Vulnerabilities > Toshiba
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-12-31 | CVE-2014-4876 | Information Exposure vulnerability in Toshiba 4690 Operating System 6.3 Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly restricted, allows remote attackers to read potentially sensitive system environment variables via a crafted request to TCP port 54138. | 4.3 |
| 2015-06-24 | CVE-2014-4875 | Information Exposure vulnerability in Toshiba Chec 6.6/6.7 CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server (BOSS) DB2 database credentials by leveraging knowledge of this key in conjunction with bossinfo.pro read access. | 5.0 |
| 2015-02-28 | CVE-2015-0884 | Unspecified vulnerability in Toshiba Bluetooth Stack and Service Station Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character. | 6.9 |
| 2009-02-20 | CVE-2009-0657 | Credentials Management vulnerability in Toshiba Face Recognition 2.0.2.32 Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user. | 6.9 |
| 2008-01-23 | CVE-2008-0399 | Buffer Errors vulnerability in Toshiba Surveillix 1.0.0.4 Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort and (2) SetIpAddress methods. | 6.8 |
| 2006-12-31 | CVE-2006-6903 | Remote Security vulnerability in Bluetooth Unspecified vulnerability in the Toshiba Bluetooth stack allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors. | 10.0 |
| 2006-10-31 | CVE-2006-5611 | Remote Security vulnerability in Bluetooth Stack Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 has unspecified impact and attack vectors, related to the 4.20.01(T) "Security fix." NOTE: due to the lack of details in the vendor advisory, it is not clear whether this issue is related to CVE-2006-5405. | 10.0 |
| 2006-10-19 | CVE-2006-5405 | Denial-Of-Service vulnerability in Bluetooth Wireless Device Driver 3.X/4.X Unspecified vulnerability in Toshiba Bluetooth wireless device driver 3.x and 4 through 4.00.35, as used in multiple products, allows physically proximate attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via crafted Bluetooth packets. | 6.2 |
| 2006-06-22 | CVE-2006-3146 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Toshiba Bluetooth Stack The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. | 5.0 |
| 2006-01-14 | CVE-2006-0212 | Directory Traversal vulnerability in Toshiba Bluetooth Stack Object Push Service File Upload Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. | 5.0 |