Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Panasonic Subscribe
Total 33 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11716 1 Panasonic 12 Eluga Ray 530, Eluga Ray 530 Firmware, Eluga Ray 600 and 9 more 2023-03-02 7.5 HIGH 9.8 CRITICAL
Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro devices through 2020-04-10 have Insecure Permissions. NOTE: the vendor states that all affected products are at "End-of-software-support."
CVE-2022-4621 1 Panasonic 10 Vcc-hd2100p, Vcc-hd2100p Firmware, Vcc-hd3100p and 7 more 2023-01-24 N/A 8.8 HIGH
Panasonic Sanyo CCTV Network Cameras versions 1.02-05 and 2.03-0x are vulnerable to CSRFs that can be exploited to allow an attacker to perform changes with administrator level privileges.
CVE-2021-20623 1 Panasonic 1 Video Insight Vms 2022-07-12 10.0 HIGH 9.8 CRITICAL
Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request.
CVE-2014-8756 1 Panasonic 2 Network Camera Recorder, Network Camera Recorder Firmware 2021-11-09 6.8 MEDIUM N/A
The NcrCtl4.NcrNet.1 control in Panasonic Network Camera Recorder before 4.04R03 allows remote attackers to execute arbitrary code via a crafted GetVOLHeader method call, which writes null bytes to an arbitrary address.
CVE-2017-5151 1 Panasonic 1 Video Insight Web Client 2021-09-09 7.5 HIGH 7.3 HIGH
An issue was discovered in VideoInsight Web Client Version 6.3.5.11 and previous versions. A SQL Injection vulnerability has been identified, which may allow remote code execution.
CVE-2021-32972 1 Panasonic 1 Fpwin Pro 2021-07-13 4.3 MEDIUM 5.5 MEDIUM
Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file specifying a URI that causes the XML parser to access the URI and embed the contents, which may allow the attacker to disclose information that is accessible in the context of the user executing software.
CVE-2020-16236 1 Panasonic 1 Fpwin Pro 2021-01-28 6.8 MEDIUM 7.8 HIGH
FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code.
CVE-2020-29194 1 Panasonic 2 Wv-s2231l, Wv-s2231l Firmware 2020-12-30 5.0 MEDIUM 7.5 HIGH
Panasonic Security System WV-S2231L 4.25 allows a denial of service of the admin control panel (which will require a physical reset to restore administrative control) via Randomnum=99AC8CEC6E845B28&mode=1 in a POST request to the cgi-bin/set_factory URI.
CVE-2020-29193 1 Panasonic 2 Wv-s2231l, Wv-s2231l Firmware 2020-12-30 2.1 LOW 6.8 MEDIUM
Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded password of lkjhgfdsa (which is just the asdf keyboard row in reverse order).
CVE-2019-6530 1 Panasonic 1 Control Fpwin Pro 2020-10-16 6.8 MEDIUM 7.8 HIGH
Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user causing heap-based buffer overflows, which may lead to remote code execution.
CVE-2019-6532 1 Panasonic 1 Control Fpwin Pro 2020-10-06 6.8 MEDIUM 7.8 HIGH
Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution.
CVE-2019-15376 1 Panasonic 2 Eluga Ray 530, Eluga Ray 530 Firmware 2020-08-24 2.1 LOW 5.5 MEDIUM
The Panasonic Eluga Ray 530 Android device with a build fingerprint of Panasonic/ELUGA_Ray_530/ELUGA_Ray_530:8.1.0/O11019/1531828974:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.
CVE-2019-15378 1 Panasonic 2 Eluga Ray 600, Eluga Ray 600 Firmware 2020-08-24 2.1 LOW 5.5 MEDIUM
The Panasonic Eluga Ray 600 Android device with a build fingerprint of Panasonic/ELUGA_Ray_600/ELUGA_Ray_600:8.1.0/O11019/1532692680:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.
CVE-2019-5997 1 Panasonic 1 Video Insight Vms 2020-05-20 7.5 HIGH 9.8 CRITICAL
Video Insight VMS 7.5 and earlier allows remote attackers to conduct code injection attacks via unspecified vectors.
CVE-2020-11715 1 Panasonic 2 P99, P99 Firmware 2020-05-20 7.5 HIGH 9.8 CRITICAL
Panasonic P99 devices through 2020-04-10 have Incorrect Access Control. NOTE: the vendor states that all affected products are at "End-of-software-support."
CVE-2019-15429 1 Panasonic 2 Eluga I9, Eluga I9 Firmware 2020-05-19 7.2 HIGH 7.8 HIGH
The Panasonic ELUGA_I9 Android device with a build fingerprint of Panasonic/ELUGA_I9/ELUGA_I9:7.0/NRD90M/1501740649:user/release-keys contains a pre-installed app with a package name of com.ovvi.modem app (versionCode=1, versionName=1) that allows unauthorized attacker-controlled at command via a confused deputy attack. This capability can be accessed by any app co-located on the device.
CVE-2019-5996 1 Panasonic 1 Video Insight Vms 2019-09-13 6.5 MEDIUM 8.8 HIGH
SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2018-16183 2 Microsoft, Panasonic 6 Windows 10, Windows 7, Windows 8 and 3 more 2019-02-26 6.8 MEDIUM 7.8 HIGH
An unquoted search path vulnerability in some pre-installed applications on Panasonic PC run on Windows 7 (32bit), Windows 7 (64bit), Windows 8 (64bit), Windows 8.1 (64bit), Windows 10 (64bit) delivered in or later than October 2009 allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges.
CVE-2018-0676 1 Panasonic 2 Bn-sdwbp3, Bn-sdwbp3 Firmware 2019-02-11 5.8 MEDIUM 8.8 HIGH
BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to bypass authentication to access to the management screen and execute an arbitrary command via unspecified vectors.
CVE-2018-0677 1 Panasonic 2 Bn-sdwbp3, Bn-sdwbp3 Firmware 2019-02-11 7.7 HIGH 6.8 MEDIUM
BN-SDWBP3 firmware version 1.0.9 and earlier allows attacker with administrator rights on the same network segment to execute arbitrary OS commands via unspecified vectors.