CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2277
https://notcve.org/view.php?id=CVE-2017-2277
22 Jul 2017 — WG-C10 v3.0.79 and earlier allows an attacker to bypass access restrictions to obtain or alter information stored in the external storage connected to the product via unspecified vectors. WG-C10 versión 3.0.79 y anteriores, permite a un atacante omitir las restricciones de acceso para obtener o alterar la información almacenada en el almacenamiento externo conectado al producto por medio de vectores no especificados. • https://esupport.sony.com/US/p/news-item.pl?news_id=527&mdl=WGC10 •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2016-7830
https://notcve.org/view.php?id=CVE-2016-7830
09 Jun 2017 — Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors. Dispositivos Sony PCS-XG77C, PCS-XG77C, PCS-XG77C, PCS-XG77C, PCS-XG77C con versiones de firmware anteriores a la versión 1.51 y dispositivos PCS-XC1 con versión de firmware anterior a la versión 1.2... • https://jvn.jp/en/jp/JVN42070907/index.html • CWE-306: Missing Authentication for Critical Function •
CVSS: 8.8EPSS: 35%CPEs: 82EXPL: 0CVE-2016-7834
https://notcve.org/view.php?id=CVE-2016-7834
13 Apr 2017 — SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C network cameras with firmware before Ver.1.86.00 and SONY SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, ... • https://jvn.jp/en/vu/JVNVU96435227/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 1%CPEs: 11EXPL: 2CVE-2013-3539 – Sony CH / DH Series IP Cameras - Multiple Cross-Site Request Forgery Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-3539
01 Oct 2013 — Cross-site request forgery (CSRF) vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users. Vulnerabilidad Cross-site request forgery (CSRF) en command/user.cgi de Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280... • https://www.exploit-db.com/exploits/38583 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5242
https://notcve.org/view.php?id=CVE-2010-5242
07 Sep 2012 — Untrusted search path vulnerability in Sound Forge Pro 10.0b Build 474 allows local users to gain privileges via a Trojan horse MtxParhVegasPreview.dll file in the current working directory, as demonstrated by a directory that contains a .sfw file. NOTE: some of these details are obtained from third party information. Vulnerabilidad de path de búsqueda no confiable en Sound Forge Pro v10.0b Build 474, permite a usuario locales obtener privilegios a través de un fichero MtxParhVegasPreview.dll troyanizado en... • http://secunia.com/advisories/41164 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2012-4880
https://notcve.org/view.php?id=CVE-2012-4880
07 Sep 2012 — Multiple untrusted search path vulnerabilities in DVD Architect Pro 5.2 Build 133 and DVD Architect Studio 5.0 Build 156 allow local users to gain privileges via a Trojan horse (1) enc_mp2v.200 or (2) CFHDDecoder.dll file in the current working directory, as demonstrated by a directory that contains a .dar file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples vulnerabilidades de ruta de búsqueda no confiable en DVD Architect Pro v5... • http://secunia.com/advisories/47282 •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4881
https://notcve.org/view.php?id=CVE-2012-4881
07 Sep 2012 — Untrusted search path vulnerability in moviEZ HD 1.0 Build 2554-29894-A allows local users to gain privileges via a Trojan horse avrt.dll file in the current working directory, as demonstrated by a directory that contains a .mvz file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad no confiable en la ruta de búsqueda en Moviez HD 1.0 Build 2554-29894-A permite a usuarios locales obtener privilegios a través de un archivo troya... • http://secunia.com/advisories/47284 •
CVSS: 9.8EPSS: 48%CPEs: 14EXPL: 3CVE-2012-0985 – Sony VAIO Wireless Manager 4.0.0.0 - Buffer Overflow
https://notcve.org/view.php?id=CVE-2012-0985
07 Jun 2012 — Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method. Múltiples des... • https://www.exploit-db.com/exploits/18958 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 31%CPEs: 1EXPL: 2CVE-2012-2210 – Sony Bravia - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2012-2210
11 Apr 2012 — The Sony Bravia TV KDL-32CX525 allows remote attackers to cause a denial of service (configuration outage or device crash) via a flood of TCP SYN packets, as demonstrated by hping, a related issue to CVE-1999-0116. Sony Bravia TV KDL-32CX525 permite a atacantes remotos provocar una denegación de servicio (error en la configuración o caída del dispositivo) a través del envío de numerosos paquetes TCP SYN, tal como se ha demostrado por hping, un problema relacionado con CVE-1999-0116. • https://www.exploit-db.com/exploits/18705 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2009-2541
https://notcve.org/view.php?id=CVE-2009-2541
20 Jul 2009 — The web browser on the Sony PLAYSTATION 3 (PS3) allows remote attackers to cause a denial of service (memory consumption and console hang) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. El navegador web en Sony PLAYSTATION 3 (PS3) permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y colgado de la consola) mediante un valor entero grande en la propiedad "length" de un objeto "Select", siendo un asunto relacionado con CV... • http://www.exploit-db.com/exploits/9160 • CWE-399: Resource Management Errors •