Vulnerabilities > Sony > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-22 | CVE-2017-10909 | Untrusted Search Path vulnerability in Sony Music Center 1.0.00/1.0.01 Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2017-12-01 | CVE-2017-10892 | Untrusted Search Path vulnerability in Sony Music Center 1.0.00 Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2017-12-01 | CVE-2017-10891 | Untrusted Search Path vulnerability in Sony Media GO 3.2.0.191 Untrusted search path vulnerability in Media Go version 3.2.0.191 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2017-08-02 | CVE-2017-2287 | Uncontrolled Search Path Element vulnerability in Sony NFC Port Software Remover Untrusted search path vulnerability in NFC Port Software remover Ver.1.3.0.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2017-08-02 | CVE-2017-2286 | Uncontrolled Search Path Element vulnerability in Sony products Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2017-07-22 | CVE-2017-2276 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sony Wg-C10 Firmware Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary commands via unspecified vectors. | 9.0 |
| 2017-07-22 | CVE-2017-2275 | OS Command Injection vulnerability in Sony Wg-C10 Firmware WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | 9.0 |
| 2012-06-07 | CVE-2012-0985 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sony products Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method. | 9.3 |
| 2008-02-13 | CVE-2008-0748 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sony Axruploadserver Activex Control and Imagestation Buffer overflow in the Sony AxRUploadServer.AxRUploadControl.1 ActiveX control in AxRUploadServer.dll 1.0.0.38 in SonyISUpload.cab 1.0.0.38 for Sony ImageStation allows remote attackers to execute arbitrary code via a long argument to the SetLogging method. | 10.0 |
| 2007-10-30 | CVE-2007-5709 | Buffer Errors vulnerability in Sony Sonicstage Connect Player 4.3 Stack-based buffer overflow in Sony SonicStage CONNECT Player (CP) 4.3 allows remote attackers to execute arbitrary code via a long file name in an M3U file. | 9.3 |