CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/01/09 12:40 p.m.•5 views

CVE-2023-43300

An issue in urbanproject mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

8.2CVSS6.9AI score0.00272EPSS

EUVD•added 2025/12/15 6:45 a.m.•2 views

EUVD-2025-203346

LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app browser's user interface, which could create confusion about the trust context of displayed pages or interactive elements under specific conditions...

3.1CVSS6AI score0.00025EPSS

CVE•added 2025/12/15 6:41 a.m.•4 views

CVE-2025-14021

CVE-2025-14021 concerns the LINE client for iOS (pre-14.14). The in‑app browser is vulnerable to address bar spoofing, allowing an attacker to render trusted URLs while executing malicious JavaScript in iframes, enabling phishing via overlayed content. The CVSS 3.1 base score is 4.3 (Medium); att...

4.3CVSS6.5AI score0.00025EPSS

Exploits0References1Affected Software1

EUVD•added 2025/12/15 6:41 a.m.•1 views

EUVD-2025-203345

The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoofing, which could allow attackers to execute malicious JavaScript within iframes while displaying trusted URLs, enabling phishing attacks through overlaid malicious content...

4.3CVSS6.4AI score0.00025EPSS

Positive Technologies•added 2025/12/15 12:0 a.m.•2 views

PT-2025-51207

Name of the Vulnerable Software and Affected Versions LINE client for iOS versions prior to 15.19 Description The LINE client for iOS is susceptible to a UI spoofing issue stemming from inconsistencies between the application's navigation state and the user interface of the in-app browser. This...

4.3CVSS6.3AI score0.00025EPSS

Exploits0References7

EUVD•added 2025/10/30 6:31 p.m.•3 views

EUVD-2025-37029

2nd Line Android App version v1.2.92 and before package name com.mysecondline.app, developed by AutoBizLine, Inc., contains an improper access control vulnerability in its authentication mechanism. The server only validates the first character of the usertoken, enabling attackers to brute force...

7.5CVSS6.4AI score0.00062EPSS

Positive Technologies•added 2025/10/30 12:0 a.m.•2 views

PT-2025-44424

Name of the Vulnerable Software and Affected Versions 2nd Line Android App versions v1.2.92 and earlier Description The 2nd Line Android App has an issue with how it controls access during authentication. The server only checks the first character of the user token, which allows attackers to gues...

7.5CVSS6.3AI score0.00062EPSS

Exploits0References3

Cvelist•added 2025/10/30 12:0 a.m.•4 views

CVE-2025-61114

0.00062EPSS

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-48347

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00084EPSS

CNNVD•added 2025/07/14 12:0 a.m.•1 views

Time Line 代码问题漏洞

Time Line is a timeline application from the Time Line Official individual developer. A code issue vulnerability exists in Time Line that stems from insufficient file upload validation, which could result in a malicious file upload or denial of service...

4.3CVSS6.9AI score0.00466EPSS

OSV•added 2024/01/26 8:15 a.m.•1 views

CVE-2023-48129

An issue in kimono-oldnew mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

5.4CVSS5.8AI score

Vulnrichment•added 2024/01/26 12:0 a.m.•1 views

CVE-2023-48132

An issue in kosei entertainment esportsstudioLegends mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

5.4AI score0.00167EPSS

Cvelist•added 2024/01/26 12:0 a.m.•9 views

CVE-2023-48127

An issue in myGAKUYA mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

5.7AI score0.00176EPSS

NVD•added 2024/01/24 10:15 a.m.•8 views

CVE-2023-43991

An issue in PRIMA CLINIC mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

5.4CVSS5.5AI score0.0008EPSS

NVD•added 2023/10/31 10:15 a.m.•11 views

CVE-2015-0897

LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM man-in-the-middle attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM man-in-the-middle attacker...

5.9CVSS5.5AI score0.00115EPSS

Cvelist•added 2023/10/31 9:28 a.m.•10 views

CVE-2015-0897

5.4AI score0.00115EPSS