Vulnerabilities > Panasonic
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-12 | CVE-2016-4499 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Panasonic Fpwin PRO Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (application crash) via unspecified vectors. | 4.4 |
| 2016-05-12 | CVE-2016-4498 | Improper Input Validation vulnerability in Panasonic Fpwin PRO Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 6.8 |
| 2016-05-12 | CVE-2016-4497 | Improper Input Validation vulnerability in Panasonic Fpwin PRO Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." | 6.8 |
| 2016-05-12 | CVE-2016-4496 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Panasonic Fpwin PRO Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by triggering a crafted index value, as demonstrated by an integer overflow. | 4.4 |
| 2015-07-06 | CVE-2015-4648 | Improper Input Validation vulnerability in Panasonic Security API Activex SDK Stack-based buffer overflow in the Ipropsapi.ipropsapiCtrl.1 ActiveX control in ipropsapivideo in Panasonic Security API (PS-API) ActiveX SDK before 8.10.18 allows remote attackers to execute arbitrary code via a long string to the MulticastAddr method. | 7.5 |
| 2015-07-06 | CVE-2015-4647 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Panasonic Security API Activex SDK Multiple stack-based buffer overflows in Ipropsapi in Panasonic Security API (PS-API) ActiveX SDK before 8.10.18 allow remote attackers to execute arbitrary code via a long string in the (1) FilePassword property or to the (2) GetStringInfo method. | 6.8 |
| 2015-01-15 | CVE-2014-9596 | Cryptographic Issues vulnerability in Panasonic products Panasonic Arbitrator Back-End Server (BES) MK 2.0 VPU before 9.3.1 build 4.08.003.0, when USB Wi-Fi or Direct LAN is enabled, and MK 3.0 VPU before 9.3.1 build 5.06.000.0, when Embedded Wi-Fi or Direct LAN is enabled, does not use encryption, which allows remote attackers to obtain sensitive information by sniffing the network for client-server traffic, as demonstrated by Active Directory credential information. | 4.3 |
| 2014-10-17 | CVE-2014-8756 | Unspecified vulnerability in Panasonic Network Camera Recorder Firmware The NcrCtl4.NcrNet.1 control in Panasonic Network Camera Recorder before 4.04R03 allows remote attackers to execute arbitrary code via a crafted GetVOLHeader method call, which writes null bytes to an arbitrary address. network panasonic | 6.8 |
| 2014-10-17 | CVE-2014-8755 | Improper Input Validation vulnerability in Panasonic Network Camera View 3.0/4.0 Panasonic Network Camera View 3 and 4 allows remote attackers to execute arbitrary code via a crafted page, which triggers an invalid pointer dereference, related to "the ability to nullify an arbitrary address in memory." | 6.8 |
| 2008-08-05 | CVE-2008-3482 | Cross-Site Scripting vulnerability in Panasonic products Cross-site scripting (XSS) vulnerability in the error page feature in Panasonic Network Camera BL-C111, BL-C131, BB-HCM511, BB-HCM531, BB-HCM580, BB-HCM581, BB-HCM527, and BB-HCM515 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |