122 matches found
EUVD-2022-44760
Malicious code in bioql PyPI...
EUVD-2024-46899
Malicious code in bioql PyPI...
EUVD-2023-57854
Malicious code in bioql PyPI...
EUVD-2021-28164
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-59691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or...
CVE-2025-59691
PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or system resume. In the CLI client, the VPN auto-reconnects and claims to be connected, but IPv6 traffic is no longer routed or blocked. In th...
CVE-2025-59691
CVE-2025-59691 affects PureVPN Linux clients (CLI 2.0.1 and GUI 2.10.0). The vulnerability allows IPv6 traffic to leak outside the VPN tunnel during events like Wi‑Fi reconnects or system resume, with the CLI auto-reconnect showing as connected while IPv6 isn’t routed or blocked, and the GUI leav...
CVE-2024-5739
The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS UXSS vulnerability. This vulnerability allows for cross-site scripting XSS where arbitrary JavaScript can be executed in the top frame from an embedded iframe on any displayed web site within the in-app...
CVE-2022-41568
LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat...
CVE-2021-36215
LINE client for iOS 10.21.3 and before allows address bar spoofing due to inappropriate address handling...
CVE-2021-36214
LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView...
CVE-2024-5739
The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS UXSS vulnerability. This vulnerability allows for cross-site scripting XSS where arbitrary JavaScript can be executed in the top frame from an embedded iframe on any displayed web site within the in-app...
CVE-2024-5739
The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS UXSS vulnerability. This vulnerability allows for cross-site scripting XSS where arbitrary JavaScript can be executed in the top frame from an embedded iframe on any displayed web site within the in-app...
CVE-2024-5739
The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS UXSS vulnerability. This vulnerability allows for cross-site scripting XSS where arbitrary JavaScript can be executed in the top frame from an embedded iframe on any displayed web site within the in-app...
PT-2024-37114
Name of the Vulnerable Software and Affected Versions: LINE client for iOS versions prior to 14.9.0 Description: The in-app browser of the LINE client contains a Universal XSS UXSS vulnerability, allowing for cross-site scripting XSS where arbitrary JavaScript can be executed in the top frame fro...
Line Client For Ios Security Vulnerability
Line Corporation Line Client For Ios is a communication application from Line Corporation, Japan. A security vulnerability exists in Line Client For Ios prior to version 14.9.0, which stems from the inclusion of a generic cross-site scripting XSS vulnerability that can be exploited by an attacker...
LINE client for iOS vulnerable to improper server certificate verification
Overview The financial module within LINE client for iOS lacks server certificate verification in log transmission CWE-295, CVE-2023-5554. LINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact The communication may be eavesdropped under a...
CVE-2023-5554
Lack of TLS certificate verification in log transmission of a financial module within LINE client for iOS prior to 13.16.0...
CVE-2023-5554
Lack of TLS certificate verification in log transmission of a financial module within LINE client for iOS prior to 13.16.0...
Code injection
Lack of TLS certificate verification in log transmission of a financial module within LINE Client for iOS prior to 13.16.0...