Lucene search
+L

5 matches found

ThreatPost
ThreatPost
added 2019/10/28 2:17 p.m.12 views

Magecart Gang Targets Skin Care Site Visitors For 5+ Months

The website of popular skin care brand First Aid Beauty has been hacked by the infamous Magecart group, which embedded digital card skimmers on the site to steal visitors’ payment-card information. The skimmers were undetected on the website for more than five months. First Aid Beauty is an...

7.4AI score
Exploits0References16
NVD
NVD
added 2018/01/08 8:29 a.m.15 views

CVE-2018-5298

In the Procter & Gamble "Oral-B App" aka com.pg.oralb.oralbapp application 5.0.0 for Android, AES encryption with static parameters is used to secure the locally stored shared preferences. An attacker can gain access to locally stored user data more easily by leveraging access to the preferences...

7.5CVSS7.5AI score0.00411EPSS
Exploits0References1
Prion
Prion
added 2018/01/08 8:29 a.m.13 views

Design/Logic Flaw

In the Procter & Gamble "Oral-B App" aka com.pg.oralb.oralbapp application 5.0.0 for Android, AES encryption with static parameters is used to secure the locally stored shared preferences. An attacker can gain access to locally stored user data more easily by leveraging access to the preferences...

5CVSS7.6AI score0.00411EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/01/08 8:0 a.m.21 views

CVE-2018-5298

In the Procter & Gamble "Oral-B App" aka com.pg.oralb.oralbapp application 5.0.0 for Android, AES encryption with static parameters is used to secure the locally stored shared preferences. An attacker can gain access to locally stored user data more easily by leveraging access to the preferences...

7.6AI score0.00411EPSS
Exploits0References1
CVE
CVE
added 2018/01/08 8:0 a.m.38 views

CVE-2018-5298

The CVE-2018-5298 entry concerns the Procter & Gamble Oral-B App for Android (com.pg.oralb.oralbapp) v5.0.0, where AES is used with static parameters to protect locally stored shared preferences. The underlying issue is insecure key/parameter handling, enabling an attacker who can access the pref...

7.5CVSS7.5AI score0.00411EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder