-2006-5611Oct 31, 2006
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 has unspecified impact and attack vectors, related to the 4.20.01(T) "Security fix." NOTE: due to the lack of details in the vendor advisory, it is not clear whether this issue is related to CVE-2006-5405.

  • CVE-2006-5405Oct 19, 2006
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in Toshiba Bluetooth wireless device driver 3.x and 4 through 4.00.35, as used in multiple products, allows physically proximate attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via crafted Bluetooth…

  • CVE-2006-3146Jun 22, 2006
    risk 0.00cvss epss 0.02

    The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. …

  • CVE-2006-0212Jan 14, 2006
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\ sequences in the RFILE argument…

  • CVE-2005-0963May 2, 2005
    risk 0.00cvss epss 0.00

    An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine the first slot in the Master Boot Record (MBR) table for an active partition, which prevents the system from booting even though the MBR is not malformed. NOTE: it has been debated as to whether or not this…

Page 2 of 2