Vulnerabilities > Sony

DATE CVE VULNERABILITY TITLE RISK
2019-06-06 CVE-2019-12762 Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.
high complexity
mi sony samsung google sharp fujitsu
4.2
2019-05-14 CVE-2019-11336 Information Exposure Through Log Files vulnerability in Sony Photo Sharing Plus 6.5830
Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backdoor API command, a different vulnerability than CVE-2019-10886.
network
high complexity
sony CWE-532
8.1
2019-04-25 CVE-2018-14983 Improper Input Validation vulnerability in Sony Xperia L1 Firmware
The Sony Xperia L1 Android device with a build fingerprint of Sony/G3313/G3313:7.0/43.0.A.6.49/2867558199:user/release-keys contains the android framework (i.e., system_server) with a package name of android (versionCode=24, versionName=7.0) that has been modified by Sony or another entity in the supply chain.
local
low complexity
sony CWE-20
5.5
2019-04-19 CVE-2019-10886 Missing Authentication for Critical Function vulnerability in Sony Photo Sharing Plus 6.5830
An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs).
network
high complexity
sony CWE-306
5.9
2019-04-04 CVE-2019-10844 Unspecified vulnerability in Sony Neural Network Libraries
nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka nnabla) through v1.0.14 relies on the HOME environment variable, which might be untrusted.
network
low complexity
sony
critical
9.8
2018-11-15 CVE-2018-0690 Unspecified vulnerability in Sony Music Center for PC 1.0.00/1.0.01/1.0.02
An unvalidated software update vulnerability in Music Center for PC version 1.0.02 and earlier could allow a man-in-the-middle attacker to tamper with an update file and inject executable files.
network
high complexity
sony
7.5
2018-09-04 CVE-2018-0656 Untrusted Search Path vulnerability in Sony Digital Paper APP 1.4.0.16050
Untrusted search path vulnerability in The installer of Digital Paper App version 1.4.0.16050 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
sony CWE-426
7.8
2018-08-14 CVE-2018-3938 Out-of-bounds Write vulnerability in Sony products
An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00.
network
low complexity
sony CWE-787
critical
10.0
2018-08-14 CVE-2018-3937 OS Command Injection vulnerability in Sony products
An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00.
network
low complexity
sony CWE-78
7.2
2018-06-26 CVE-2018-0600 Untrusted Search Path vulnerability in Sony Playmemories Home 5.5.01
Untrusted search path vulnerability in the installer of PlayMemories Home for Windows ver.5.5.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
sony CWE-426
7.8