Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-49850

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00693EPSS
Exploits1References1
OSV
OSV
added 2024/01/26 7:15 a.m.4 views

CVE-2023-48133

An issue in angel coffee mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

5.4CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2024/01/26 7:15 a.m.14 views

Code injection

An issue in kosei entertainment esportsstudioLegends mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

5.5CVSS7.1AI score0.00359EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/01/26 12:0 a.m.48 views

CVE-2023-48129

The CVE-2023-48129 entry describes a flaw in the kimono-oldnew mini-app used by Line (Line v13.6.1) where leakage of the channel access token can be exploited to send crafted malicious notifications. Public documents cite the affected component (kimono-oldnew mini-app) and the token leakage as th...

5.4CVSS5.5AI score0.00359EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/01/26 12:0 a.m.43 views

CVE-2023-48131

CHIGASAKI BAKERY mini-app on Line v13.6.1 has a vulnerability where leakage of the channel access token enables attackers to send crafted malicious notifications. Documents consistently describe the issue as an access-token leakage affecting the Line integration’s CHIGASAKI BAKERY component, allo...

5.4CVSS5.5AI score0.00359EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.6 views

PT-2024-13544 · Line · Line

Name of the Vulnerable Software and Affected Versions: Line version 13.6.1 Description: An issue in the UNITED BOXING GYM mini-app allows attackers to send crafted malicious notifications via leakage of the channel access token. This leakage enables attackers to exploit the system. Recommendation...

5.4CVSS5.3AI score0.00359EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.7 views

PT-2024-13549 · Line · Line

Name of the Vulnerable Software and Affected Versions: Line version 13.6.1 Description: An issue in the angel coffee mini-app allows attackers to send crafted malicious notifications via leakage of the channel access token. This leakage enables attackers to exploit the system. Recommendations: Fo...

5.4CVSS5.3AI score0.00359EPSS
Exploits1References4
OSV
OSV
added 2024/01/03 3:15 p.m.3 views

CVE-2023-45559

An issue in Tamakihamanoki Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token...

8.2CVSS7.3AI score0.00495EPSS
Exploits1References2
Prion
Prion
added 2024/01/02 9:15 p.m.18 views

Design/Logic Flaw

An issue in A-WORLD OIRASE BEERwaiting Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token...

5CVSS7.1AI score0.00376EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/02 12:0 a.m.4 views

CVE-2023-45561

An issue in A-WORLD OIRASE BEERwaiting Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token...

5.2AI score0.00376EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/07 12:0 a.m.21 views

CVE-2023-43300

An issue in urbanproject mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

8.3AI score0.0053EPSS
Exploits0References1
CVE
CVE
added 2023/12/07 12:0 a.m.51 views

CVE-2023-43298

The CVE affects Line’s SCOL Members Card mini-app on v13.6.1. The root problem is leakage of the channel access token, which enables attackers to send crafted malicious notifications. Affects the mini-app’s ability to authenticate/authorize token usage; impacts confidentiality/integrity per the c...

5.3CVSS5.2AI score0.00508EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/11/14 3:15 a.m.11 views

Design/Logic Flaw

An issue in Golden v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token...

5CVSS7AI score0.00693EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/11/14 12:0 a.m.11 views

CVE-2023-45560

An issue in Yasukawa memberscard v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token...

7.7AI score0.00693EPSS
Exploits1References1
OSV
OSV
added 2022/05/10 8:15 p.m.3 views

DEBIAN-CVE-2022-20011

In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References1
OSV
OSV
added 2022/05/10 8:15 p.m.2 views

UBUNTU-CVE-2022-20011

In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS5.9AI score0.00126EPSS
Exploits0References4
Hacker One
Hacker One
added 2014/08/29 6:8 p.m.16 views

HackerOne: Notification of previous signed out user leakage.

This is a very minor issue in my eye.But I would like to report,as hackerone itself is very cautious about its own security. Steps to reproduce 1. I logged on to hackerone with my team @movielee id.I saw that there were 6 notifications pending.I didnot checked those and logged out. 2. I logged in...

0.9AI score
Exploits0
Rows per page
Query Builder