Sony: Improper State Validation on Sony WH-CH520 via BLE Command Service leads to unauthorized Bluetooth pairing and audio hijacking

A vulnerability was discovered in the firmware of the Sony WH-CH520 headset. The vulnerability allowed an unauthenticated write to a proprietary Sony command service via Bluetooth Low Energy BLE, causing the device to become discoverable and accept a standard Bluetooth Security Manager Protocol S...

CVE-2025-69425

The Ruckus vRIoT IoT Controller firmware versions prior to 3.0.0.0 GA expose a command execution service on TCP port 2004 running with root privileges. Authentication to this service relies on a hardcoded Time-based One-Time Password TOTP secret and an embedded static token. An attacker who...

Qualcomm 芯片操作系统命令注入漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and are often manufactured on the surface of semiconductor wafers. A security vulnerability exists in Qualcomm chip cmd services, which stems fr...

Haas Automation Controller 安全漏洞

Haas Automation Controller is an industrial control system from Haas Automation, USA. A security vulnerability exists in Haas Automation Controller version 100.20.000.1110, which stems from the fact that communication traffic for the Ethernet Q Command Service is transmitted in clear text, which...

CVE-2019-5468

An privilege escalation issue was discovered in Gitlab versions 12.1.2, 12.0.4, and 11.11.6 when Mattermost slash commands are used with a blocked account...

Remote and Local Vulnerabilities In WS_FTP Server

hi dear i am pejman.d ,i finded the new bug in wsftp server Vulnerable Systems : wsftp server 4,3 the bug is buffer overflow in ftp command service stop and some error step by step buffer overflow : 1- login to ftp server by any username and password 2- use the quote command for send the command ...