Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/06/23 8:40 a.m.5 views

CVE-2025-5820

Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS7.1AI score0.00306EPSS
Exploits0References1
NVD
NVD
added 2025/06/21 1:15 a.m.13 views

CVE-2025-5820

Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS0.00306EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/21 12:9 a.m.4 views

CVE-2025-5820 Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability

Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

6.3CVSS6.4AI score0.00306EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/12/05 3:58 p.m.6 views

This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges

As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan RAT called DroidBot. "DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities,...

7.5AI score
Exploits0
Veracode
Veracode
added 2021/05/27 6:4 a.m.17 views

Insecure Certificate Validation

github.com/pion/webrtc is using an insecure certificate validation. A failed DTLS certificate verification does not fail data channel communication during PeerConnection handshake. The attack requires the attacker to have knowledge of the ICE password...

5.3CVSS2.1AI score0.00677EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2021/05/25 6:42 p.m.24 views

GHSA-74XM-QJ29-CQ8P In github.com/pion/webrtc, failed DTLS certificate verification doesn't stop data channel communication

Impact Data channel communication was incorrectly allowed with users who have failed DTLS certificate verification. This attack requires Attacker knows the ICE password. Only take place during PeerConnection handshake. This attack can be detected by monitoring PeerConnectionState in all versions ...

5.3CVSS5.1AI score0.00677EPSS
Exploits1References7
Rows per page
Query Builder