Common Weakness Enumeration
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Back to CWE stats page
CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
CVE-2024-41872 (GCVE-0-2024-41872)
Vulnerability from cvelistv5 – Published: 2024-09-13 07:00 – Updated: 2024-09-13 14:03
VLAI
Title
Media Encoder | Out-of-bounds Read (CWE-125)
Summary
Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read (CWE-125)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/media-e… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Media Encoder |
Affected:
0 , ≤ 23.6.8
(semver)
|
Date Public
2024-09-10 17:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41872",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T14:02:53.973734Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T14:03:01.462Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Media Encoder",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.6.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-09-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T07:00:19.793Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/media-encoder/apsb24-53.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Media Encoder | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-41872",
"datePublished": "2024-09-13T07:00:19.793Z",
"dateReserved": "2024-07-22T17:16:40.942Z",
"dateUpdated": "2024-09-13T14:03:01.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41873 (GCVE-0-2024-41873)
Vulnerability from cvelistv5 – Published: 2024-09-13 07:00 – Updated: 2024-09-13 14:10
VLAI
Title
Media Encoder | Out-of-bounds Read (CWE-125)
Summary
Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read (CWE-125)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/media-e… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Media Encoder |
Affected:
0 , ≤ 23.6.8
(semver)
|
Date Public
2024-09-10 17:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41873",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T14:09:58.928156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T14:10:07.362Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Media Encoder",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "23.6.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-09-10T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read (CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T07:00:16.657Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/media-encoder/apsb24-53.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Media Encoder | Out-of-bounds Read (CWE-125)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2024-41873",
"datePublished": "2024-09-13T07:00:16.657Z",
"dateReserved": "2024-07-22T17:16:40.943Z",
"dateUpdated": "2024-09-13T14:10:07.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41908 (GCVE-0-2024-41908)
Vulnerability from cvelistv5 – Published: 2024-08-13 07:54 – Updated: 2024-08-13 13:49
VLAI
Summary
A vulnerability has been identified in NX (All versions < V2406.3000). The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | NX |
Affected:
0 , < V2406.3000
(custom)
|
|
| siemens | nx_1988_firmware |
Affected:
0 , < 2406.3000
(custom)
cpe:2.3:o:siemens:nx_1957_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:nx_1961_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:nx_1965_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:nx_1969_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:nx_1984_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:nx_1988_firmware:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:siemens:nx_1957_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:nx_1961_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:nx_1965_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:nx_1969_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:nx_1984_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:nx_1988_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nx_1988_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "2406.3000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41908",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T13:29:47.094197Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T13:49:49.818Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "NX",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2406.3000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in NX (All versions \u003c V2406.3000). The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the application or execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T07:54:28.985Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-357412.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-41908",
"datePublished": "2024-08-13T07:54:28.985Z",
"dateReserved": "2024-07-23T12:40:56.886Z",
"dateUpdated": "2024-08-13T13:49:49.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41928 (GCVE-0-2024-41928)
Vulnerability from cvelistv5 – Published: 2024-09-05 03:32 – Updated: 2024-09-20 16:03
VLAI
Title
bhyve(8) privileged guest escape via TPM device passthrough
Summary
Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://security.freebsd.org/advisories/FreeBSD-S… | vendor-advisory |
| https://security.netapp.com/advisory/ntap-2024092… |
Impacted products
Date Public
2024-09-04 23:37
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "freebsd",
"vendor": "freebsd",
"versions": [
{
"lessThan": "14.1_p4",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "14.0_p10",
"status": "affected",
"version": "14.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41928",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T13:13:31.173172Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T16:18:40.362Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-20T16:03:10.182Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240920-0009/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"bhyve"
],
"product": "FreeBSD",
"vendor": "FreeBSD",
"versions": [
{
"lessThan": "p4",
"status": "affected",
"version": "14.1-RELEASE",
"versionType": "release"
},
{
"lessThan": "p10",
"status": "affected",
"version": "14.0-RELEASE",
"versionType": "release"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Synacktiv"
},
{
"lang": "en",
"type": "sponsor",
"value": "The FreeBSD Foundation"
},
{
"lang": "en",
"type": "sponsor",
"value": "The Alpha-Omega Project"
}
],
"datePublic": "2024-09-04T23:37:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T03:32:56.561Z",
"orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"shortName": "freebsd"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:10.bhyve.asc"
}
],
"title": "bhyve(8) privileged guest escape via TPM device passthrough"
}
},
"cveMetadata": {
"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"assignerShortName": "freebsd",
"cveId": "CVE-2024-41928",
"datePublished": "2024-09-05T03:32:56.561Z",
"dateReserved": "2024-08-27T16:30:55.953Z",
"dateUpdated": "2024-09-20T16:03:10.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42420 (GCVE-0-2024-42420)
Vulnerability from cvelistv5 – Published: 2024-10-25 06:18 – Updated: 2024-10-25 18:37
VLAI
Summary
Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages.
Crafted HTTP requests may cause affected products crashed.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds read
Assigner
References
Impacted products
28 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sharp Corporation | Sharp Digital Full-color MFPs and Monochrome MFPs |
Affected:
see the information provided by Sharp Corporation.
|
|
| Toshiba Tec Corporation | e-STUDIO 908 |
Affected:
T2.12.h3.00 and earlier versions
|
|
| Toshiba Tec Corporation | e-STUDIO 1058 |
Affected:
T1.01.h4.00 and earlier versions
|
|
| Toshiba Tec Corporation | e-STUDIO 1208 |
Affected:
T1.01.h4.00 and earlier versions
|
|
| sharp | bp-90c80_firmware |
Affected:
0 , ≤ 210
(custom)
cpe:2.3:o:sharp:bp-90c70_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-90c80_firmware:*:*:*:*:*:*:*:* |
|
| sharp | bp-70c65_firmware |
Affected:
0 , ≤ 320
(custom)
cpe:2.3:o:sharp:bp-50c26_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c55_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c65_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-55c26_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-60c31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-60c36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-60c45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c55_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c65_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-8081_firmware |
Affected:
0 , ≤ 160
(custom)
cpe:2.3:o:sharp:mx-7081_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-8081_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-6071s_firmware |
Affected:
0 , ≤ 613
(custom)
cpe:2.3:o:sharp:mx-2651_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3061_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3061s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3551_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3561_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3561s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3571_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3571s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4061_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4061s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6071s_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-30c25_firmware |
Affected:
0 , ≤ 130
(custom)
cpe:2.3:o:sharp:bp-30c25t_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30c25y_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30c25z_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30c25_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-7580n_firmware |
Affected:
0 , ≤ 503
(custom)
cpe:2.3:o:sharp:mx-6580n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-7580n_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-8090n_firmware |
Affected:
0 , ≤ 405
(custom)
cpe:2.3:o:sharp:mx-7090n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-8090n_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-6070v_firmware |
Affected:
0 , ≤ 802
(custom)
cpe:2.3:o:sharp:mx-2630n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3050n_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3050n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3050v_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3050v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3550n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3550v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4050n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4050v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5050n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5050v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6050n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6050v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3060n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3060v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3070n_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3070n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3070v_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3070v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3560n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3560v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3570n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3570v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4060n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4060v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4070n_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4070n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4070v_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4070v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5070n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5070v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6070n_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6070n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6070v_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6070v_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-c545wd_firmware |
Affected:
0 , ≤ 262
(custom)
cpe:2.3:o:sharp:bp-c533wd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c533wr_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c535wd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c535wr_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c542wd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c545wd_firmware:*:*:*:*:*:*:*:* |
|
| sharp | mx-c304wh_firmware |
Affected:
0 , ≤ 520
(custom)
cpe:2.3:o:sharp:mx-c303_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c303w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c303wh_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c304_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c304w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c304wh_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-70m90_firmware |
Affected:
0 , ≤ 310
(custom)
cpe:2.3:o:sharp:bp-70m75_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m90_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-70m65_firmware |
Affected:
0 , ≤ 320
(custom)
cpe:2.3:o:sharp:bp-50m26_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m50_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m55_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m55_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m65_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m1206_firmware |
Affected:
0 , ≤ 200
(custom)
cpe:2.3:o:sharp:mx-m1056_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m1206_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m7570_firmware |
Affected:
0 , ≤ 456
(custom)
cpe:2.3:o:sharp:mx-m6570_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m7570_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m6071s_firmware |
Affected:
0 , ≤ 413
(custom)
cpe:2.3:o:sharp:mx-m5051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m2651_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3551_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3571_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3571s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m5071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m5071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6071s_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-30m35t_firmware |
Affected:
0 , ≤ 220
(custom)
cpe:2.3:o:sharp:bp-30m28_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m28t_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m31t_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m35_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m35t_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-b476wh_firmware |
Affected:
0 , ≤ 413
(custom)
cpe:2.3:o:sharp:mx-b356w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b356wh_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b376w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b376wh_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b456w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b456wh_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b476w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b476wh_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m905_firmware |
Affected:
0 , ≤ 612
(custom)
cpe:2.3:o:sharp:mx-m905_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m6070_firmware |
Affected:
0 , ≤ 503
(custom)
cpe:2.3:o:sharp:mx-m3550_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m2630_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m2630_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3050_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3050_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3070_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3070_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3570_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4050_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4070_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4070_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m5050_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m5070_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6050_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6070_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6070_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-b550wd_firmware |
Affected:
0 , ≤ 260
(custom)
cpe:2.3:o:sharp:bp-b537wr_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-b540wr_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-b547wd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-b550wd_firmware:*:*:*:*:*:*:*:* |
|
| sharp | mx-b455wz_firmware |
Affected:
0 , ≤ 404
(custom)
cpe:2.3:o:sharp:mx-b355w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b355wt_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b355wz_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b455w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b455wt_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b455wz_firmware:-:*:*:*:*:*:*:* |
|
| toshibatec | e-studio-908_firmware |
Affected:
0 , ≤ t2.12.h3.00
(custom)
cpe:2.3:o:toshibatec:e-studio-908_firmware:*:*:*:*:*:*:*:* |
|
| toshibatec | e-studio-1058_firmware |
Affected:
0 , ≤ t1.01.h4.00
(custom)
cpe:2.3:o:toshibatec:e-studio-1058_firmware:*:*:*:*:*:*:*:* |
|
| toshibatec | e-studio-1208_firmware |
Affected:
0 , ≤ t1.01.h4.00
(custom)
cpe:2.3:o:toshibatec:e-studio-1208_firmware:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sharp:bp-90c70_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-90c80_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-90c80_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "210",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-50c26_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c55_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c65_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-55c26_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-60c31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-60c36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-60c45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c55_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c65_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-70c65_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "320",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-7081_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-8081_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-8081_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "160",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-2651_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3061_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3061s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3561_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3561s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3571_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3571s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4061_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4061s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6071s_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-6071s_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "613",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-30c25t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30c25y_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30c25z_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30c25_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-30c25_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "130",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-6580n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-7580n_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-7580n_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "503",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-7090n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-8090n_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-8090n_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "405",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-2630n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3050n_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3050n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3050v_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3050v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3550n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3550v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4050n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4050v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5050n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5050v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6050n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6050v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3060n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3060v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3070n_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3070n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3070v_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3070v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3560n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3560v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3570n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3570v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4060n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4060v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4070n_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4070n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4070v_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4070v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5070n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5070v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6070n_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6070n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6070v_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6070v_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-6070v_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-c533wd_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c533wr_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c535wd_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c535wr_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c542wd_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c545wd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-c545wd_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "262",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-c303_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c303w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c303wh_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c304_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c304w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c304wh_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-c304wh_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "520",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-70m75_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m90_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-70m90_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-50m26_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m50_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m55_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m55_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m65_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-70m65_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "320",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m1056_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m1206_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m1206_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "200",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m6570_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m7570_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m7570_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "456",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m5051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m2651_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3571_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3571s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m5071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m5071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6071s_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m6071s_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "413",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-30m28_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m28t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m31t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m35_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m35t_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-30m35t_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "220",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-b356w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b356wh_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b376w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b376wh_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b456w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b456wh_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b476w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b476wh_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-b476wh_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "413",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m905_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m905_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "612",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m3550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m2630_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m2630_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3050_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3070_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3570_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4070_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m5050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m5070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6070_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6070_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m6070_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "503",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-b537wr_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-b540wr_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-b547wd_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-b550wd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-b550wd_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "260",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-b355w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b355wt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b355wz_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b455w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b455wt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b455wz_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-b455wz_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "404",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:toshibatec:e-studio-908_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-908_firmware",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "t2.12.h3.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:toshibatec:e-studio-1058_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-1058_firmware",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "t1.01.h4.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:toshibatec:e-studio-1208_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-1208_firmware",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "t1.01.h4.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42420",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T18:35:04.039058Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T18:37:13.542Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sharp Digital Full-color MFPs and Monochrome MFPs",
"vendor": "Sharp Corporation",
"versions": [
{
"status": "affected",
"version": "see the information provided by Sharp Corporation."
}
]
},
{
"product": "e-STUDIO 908",
"vendor": "Toshiba Tec Corporation",
"versions": [
{
"status": "affected",
"version": "T2.12.h3.00 and earlier versions"
}
]
},
{
"product": "e-STUDIO 1058",
"vendor": "Toshiba Tec Corporation",
"versions": [
{
"status": "affected",
"version": "T1.01.h4.00 and earlier versions"
}
]
},
{
"product": "e-STUDIO 1208",
"vendor": "Toshiba Tec Corporation",
"versions": [
{
"status": "affected",
"version": "T1.01.h4.00 and earlier versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages.\r\nCrafted HTTP requests may cause affected products crashed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds read",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T09:01:42.113Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU95063136/"
},
{
"url": "https://global.sharp/products/copier/info/info_security_2024-10.html"
},
{
"url": "https://www.toshibatec.com/information/20241025_01.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-42420",
"datePublished": "2024-10-25T06:18:00.481Z",
"dateReserved": "2024-10-16T05:26:36.361Z",
"dateUpdated": "2024-10-25T18:37:13.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42477 (GCVE-0-2024-42477)
Vulnerability from cvelistv5 – Published: 2024-08-12 15:02 – Updated: 2024-08-13 14:07
VLAI
Title
llama.cpp global-buffer-overflow in ggml_type_size
Summary
llama.cpp provides LLM inference in C/C++. The unsafe `type` member in the `rpc_tensor` structure can cause `global-buffer-overflow`. This vulnerability may lead to memory data leakage. The vulnerability is fixed in b3561.
Severity
5.3 (Medium)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ggerganov/llama.cpp/security/a… | x_refsource_CONFIRM |
| https://github.com/ggerganov/llama.cpp/commit/b72… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ggerganov:llama.cpp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "llama.cpp",
"vendor": "ggerganov",
"versions": [
{
"lessThan": "b3561",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42477",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T14:06:01.701592Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T14:07:30.334Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "llama.cpp",
"vendor": "ggerganov",
"versions": [
{
"status": "affected",
"version": "\u003c b3561"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "llama.cpp provides LLM inference in C/C++. The unsafe `type` member in the `rpc_tensor` structure can cause `global-buffer-overflow`. This vulnerability may lead to memory data leakage. The vulnerability is fixed in b3561."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T15:02:40.980Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-mqp6-7pv6-fqjf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-mqp6-7pv6-fqjf"
},
{
"name": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b"
}
],
"source": {
"advisory": "GHSA-mqp6-7pv6-fqjf",
"discovery": "UNKNOWN"
},
"title": "llama.cpp global-buffer-overflow in ggml_type_size"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42477",
"datePublished": "2024-08-12T15:02:40.980Z",
"dateReserved": "2024-08-02T14:13:04.616Z",
"dateUpdated": "2024-08-13T14:07:30.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42478 (GCVE-0-2024-42478)
Vulnerability from cvelistv5 – Published: 2024-08-12 15:05 – Updated: 2024-08-16 19:15
VLAI
Title
llama.cpp allows Arbitrary Address Read in rpc_server::get_tensor
Summary
llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address reading. This vulnerability is fixed in b3561.
Severity
5.3 (Medium)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/ggerganov/llama.cpp/security/a… | x_refsource_CONFIRM |
| https://github.com/ggerganov/llama.cpp/commit/b72… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ggerganov:llama.cpp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "llama.cpp",
"vendor": "ggerganov",
"versions": [
{
"lessThan": "b3561",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42478",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T15:16:40.577714Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T19:15:15.749Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "llama.cpp",
"vendor": "ggerganov",
"versions": [
{
"status": "affected",
"version": "\u003c b3561"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address reading. This vulnerability is fixed in b3561."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T15:05:12.697Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-5vm9-p64x-gqw9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-5vm9-p64x-gqw9"
},
{
"name": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b"
}
],
"source": {
"advisory": "GHSA-5vm9-p64x-gqw9",
"discovery": "UNKNOWN"
},
"title": "llama.cpp allows Arbitrary Address Read in rpc_server::get_tensor"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42478",
"datePublished": "2024-08-12T15:05:12.697Z",
"dateReserved": "2024-08-02T14:13:04.616Z",
"dateUpdated": "2024-08-16T19:15:15.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42484 (GCVE-0-2024-42484)
Vulnerability from cvelistv5 – Published: 2024-09-12 14:12 – Updated: 2024-09-12 16:53
VLAI
Title
ESP-NOW OOB Vulnerability In Group Type Message
Summary
ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An Out-of-Bound (OOB) vulnerability was discovered in the implementation of the ESP-NOW group type message because there is no check for the addrs_num field of the group type message. This can result in memory corruption related attacks. Normally there are two fields in the group information that need to be checked, i.e., the addrs_num field and the addrs_list fileld. Since we only checked the addrs_list field, an attacker can send a group type message with an invalid addrs_num field, which will cause the message handled by the firmware to be much larger than the current buffer, thus causing a memory corruption issue that goes beyond the payload length.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/espressif/esp-now/security/adv… | x_refsource_CONFIRM |
| https://github.com/espressif/esp-now/commit/b03a1… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:espressif:esp-now:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "esp-now",
"vendor": "espressif",
"versions": [
{
"lessThan": "2.5.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42484",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-12T16:46:44.456080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T16:53:05.559Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "esp-now",
"vendor": "espressif",
"versions": [
{
"status": "affected",
"version": "\u003c 2.5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An Out-of-Bound (OOB) vulnerability was discovered in the implementation of the ESP-NOW group type message because there is no check for the addrs_num field of the group type message. This can result in memory corruption related attacks. Normally there are two fields in the group information that need to be checked, i.e., the addrs_num field and the addrs_list fileld. Since we only checked the addrs_list field, an attacker can send a group type message with an invalid addrs_num field, which will cause the message handled by the firmware to be much larger than the current buffer, thus causing a memory corruption issue that goes beyond the payload length."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T14:12:13.174Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/espressif/esp-now/security/advisories/GHSA-q6f6-4qc5-vhx5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/espressif/esp-now/security/advisories/GHSA-q6f6-4qc5-vhx5"
},
{
"name": "https://github.com/espressif/esp-now/commit/b03a1b4593713fa4bf0038a87edca01f10114a7a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/espressif/esp-now/commit/b03a1b4593713fa4bf0038a87edca01f10114a7a"
}
],
"source": {
"advisory": "GHSA-q6f6-4qc5-vhx5",
"discovery": "UNKNOWN"
},
"title": "ESP-NOW OOB Vulnerability In Group Type Message"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42484",
"datePublished": "2024-09-12T14:12:13.174Z",
"dateReserved": "2024-08-02T14:13:04.617Z",
"dateUpdated": "2024-09-12T16:53:05.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43110 (GCVE-0-2024-43110)
Vulnerability from cvelistv5 – Published: 2024-09-05 04:31 – Updated: 2025-11-04 16:13
VLAI
Title
Multiple issues in ctl(4) CAM Target Layer
Summary
The ctl_request_sense function could expose up to three bytes of the kernel heap to userspace.
Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://security.freebsd.org/advisories/FreeBSD-S… | vendor-advisory |
| https://security.netapp.com/advisory/ntap-2024092… |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| FreeBSD | FreeBSD |
Affected:
14.1-RELEASE , < p4
(release)
Affected: 14.0-RELEASE , < p10 (release) Affected: 13.3-RELEASE , < p6 (release) |
|
| freebsd | freebsd |
Affected:
14.1 , < 14.1_p4
(custom)
Affected: 14.0 , < 14.0_p10 (custom) Affected: 13.3 , < 13.3_p6 (custom) cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:* |
Date Public
2024-09-04 23:37
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "freebsd",
"vendor": "freebsd",
"versions": [
{
"lessThan": "14.1_p4",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "14.0_p10",
"status": "affected",
"version": "14.0",
"versionType": "custom"
},
{
"lessThan": "13.3_p6",
"status": "affected",
"version": "13.3",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-43110",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T13:11:06.616986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T13:11:27.145Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:13:45.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240920-0010/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"ctl"
],
"product": "FreeBSD",
"vendor": "FreeBSD",
"versions": [
{
"lessThan": "p4",
"status": "affected",
"version": "14.1-RELEASE",
"versionType": "release"
},
{
"lessThan": "p10",
"status": "affected",
"version": "14.0-RELEASE",
"versionType": "release"
},
{
"lessThan": "p6",
"status": "affected",
"version": "13.3-RELEASE",
"versionType": "release"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Synacktiv"
},
{
"lang": "en",
"type": "sponsor",
"value": "The FreeBSD Foundation"
},
{
"lang": "en",
"type": "sponsor",
"value": "The Alpha-Omega Project"
}
],
"datePublic": "2024-09-04T23:37:17.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ctl_request_sense function could expose up to three bytes of the kernel heap to userspace.\n\nMalicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T04:31:19.166Z",
"orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"shortName": "freebsd"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:11.ctl.asc"
}
],
"title": "Multiple issues in ctl(4) CAM Target Layer"
}
},
"cveMetadata": {
"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"assignerShortName": "freebsd",
"cveId": "CVE-2024-43110",
"datePublished": "2024-09-05T04:31:19.166Z",
"dateReserved": "2024-08-27T16:30:55.973Z",
"dateUpdated": "2025-11-04T16:13:45.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-43424 (GCVE-0-2024-43424)
Vulnerability from cvelistv5 – Published: 2024-10-25 06:18 – Updated: 2024-10-25 17:16
VLAI
Summary
Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability.
Crafted HTTP requests may cause affected products crashed.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds read
Assigner
References
Impacted products
28 products
| Vendor | Product | Version | |
|---|---|---|---|
| Sharp Corporation | Sharp Digital Full-color MFPs and Monochrome MFPs |
Affected:
see the information provided by Sharp Corporation
|
|
| Toshiba Tec Corporation | e-STUDIO 908 |
Affected:
T2.12.h3.00 and earlier versions
|
|
| Toshiba Tec Corporation | e-STUDIO 1058 |
Affected:
T1.01.h4.00 and earlier versions
|
|
| Toshiba Tec Corporation | e-STUDIO 1208 |
Affected:
T1.01.h4.00 and earlier versions
|
|
| sharp | bp-90c80_firmware |
Affected:
0 , ≤ 210
(custom)
cpe:2.3:o:sharp:bp-90c70_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-90c80_firmware:*:*:*:*:*:*:*:* |
|
| sharp | bp-70c65_firmware |
Affected:
0 , ≤ 320
(custom)
cpe:2.3:o:sharp:bp-50c26_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c55_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50c65_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-55c26_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-60c31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-60c36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-60c45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c55_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70c65_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-8081_firmware |
Affected:
0 , ≤ 160
(custom)
cpe:2.3:o:sharp:mx-7081_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-8081_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-6071s_firmware |
Affected:
0 , ≤ 613
(custom)
cpe:2.3:o:sharp:mx-2651_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3061_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3061s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3551_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3561_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3561s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3571_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3571s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4061_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4061s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6071s_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-30c25_firmware |
Affected:
0 , ≤ 130
(custom)
cpe:2.3:o:sharp:bp-30c25t_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30c25y_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30c25z_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30c25_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-7580n_firmware |
Affected:
0 , ≤ 503
(custom)
cpe:2.3:o:sharp:mx-6580n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-7580n_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-8090n_firmware |
Affected:
0 , ≤ 405
(custom)
cpe:2.3:o:sharp:mx-7090n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-8090n_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-6070v_firmware |
Affected:
0 , ≤ 802
(custom)
cpe:2.3:o:sharp:mx-2630n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3050n_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3050n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3050v_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3050v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3550n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3550v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4050n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4050v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5050n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5050v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6050n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6050v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3060n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3060v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3070n_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3070n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3070v_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3070v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3560n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3560v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3570n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-3570v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4060n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4060v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4070n_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4070n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4070v_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-4070v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5070n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-5070v_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6070n_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6070n_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6070v_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-6070v_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-c545wd_firmware |
Affected:
0 , ≤ 262
(custom)
cpe:2.3:o:sharp:bp-c533wd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c533wr_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c535wd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c535wr_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c542wd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-c545wd_firmware:*:*:*:*:*:*:*:* |
|
| sharp | mx-c304wh_firmware |
Affected:
0 , ≤ 520
(custom)
cpe:2.3:o:sharp:mx-c303_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c303w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c303wh_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c304_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c304w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-c304wh_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-70m90_firmware |
Affected:
0 , ≤ 310
(custom)
cpe:2.3:o:sharp:bp-70m75_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m90_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-70m65_firmware |
Affected:
0 , ≤ 320
(custom)
cpe:2.3:o:sharp:bp-50m26_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m50_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-50m55_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m36_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m45_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m55_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-70m65_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m1206_firmware |
Affected:
0 , ≤ 200
(custom)
cpe:2.3:o:sharp:mx-m1056_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m1206_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m7570_firmware |
Affected:
0 , ≤ 456
(custom)
cpe:2.3:o:sharp:mx-m6570_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m7570_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m6071s_firmware |
Affected:
0 , ≤ 413
(custom)
cpe:2.3:o:sharp:mx-m5051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m2651_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3551_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3571_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3571s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m5071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m5071s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6051_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6071_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6071s_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-30m35t_firmware |
Affected:
0 , ≤ 220
(custom)
cpe:2.3:o:sharp:bp-30m28_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m28t_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m31_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m31t_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m35_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-30m35t_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-b476wh_firmware |
Affected:
0 , ≤ 413
(custom)
cpe:2.3:o:sharp:mx-b356w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b356wh_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b376w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b376wh_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b456w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b456wh_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b476w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b476wh_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m905_firmware |
Affected:
0 , ≤ 612
(custom)
cpe:2.3:o:sharp:mx-m905_firmware:-:*:*:*:*:*:*:* |
|
| sharp | mx-m6070_firmware |
Affected:
0 , ≤ 503
(custom)
cpe:2.3:o:sharp:mx-m3550_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m2630_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m2630_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3050_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3050_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3070_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3070_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m3570_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4050_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4070_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m4070_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m5050_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m5070_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6050_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6070_a_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-m6070_firmware:-:*:*:*:*:*:*:* |
|
| sharp | bp-b550wd_firmware |
Affected:
0 , ≤ 260
(custom)
cpe:2.3:o:sharp:bp-b537wr_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-b540wr_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-b547wd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sharp:bp-b550wd_firmware:*:*:*:*:*:*:*:* |
|
| sharp | mx-b455wz_firmware |
Affected:
0 , ≤ 404
(custom)
cpe:2.3:o:sharp:mx-b355w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b355wt_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b355wz_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b455w_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b455wt_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sharp:mx-b455wz_firmware:-:*:*:*:*:*:*:* |
|
| toshibatec | e-studio-908_firmware |
Affected:
0 , ≤ t2.12.h3.00
(custom)
cpe:2.3:o:toshibatec:e-studio-908_firmware:*:*:*:*:*:*:*:* |
|
| toshibatec | e-studio-1058_firmware |
Affected:
0 , ≤ t1.01.h4.00
(custom)
cpe:2.3:o:toshibatec:e-studio-1058_firmware:*:*:*:*:*:*:*:* |
|
| toshibatec | e-studio-1208_firmware |
Affected:
0 , ≤ t1.01.h4.00
(custom)
cpe:2.3:o:toshibatec:e-studio-1208_firmware:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sharp:bp-90c70_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-90c80_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-90c80_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "210",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-50c26_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c55_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50c65_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-55c26_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-60c31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-60c36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-60c45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c55_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70c65_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-70c65_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "320",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-7081_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-8081_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-8081_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "160",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-2651_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3061_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3061s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3561_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3561s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3571_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3571s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4061_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4061s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6071s_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-6071s_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "613",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-30c25t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30c25y_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30c25z_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30c25_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-30c25_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "130",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-6580n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-7580n_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-7580n_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "503",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-7090n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-8090n_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-8090n_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "405",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-2630n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3050n_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3050n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3050v_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3050v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3550n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3550v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4050n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4050v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5050n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5050v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6050n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6050v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3060n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3060v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3070n_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3070n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3070v_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3070v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3560n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3560v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3570n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-3570v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4060n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4060v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4070n_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4070n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4070v_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-4070v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5070n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-5070v_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6070n_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6070n_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6070v_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-6070v_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-6070v_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "802",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-c533wd_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c533wr_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c535wd_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c535wr_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c542wd_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-c545wd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-c545wd_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "262",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-c303_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c303w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c303wh_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c304_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c304w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-c304wh_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-c304wh_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "520",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-70m75_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m90_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-70m90_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "310",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-50m26_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m50_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-50m55_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m36_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m45_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m55_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-70m65_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-70m65_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "320",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m1056_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m1206_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m1206_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "200",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m6570_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m7570_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m7570_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "456",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m5051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m2651_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3571_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3571s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m5071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m5071s_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6071_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6071s_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m6071s_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "413",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-30m28_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m28t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m31_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m31t_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m35_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-30m35t_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-30m35t_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "220",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-b356w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b356wh_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b376w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b376wh_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b456w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b456wh_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b476w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b476wh_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-b476wh_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "413",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m905_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m905_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "612",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-m3550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m2630_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m2630_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3050_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3070_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m3570_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4070_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m4070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m5050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m5070_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6070_a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-m6070_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-m6070_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "503",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:bp-b537wr_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-b540wr_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-b547wd_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:bp-b550wd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bp-b550wd_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "260",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sharp:mx-b355w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b355wt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b355wz_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b455w_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b455wt_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:sharp:mx-b455wz_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mx-b455wz_firmware",
"vendor": "sharp",
"versions": [
{
"lessThanOrEqual": "404",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:toshibatec:e-studio-908_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-908_firmware",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "t2.12.h3.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:toshibatec:e-studio-1058_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-1058_firmware",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "t1.01.h4.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:toshibatec:e-studio-1208_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "e-studio-1208_firmware",
"vendor": "toshibatec",
"versions": [
{
"lessThanOrEqual": "t1.01.h4.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43424",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T14:18:09.827242Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T17:16:12.736Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sharp Digital Full-color MFPs and Monochrome MFPs",
"vendor": "Sharp Corporation",
"versions": [
{
"status": "affected",
"version": "see the information provided by Sharp Corporation"
}
]
},
{
"product": "e-STUDIO 908",
"vendor": "Toshiba Tec Corporation",
"versions": [
{
"status": "affected",
"version": "T2.12.h3.00 and earlier versions"
}
]
},
{
"product": "e-STUDIO 1058",
"vendor": "Toshiba Tec Corporation",
"versions": [
{
"status": "affected",
"version": "T1.01.h4.00 and earlier versions"
}
]
},
{
"product": "e-STUDIO 1208",
"vendor": "Toshiba Tec Corporation",
"versions": [
{
"status": "affected",
"version": "T1.01.h4.00 and earlier versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability.\r\nCrafted HTTP requests may cause affected products crashed."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds read",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T09:01:48.353Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU95063136/"
},
{
"url": "https://global.sharp/products/copier/info/info_security_2024-10.html"
},
{
"url": "https://www.toshibatec.com/information/20241025_01.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-43424",
"datePublished": "2024-10-25T06:18:10.875Z",
"dateReserved": "2024-10-16T05:26:45.607Z",
"dateUpdated": "2024-10-25T17:16:12.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-5
Phase: Implementation
Strategy: Input Validation
Description:
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
- To reduce the likelihood of introducing an out-of-bounds read, ensure that you validate and ensure correct calculations for any length argument, buffer size calculation, or offset. Be especially careful of relying on a sentinel (i.e. special character such as NUL) in untrusted inputs.
Mitigation
Phase: Architecture and Design
Strategy: Language Selection
Description:
- Use a language that provides appropriate memory abstractions.
CAPEC-540: Overread Buffers
An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.