19 matches found
EUVD-2014-5786
Malware in sbrugna...
EUVD-2018-13498
Malware in sbrugna...
CVE-2018-20960
Nespresso Prodigio devices lack Bluetooth connection security...
Malicious code in nespresso-design-system (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e4df4d16cd100a965fef42c58150e9688849a5acfa8de2f809b3ed66f5ef9f29 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Nespresso Domain Hijacked in Phishing Attack Targeting Microsoft Logins
By Waqas Coffee with Double Brew of Trouble! This is a post from HackRead.com Read the original post: Nespresso Domain Hijacked in Phishing Attack Targeting Microsoft Logins...
Malicious code in nespresso-bi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ecb1d1aad101d1cf5bdd8986e77fa20c75f039412cec1ebe03442f8fec9f939 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-1203 Malicious code in nespresso-bi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ecb1d1aad101d1cf5bdd8986e77fa20c75f039412cec1ebe03442f8fec9f939 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Nespresso smart cards can be exploited for unlimited coffee
By Habiba Rashid Let us imagine that your Nespresso smart card had no limit to how much coffee you can buy with it. A little too convenient, isn’t it? This is a post from HackRead.com Read the original post: Nespresso smart cards can be exploited for unlimited coffee...
Nespresso Smart Cards Brewed with Weak Security
Researchers have demonstrated how to outsmart Nespresso Pro machines that use certain smart cards, hacking them to dispense coffee on-demand. Nespresso produces a range of coffees and machines for personal and professional use. Some of the commercial machines accept Mifare Classic stored-value...
Unspecified Vulnerability in Nestle Nespresso Prodigio
The Nestle Nespresso Prodigio is a smart coffee maker from the Swiss company Nestle. A security vulnerability exists in the Nestle Nespresso Prodigio device. An attacker can exploit the vulnerability to connect to the device via Bluetooth...
CVE-2018-20960
Nespresso Prodigio devices lack Bluetooth connection security...
Code injection
Nespresso Prodigio devices lack Bluetooth connection security...
CVE-2018-20960
Nespresso Prodigio devices lack Bluetooth connection security...
CVE-2018-20960
CVE-2018-20960 affects Nestle Nespresso Prodigio smart coffee makers, where Bluetooth connection security is lacking. Multiple connected documents describe an attacker potentially connecting to the device over Bluetooth due to unprotected pairing/authentication, enabling unauthorized access that ...
Nespresso - Customized SSL, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Nespresso published at the 'play' market has multiple vulnerabilities...
CVE-2014-5899
The Nespresso aka com.nespresso.activities application 2.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The Nespresso aka com.nespresso.activities application 2.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5899
The CVE-2014-5899 entry concerns the Nespresso Android app (com.nespresso.activities) version 2.4.1. The root cause is that the app does not verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and obtain sensitive information via crafted certificates....
CVE-2014-5899
The Nespresso aka com.nespresso.activities application 2.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...