16 matches found
EUVD-2014-5770
Malware in sbrugna...
EUVD-2023-38802
Malicious code in bioql PyPI...
CVE-2023-34761
An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message Cup, Hello Cup 1.3.1 for Android, and bypass the application's client-side chat censor filter...
Authentication flaw
An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message Cup, Hello Cup 1.3.1 for Android, and bypass the application's client-side chat censor filter...
CVE-2023-34761
An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message Cup, Hello Cup 1.3.1 for Android, and bypass the application's client-side chat censor filter...
CVE-2023-34761
An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message Cup, Hello Cup 1.3.1 for Android, and bypass the application's client-side chat censor filter...
CVE-2023-34761
CVE-2023-34761 describes an unauthenticated BLE proximity attack affecting the 7-Eleven LED Message Cup (and Hello Cup 1.3.1 for Android). An attacker in Bluetooth range can remotely connect and bypass the app’s client-side chat censorship filter. Affected components include the Hello Cup/LED Cup...
7-eleven.com.ph Cross Site Scripting vulnerability OBB-3472401
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
This Week in Security News – October 15, 2021
Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more...
This Week in Security News – October 15, 2021
Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more...
7-eleven.com.ph XSS vulnerability
Vulnerable URL: http://www.7-eleven.com.ph/franchise.php?title=%22%3E%3Cimg%20src=x%20onerror=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 09:19 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...
CVE-2014-5883
The 7-ELEVEN aka ecowork.seven application 2.08.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Design/Logic Flaw
The 7-ELEVEN aka ecowork.seven application 2.08.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5883
The CVE-2014-5883 entry concerns the 7-ELEVEN Android app version 2.08.000 that does not verify X.509 certificates from SSL servers. Root cause: missing certificate verification enables MITM attackers to spoof servers and access sensitive information via crafted certificates. Documented impact is...
CVE-2014-5883
The 7-ELEVEN aka ecowork.seven application 2.08.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
TJX Hacker to Enter Guilty Plea for Heartland
Admitted TJX intruder Albert Gonzalez has entered into a plea agreement on charges that he hacked into Heartland Payment Systems, Hannaford Brothers, 7-Eleven and two other unnamed national retailers. Read the full article. Wired...