16 matches found
EUVD-2014-5770
Malware in sbrugna...
EUVD-2023-38802
Malicious code in bioql PyPI...
CVE-2023-34761
An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message Cup, Hello Cup 1.3.1 for Android, and bypass the application's client-side chat censor filter...
Authentication flaw
An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message Cup, Hello Cup 1.3.1 for Android, and bypass the application's client-side chat censor filter...
CVE-2023-34761
An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message Cup, Hello Cup 1.3.1 for Android, and bypass the application's client-side chat censor filter...
CVE-2023-34761
An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message Cup, Hello Cup 1.3.1 for Android, and bypass the application's client-side chat censor filter...
CVE-2023-34761
CVE-2023-34761 describes an unauthenticated BLE proximity attack affecting the 7-Eleven LED Message Cup (and Hello Cup 1.3.1 for Android). An attacker in Bluetooth range can remotely connect and bypass the app’s client-side chat censorship filter. Affected components include the Hello Cup/LED Cup...
7-eleven.com.ph Cross Site Scripting vulnerability OBB-3472401
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
This Week in Security News – October 15, 2021
Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more...
This Week in Security News – October 15, 2021
Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more...
7-eleven.com.ph XSS vulnerability
Vulnerable URL: http://www.7-eleven.com.ph/franchise.php?title=%22%3E%3Cimg%20src=x%20onerror=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 09:19 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...
CVE-2014-5883
The 7-ELEVEN aka ecowork.seven application 2.08.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Design/Logic Flaw
The 7-ELEVEN aka ecowork.seven application 2.08.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5883
The 7-ELEVEN aka ecowork.seven application 2.08.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5883
The CVE-2014-5883 entry concerns the 7-ELEVEN Android app version 2.08.000 that does not verify X.509 certificates from SSL servers. Root cause: missing certificate verification enables MITM attackers to spoof servers and access sensitive information via crafted certificates. Documented impact is...
TJX Hacker to Enter Guilty Plea for Heartland
Admitted TJX intruder Albert Gonzalez has entered into a plea agreement on charges that he hacked into Heartland Payment Systems, Hannaford Brothers, 7-Eleven and two other unnamed national retailers. Read the full article. Wired...