Filtered by vendor Toshiba
Subscribe
Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30421 | 1 Toshiba | 1 Storage Security Software | 2023-02-07 | N/A | 7.8 HIGH |
| Improper Authentication vulnerability in Toshiba Storage Security Software V1.2.0.7413 is that allows for sensitive information to be obtained via(local) password authentication module. | |||||
| CVE-2016-4840 | 1 Toshiba | 1 Coordinate Plus | 2021-09-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL certificates. | |||||
| CVE-2017-2235 | 1 Toshiba | 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more | 2020-08-24 | 5.0 MEDIUM | 9.8 CRITICAL |
| Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to bypass access restriction to change the administrator account password via unspecified vectors. | |||||
| CVE-2020-5569 | 1 Toshiba | 19 Hd-ma10ts, Hd-ma10ty, Hd-ma20ts and 16 more | 2020-05-05 | 4.6 MEDIUM | 8.4 HIGH |
| An unquoted search path vulnerability exists in HDD Password tool (for Windows) version 1.20.6620 and earlier which is stored in CANVIO PREMIUM 3TB(HD-MB30TY, HD-MA30TY, HD-MB30TS, HD-MA30TS), CANVIO PREMIUM 2TB(HD-MB20TY, HD-MA20TY, HD-MB20TS, HD-MA20TS), CANVIO PREMIUM 1TB(HD-MB10TY, HD-MA10TY, HD-MB10TS, HD-MA10TS), CANVIO SLIM 1TB(HD-SB10TK, HD-SB10TS), and CANVIO SLIM 500GB(HD-SB50GK, HD-SA50GK, HD-SB50GS, HD-SA50GS), and which was downloaded before 2020 May 10. Since it registers Windows services with unquoted file paths, when a registered path contains spaces, and a malicious executable is placed on a certain path, it may be executed with the privilege of the Windows service. | |||||
| CVE-2012-4981 | 1 Toshiba | 1 Configfree | 2020-01-30 | 6.8 MEDIUM | 8.8 HIGH |
| Toshiba ConfigFree 8.0.38 has a CF7 File Remote Command Execution Vulnerability | |||||
| CVE-2012-4980 | 1 Toshiba | 1 Configfree Utility | 2019-12-30 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple stack-based buffer overflows in CFProfile.exe in Toshiba ConfigFree Utility 8.0.38 allow user-assisted attackers to execute arbitrary code. | |||||
| CVE-2017-2161 | 1 Toshiba | 1 Flashair | 2019-10-02 | 2.7 LOW | 3.5 LOW |
| FlashAirTM SDHC Memory Card (SD-WE Series <W-03>) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series <W-02>) V2.00.04 and earlier allows authenticated attackers to bypass access restrictions to obtain unauthorized image data via unspecified vectors. | |||||
| CVE-2018-16198 | 1 Toshiba | 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more | 2019-10-02 | 5.8 MEDIUM | 8.8 HIGH |
| Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device. | |||||
| CVE-2017-2162 | 1 Toshiba | 1 Flashair | 2019-10-02 | 3.3 LOW | 4.3 MEDIUM |
| FlashAirTM SDHC Memory Card (SD-WE Series <W-03>) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series <W-02>) V2.00.04 and earlier allows default credentials to be set for wireless LAN connections to the product when enabling the PhotoShare function through a web browser. | |||||
| CVE-2017-15361 | 35 Acer, Aopen, Asi and 32 more | 126 C720 Chromebook, Chromebase, Chromebase 24 and 123 more | 2019-10-02 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS. | |||||
| CVE-2017-2149 | 1 Toshiba | 1 Flashair | 2019-10-02 | 9.3 HIGH | 8.8 HIGH |
| Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Configuration Software V3.0.2 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WE series<W-03>) V3.00.01, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WD/WC series<W-02>) V2.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WB/WL series) V1.00.04 and earlier, SDHC Memory Card with embedded TransferJet functionality Configuration Software V1.02 and earlier, SDHC Memory Card with embedded TransferJet functionality Software Update tool V1.00.06 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-16197 | 1 Toshiba | 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more | 2019-10-02 | 3.3 LOW | 6.5 MEDIUM |
| Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to bypass access restriction to access the information and files stored on the affected device. | |||||
| CVE-2017-2234 | 1 Toshiba | 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier may allow remote attackers to access a non-documented developer screen to perform operations on device with administrative privileges. | |||||
| CVE-2018-16201 | 1 Toshiba | 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more | 2019-01-24 | 8.3 HIGH | 8.8 HIGH |
| Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands. | |||||
| CVE-2018-16200 | 1 Toshiba | 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more | 2019-01-24 | 5.8 MEDIUM | 8.8 HIGH |
| Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to execute arbitrary OS commands. | |||||
| CVE-2018-16199 | 1 Toshiba | 4 Hem-gw16a, Hem-gw16a Firmware, Hem-gw26a and 1 more | 2019-01-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2006-0212 | 1 Toshiba | 1 Bluetooth Stack | 2018-10-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in OBEX Push services in Toshiba Bluetooth Stack 4.00.23(T) and earlier allows remote attackers to upload arbitrary files to arbitrary remote locations specified by .. (dot dot) sequences, as demonstrated by ..\\ sequences in the RFILE argument of ussp-push. | |||||
| CVE-2006-3146 | 2 Microsoft, Toshiba | 2 Windows, Bluetooth Stack | 2018-10-18 | 5.0 MEDIUM | N/A |
| The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. NOTE: this issue was originally reported for 4.00.23. | |||||
| CVE-2006-5405 | 1 Toshiba | 1 Bluetooth Wireless Device Driver | 2018-10-17 | 6.2 MEDIUM | N/A |
| Unspecified vulnerability in Toshiba Bluetooth wireless device driver 3.x and 4 through 4.00.35, as used in multiple products, allows physically proximate attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via crafted Bluetooth packets. | |||||
| CVE-2006-6903 | 1 Toshiba | 1 Bluetooth | 2018-10-16 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Toshiba Bluetooth stack allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors. | |||||