VYPR
Vendor

LINE Corporation

Products
3
CVEs
8
Across products
8
Status
Private

Products

3

Recent CVEs

8
  • CVE-2018-0609HigJun 26, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in LINE for Windows versions before 5.8.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2016-4831HigJul 12, 2016
    risk 0.51cvss 7.8epss 0.00

    Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 and earlier on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2015-2968Oct 31, 2023
    risk 0.00cvss epss 0.00

    LINE@ for Android version 1.0.0 and LINE@ for iOS version 1.0.0 are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.

  • CVE-2015-0897Oct 31, 2023
    risk 0.00cvss epss 0.00

    LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM…

  • CVE-2022-29505Apr 27, 2022
    risk 0.00cvss epss 0.00

    Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to privilege escalation.

  • CVE-2022-22820Jan 20, 2022
    risk 0.00cvss epss 0.01

    Due to the lack of media file checks before rendering, it was possible for an attacker to cause abnormal CPU consumption for message recipient by sending specially crafted gif image in LINE for Windows before 7.4.

  • CVE-2021-36216Sep 8, 2021
    risk 0.00cvss epss 0.00

    LINE for Windows 6.2.1.2289 and before allows arbitrary code execution via malicious DLL injection.

  • CVE-2019-6010Sep 19, 2019
    risk 0.00cvss epss 0.02

    Integer overflow vulnerability in LINE(Android) from 4.4.0 to the version before 9.15.1 allows remote attackers to cause a denial of service (DoS) condition or execute arbitrary code via a specially crafted image.