← Back

Sony

sony

74 CVEs • 413 products

Products (413)

Click to collapse
Toggle
Xav Ax8500 Firmware
xav-ax8500_firmware
6 CVEs
Playstation Portable
playstation_portable
3 CVEs
Wg C10 Firmware
wg-c10_firmware
3 CVEs
R5c Firmware
r5c_firmware
3 CVEs
Wd75 Firmware
wd75_firmware
3 CVEs
Wd65 Firmware
wd65_firmware
3 CVEs
Xe70 Firmware
xe70_firmware
3 CVEs
Xf70 Firmware
xf70_firmware
3 CVEs
We75 Firmware
we75_firmware
3 CVEs
We6 Firmware
we6_firmware
3 CVEs
Wf6 Firmware
wf6_firmware
3 CVEs
Bravia Signage
bravia_signage
3 CVEs
Vaio Media Server
vaio_media_server
2 CVEs
Playstation 3
playstation_3
2 CVEs
Music Center
music_center
2 CVEs
Playmemories Home
playmemories_home
2 CVEs
Snc Eb600 Firmware
snc-eb600_firmware
2 CVEs
Snc Eb630 Firmware
snc-eb630_firmware
2 CVEs
Snc Eb600b Firmware
snc-eb600b_firmware
2 CVEs
Snc Eb630b Firmware
snc-eb630b_firmware
2 CVEs
Snc Eb602r Firmware
snc-eb602r_firmware
2 CVEs
Snc Eb632r Firmware
snc-eb632r_firmware
2 CVEs
Snc Em600 Firmware
snc-em600_firmware
2 CVEs
Snc Em601 Firmware
snc-em601_firmware
2 CVEs
Snc Em630 Firmware
snc-em630_firmware
2 CVEs
Snc Em631 Firmware
snc-em631_firmware
2 CVEs
Snc Em602r Firmware
snc-em602r_firmware
2 CVEs
Snc Em632r Firmware
snc-em632r_firmware
2 CVEs
Snc Em602rc Firmware
snc-em602rc_firmware
2 CVEs
Snc Em632rc Firmware
snc-em632rc_firmware
2 CVEs
Photo Sharing Plus
photo_sharing_plus
2 CVEs
Vaio Update
vaio_update
2 CVEs
Bravia Firmware
bravia_firmware
2 CVEs
Xperia Xzs Firmware
xperia_xzs_firmware
2 CVEs
Xav Ax5500 Firmware
xav-ax5500_firmware
2 CVEs
Snc Cx600w Firmware
snc-cx600w_firmware
2 CVEs
Vaio Manual Cybersupport
vaio_manual_cybersupport
1 CVE
P900 Firmware
p900_firmware
1 CVE
First4internet Xcp Content Management
first4internet_xcp_content_management
1 CVE
Sonicstage Mastering Studio
sonicstage_mastering_studio
1 CVE
Sony Network Camera Snc P5
sony_network_camera_snc-p5
1 CVE
Micro Vault Fingerprint Access Software
micro_vault_fingerprint_access_software
1 CVE
Sonicstage Connect Player
sonicstage_connect_player
1 CVE
Axruploadserver Activex Control
axruploadserver_activex_control
1 CVE
Imagestation
imagestation
1 CVE
Mylo Com 2
mylo_com_2
1 CVE
Bravia Tv
bravia_tv
1 CVE
Smartwi Connection Utillity
smartwi_connection_utillity
1 CVE
Vaio Easy Connect
vaio_easy_connect
1 CVE
Vaio Pc Wireless Lan Wizard
vaio_pc_wireless_lan_wizard
1 CVE
Vaio Wireless Wizard
vaio_wireless_wizard
1 CVE
Sound Forge
sound_forge
1 CVE
Dvd Architect Pro
dvd_architect_pro
1 CVE
Dvd Architect Studio
dvd_architect_studio
1 CVE
Moviez Hd
moviez_hd
1 CVE
Snc Ch140
snc_ch140
1 CVE
Snc Ch180
snc_ch180
1 CVE
Snc Ch240
snc_ch240
1 CVE
Snc Ch280
snc_ch280
1 CVE
Snc Dh140
snc_dh140
1 CVE
Snc Dh140t
snc_dh140t
1 CVE
Snc Dh180
snc_dh180
1 CVE
Snc Dh240
snc_dh240
1 CVE
Snc Dh240t
snc_dh240t
1 CVE
Snc Dh280
snc_dh280
1 CVE
Snc Series Firmware
snc_series_firmware
1 CVE
Pcs Xg100 Firmware
pcs-xg100_firmware
1 CVE
Pcs Xg77 Firmware
pcs-xg77_firmware
1 CVE
Pcs Xc1 Firmware
pcs-xc1_firmware
1 CVE
Nfc Port Firmware
nfc_port_firmware
1 CVE
Pc/sc Activator For Type B
pc/sc_activator_for_type_b
1 CVE
Sfcard Viewer 2
sfcard_viewer_2
1 CVE
Nfc Net Installer
nfc_net_installer
1 CVE
Nfc Port Software Remover
nfc_port_software_remover
1 CVE
Media Go
media_go
1 CVE
Content Manager Assistant
content_manager_assistant
1 CVE
Digital Paper App
digital_paper_app
1 CVE
Music Center For Pc
music_center_for_pc
1 CVE
Neural Network Libraries
neural_network_libraries
1 CVE
Xperia L1 Firmware
xperia_l1_firmware
1 CVE
Xperia Z4 Firmware
xperia_z4_firmware
1 CVE
Xperia Touch Firmware
xperia_touch_firmware
1 CVE
Catalyst Browse
catalyst_browse
1 CVE
Catalyst Production Suite
catalyst_production_suite
1 CVE
Wf 1000x Firmware
wf-1000x_firmware
1 CVE
Wf Sp700n Firmware
wf-sp700n_firmware
1 CVE
Wh 1000xm2 Firmware
wh-1000xm2_firmware
1 CVE
Wh 1000xm3 Firmware
wh-1000xm3_firmware
1 CVE
Wh Ch700n Firmware
wh-ch700n_firmware
1 CVE
Wh H900n Firmware
wh-h900n_firmware
1 CVE
Wh Xb700 Firmware
wh-xb700_firmware
1 CVE
Wh Xb900n Firmware
wh-xb900n_firmware
1 CVE
Wi 1000x Firmware
wi-1000x_firmware
1 CVE
Wi C600n Firmware
wi-c600n_firmware
1 CVE
Wi Sp600n Firmware
wi-sp600n_firmware
1 CVE
Srs Xb33 Firmware
srs-xb33_firmware
1 CVE
Srs Xb43 Firmware
srs-xb43_firmware
1 CVE
Audio Usb Driver
audio_usb_driver
1 CVE
Hap Music Transfer
hap_music_transfer
1 CVE
Xperia 1 Firmware
xperia_1_firmware
1 CVE

CVEs (74)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-5589
1Sony
11Wf 1000x Firmware
Wf Sp700n FirmwareWh 1000xm2 Firmware+8 more
Nov 21, 2024
Jun 9, 2020
N/A· v4
8.8 HIGH· v3
8.3 HIGH· v2
SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N with firmware versions prior to 4.5.2 have vulnerability that someone withi...Show more
SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N with firmware versions prior to 4.5.2 have vulnerability that someone within the Bluetooth range can make the Bluetooth pairing and operate such as changing volume of the product.Show less
CVE-2019-19364
1Sony
2Catalyst Browse
Catalyst Production Suite
Nov 21, 2024
Dec 4, 2019
N/A· v4
7.8 HIGH· v3
4.4 MEDIUM· v2
A weak malicious user can escalate its privilege whenever CatalystProductionSuite.2019.1.exe (version 1.1.0.21) and CatalystBrowseSuite.2019.1.exe (version 1.1.0.21) installers run. The vulnerability is in the form of DL...Show more
A weak malicious user can escalate its privilege whenever CatalystProductionSuite.2019.1.exe (version 1.1.0.21) and CatalystBrowseSuite.2019.1.exe (version 1.1.0.21) installers run. The vulnerability is in the form of DLL Hijacking. The installers try to load DLLs that don’t exist from its current directory; by doing so, an attacker can quickly escalate its privileges.Show less
CVE-2019-15744
1Sony
1Xperia Xzs Firmware
Nov 21, 2024
Nov 14, 2019
N/A· v4
3.3 LOW· v3
2.1 LOW· v2
The Sony Xperia Xperia XZs Android device with a build fingerprint of Sony/keyaki_softbank/keyaki_softbank:7.1.1/TONE3-3.0.0-SOFTBANK-170517-0323/1:user/dev-keys contains a pre-installed app with a package name of jp.sof...Show more
The Sony Xperia Xperia XZs Android device with a build fingerprint of Sony/keyaki_softbank/keyaki_softbank:7.1.1/TONE3-3.0.0-SOFTBANK-170517-0323/1:user/dev-keys contains a pre-installed app with a package name of jp.softbank.mb.tdrl app (versionCode=1413005, versionName=1.3.0) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.Show less
CVE-2019-15743
1Sony
1Xperia Touch Firmware
Nov 21, 2024
Nov 14, 2019
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
The Sony Xperia Touch Android device with a build fingerprint of Sony/blanc_windy/blanc_windy:7.0/LOIRE-SMART-BLANC-1.0.0-170530-0834/1:user/dev-keys contains a pre-installed app with a package name of com.sonymobile.and...Show more
The Sony Xperia Touch Android device with a build fingerprint of Sony/blanc_windy/blanc_windy:7.0/LOIRE-SMART-BLANC-1.0.0-170530-0834/1:user/dev-keys contains a pre-installed app with a package name of com.sonymobile.android.maintenancetool.testmic app (versionCode=24, versionName=7.0) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record audio to external storage.Show less
CVE-2019-15416
1Sony
1Xperia Xzs Firmware
Nov 21, 2024
Nov 14, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
The Sony keyaki_kddi Android device with a build fingerprint of Sony/keyaki_kddi/keyaki_kddi:7.1.1/TONE3-3.0.0-KDDI-170517-0326/1:user/dev-keys contains a pre-installed app with a package name of com.kddi.android.package...Show more
The Sony keyaki_kddi Android device with a build fingerprint of Sony/keyaki_kddi/keyaki_kddi:7.1.1/TONE3-3.0.0-KDDI-170517-0326/1:user/dev-keys contains a pre-installed app with a package name of com.kddi.android.packageinstaller app (versionCode=70008, versionName=08.10.03) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.Show less
CVE-2019-11890
1Sony
1Bravia Firmware
Nov 21, 2024
Jul 9, 2019
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Sony Bravia Smart TV devices allow remote attackers to cause a denial of service (device hang or reboot) via a SYN flood attack over a wired or Wi-Fi LAN.
CVE-2019-11889
1Sony
1Bravia Firmware
Nov 21, 2024
Jul 9, 2019
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Sony BRAVIA Smart TV devices allow remote attackers to cause a denial of service (device hang) via a crafted web page over HbbTV.
CVE-2019-5982
1Sony
1Vaio Update
Nov 21, 2024
Jul 5, 2019
N/A· v4
7.5 HIGH· v3
5.4 MEDIUM· v2
Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation m...Show more
Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed.Show less
CVE-2019-5981
1Sony
1Vaio Update
Nov 21, 2024
Jul 5, 2019
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors.
CVE-2018-16595
1Sony
8R5c Firmware
Wd65 FirmwareWd75 Firmware+5 more
Nov 21, 2024
Jun 19, 2019
N/A· v4
6.5 MEDIUM· v3
3.3 LOW· v2
The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices has a Buffer Overflow.
CVE-2018-16594
1Sony
8R5c Firmware
Wd65 FirmwareWd75 Firmware+5 more
Nov 21, 2024
Jun 19, 2019
N/A· v4
8.1 HIGH· v3
4.8 MEDIUM· v2
The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Directory Traversal.
CVE-2018-16593
1Sony
8R5c Firmware
Wd65 FirmwareWd75 Firmware+5 more
Nov 21, 2024
Jun 19, 2019
N/A· v4
8.8 HIGH· v3
8.3 HIGH· v2
The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection.
CVE-2019-12762
6Fujitsu
GoogleMi+3 more
8Aquos Zeta Sh 04f Firmware
Arrows Nx F05 F FirmwareGalaxy S4 Firmware+5 more
Nov 21, 2024
Jun 6, 2019
N/A· v4
4.2 MEDIUM· v3
1.9 LOW· v2
Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop tab...Show more
Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.Show less
CVE-2019-11336
1Sony
1Photo Sharing Plus
Nov 21, 2024
May 14, 2019
N/A· v4
8.1 HIGH· v3
4.3 MEDIUM· v2
Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backdoor API command, a d...Show more
Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backdoor API command, a different vulnerability than CVE-2019-10886.Show less
CVE-2018-14983
1Sony
1Xperia L1 Firmware
Nov 21, 2024
Apr 25, 2019
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
The Sony Xperia L1 Android device with a build fingerprint of Sony/G3313/G3313:7.0/43.0.A.6.49/2867558199:user/release-keys contains the android framework (i.e., system_server) with a package name of android (versionCode...Show more
The Sony Xperia L1 Android device with a build fingerprint of Sony/G3313/G3313:7.0/43.0.A.6.49/2867558199:user/release-keys contains the android framework (i.e., system_server) with a package name of android (versionCode=24, versionName=7.0) that has been modified by Sony or another entity in the supply chain. The system_server process in the core android package has an exported broadcast receiver that allows any app co-located on the device to programmatically initiate the taking of a screenshot and have the resulting screenshot be written to external storage. The taking of a screenshot is not transparent to the user; the device has a screen animation as the screenshot is taken and there is a notification indicating that a screenshot occurred. If the attacking app also requests the EXPAND_STATUS_BAR permission, it can wake the device up using certain techniques and expand the status bar to take a screenshot of the user's notifications even if the device has an active screen lock. The notifications may contain sensitive data such as text messages used in two-factor authentication. The system_server process that provides this capability cannot be disabled, as it is part of the Android framework. The notification can be removed by a local Denial of Service (DoS) attack to reboot the device.Show less
CVE-2019-10886
1Sony
1Photo Sharing Plus
Nov 21, 2024
Apr 19, 2019
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs). This vulnerability allows an attacker to read arbitrary...Show more
An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs). This vulnerability allows an attacker to read arbitrary files without authentication over HTTP when Photo Sharing Plus application is running. This may allow an attacker to browse a particular directory (e.g. images) inside the private network.Show less
CVE-2019-10844
1Sony
1Neural Network Libraries
Nov 21, 2024
Apr 4, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka nnabla) through v1.0.14 relies on the HOME environment variable, which might be untrusted.
CVE-2018-0690
1Sony
1Music Center For Pc
Nov 21, 2024
Nov 15, 2018
N/A· v4
7.5 HIGH· v3
5.1 MEDIUM· v2
An unvalidated software update vulnerability in Music Center for PC version 1.0.02 and earlier could allow a man-in-the-middle attacker to tamper with an update file and inject executable files.
CVE-2018-0656
1Sony
1Digital Paper App
Nov 21, 2024
Sep 4, 2018
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
Untrusted search path vulnerability in The installer of Digital Paper App version 1.4.0.16050 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2018-3938
1Sony
14Snc Eb600 Firmware
Snc Eb600b FirmwareSnc Eb602r Firmware+11 more
Nov 21, 2024
Aug 14, 2018
N/A· v4
10.0 CRITICAL· v3
7.5 HIGH· v2
An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overf...Show more
An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST request to trigger this vulnerability.Show less