122 matches found
Weblate command-line client susceptible to SSL verification skip
Impact The SSL verification would be skipped for some crafted URLs. Patches https://github.com/WeblateOrg/wlc/pull/1097 Workarounds Avoid using untrusted wlc configurations, as that might cause insecure connections. References This issue was reported to us by wh1zee via HackerOne...
PT-2026-2288
Name of the Vulnerable Software and Affected Versions Weblate versions prior to 1.17.0 Description The Weblate command-line client, wlc, which utilizes Weblate's REST API, had a flaw where SSL verification was bypassed for specific, manipulated URLs. This could potentially allow for...
CVE-2025-14019
LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks...
CVE-2025-14021
The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoofing, which could allow attackers to execute malicious JavaScript within iframes while displaying trusted URLs, enabling phishing attacks through overlaid malicious content...
CVE-2025-14023
LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app browser's user interface, which could create confusion about the trust context of displayed pages or interactive elements under specific conditions...
CVE-2025-14022
LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application's network processing, causing server certificate verification to be disabled for a significant portion of netwo...
CVE-2025-14020
LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security Toast notification is not properly re-displayed when users return from another application, potentially allowing attackers to conduct phishing attacks by...
CVE-2025-14019
LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks...
CVE-2025-14022
LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application's network processing, causing server certificate verification to be disabled for a significant portion of netwo...
CVE-2025-14022
Summary : CVE-2025-14022 affects the LINE client for iOS prior to 15.4. The root cause is improper SSL/TLS certificate validation in an integrated financial SDK, which interfered with network processing and disabled server certificate verification for a significant portion of traffic. This can al...
EUVD-2025-203347
LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application's network processing, causing server certificate verification to be disabled for a significant portion of netwo...
CVE-2025-14019
LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks...
CVE-2025-14019
CVE-2025-14019 concerns the LINE Android client (versions 13.8–15.5). The in-app browser UI can be spoofed via a specific layout, potentially obscuring a full-screen warning prompt and enabling phishing via UI spoofing. Public sources in the provided documents describe the affected product and ge...
CVE-2025-14019
LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks...
Line Corporation Line Client For Ios 安全漏洞
Line Corporation Line Client For Ios is a communication application from Line Corporation, Japan. A security vulnerability exists in Line Corporation Line Client For Ios versions prior to 15.4, which stems from improper validation of SSL/TLS certificates and could lead to a man-in-the-middle atta...
PT-2025-51203
LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks...
Line Corporation Line Client For Ios 安全漏洞
Line Corporation Line Client For Ios is a communication application from Line Corporation, Japan. A security vulnerability exists in Line Corporation Line Client For Ios prior to version 14.14, which originates from in-app browser address bar spoofing and may lead to phishing attacks...
EUVD-2021-22835
Malware in sbrugna...
EUVD-2014-0104
Malware in sbrugna...
EUVD-2021-22834
Malware in sbrugna...