Vulnerabilities > Toshiba

DATE CVE VULNERABILITY TITLE RISK
2015-12-31 CVE-2014-4876 Information Exposure vulnerability in Toshiba 4690 Operating System 6.3
Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly restricted, allows remote attackers to read potentially sensitive system environment variables via a crafted request to TCP port 54138.
network
toshiba CWE-200
4.3
2015-06-24 CVE-2014-4875 Information Exposure vulnerability in Toshiba Chec 6.6/6.7
CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server (BOSS) DB2 database credentials by leveraging knowledge of this key in conjunction with bossinfo.pro read access.
network
low complexity
toshiba CWE-200
5.0
2015-02-28 CVE-2015-0884 Unspecified vulnerability in Toshiba Bluetooth Stack and Service Station
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.
6.9
2009-02-20 CVE-2009-0657 Credentials Management vulnerability in Toshiba Face Recognition 2.0.2.32
Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user.
6.9
2008-01-23 CVE-2008-0399 Buffer Errors vulnerability in Toshiba Surveillix 1.0.0.4
Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort and (2) SetIpAddress methods.
network
toshiba CWE-119
6.8
2006-12-31 CVE-2006-6903 Remote Security vulnerability in Bluetooth
Unspecified vulnerability in the Toshiba Bluetooth stack allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors.
network
low complexity
toshiba
critical
10.0
2006-10-31 CVE-2006-5611 Remote Security vulnerability in Bluetooth Stack
Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 has unspecified impact and attack vectors, related to the 4.20.01(T) "Security fix." NOTE: due to the lack of details in the vendor advisory, it is not clear whether this issue is related to CVE-2006-5405.
network
low complexity
toshiba
critical
10.0
2006-10-19 CVE-2006-5405 Denial-Of-Service vulnerability in Bluetooth Wireless Device Driver 3.X/4.X
Unspecified vulnerability in Toshiba Bluetooth wireless device driver 3.x and 4 through 4.00.35, as used in multiple products, allows physically proximate attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via crafted Bluetooth packets.
local
high complexity
toshiba
6.2
2006-06-22 CVE-2006-3146 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Toshiba Bluetooth Stack
The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack.
network
low complexity
toshiba microsoft CWE-119
5.0
2006-01-14 CVE-2006-0212 Directory Traversal vulnerability in Toshiba Bluetooth Stack Object Push Service File Upload
Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by ..
network
low complexity
toshiba
5.0