Vulnerabilities > Bose

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-21	CVE-2018-12638	Cross-site Scripting vulnerability in Bose Soundtouch 18.1.4 An issue was discovered in the Bose Soundtouch app 18.1.4 for iOS. network low complexity bose CWE-79	6.1
2018-03-24	CVE-2017-17751	Unspecified vulnerability in Bose Soundtouch Bose SoundTouch devices allows remote attackers to achieve remote control via a crafted web site that uses the WebSocket Protocol. network low complexity bose	8.8
2018-03-24	CVE-2017-17750	Cross-site Scripting vulnerability in Bose Soundtouch Bose SoundTouch devices allow XSS via a crafted public playlist from Spotify. network low complexity bose CWE-79	5.4
2018-03-24	CVE-2017-17749	Cross-site Scripting vulnerability in Bose Soundtouch Bose SoundTouch devices allow XSS via crafted song data from a music service, as demonstrated by Pandora. network low complexity bose CWE-79	5.4
2017-05-01	CVE-2017-6520	Channel and Path Errors vulnerability in Bose Soundtouch 30 The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 inadvertently responds to IPv4 unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets. network low complexity bose CWE-417 critical	9.1

Vulnerabilities > Bose {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bose"}]}