N-LINE
Products
1- 15 CVEs
Recent CVEs
15| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-4831 | Hig | 0.51 | 7.8 | 0.00 | Jul 12, 2016 | Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 and earlier on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | ||
| CVE-2021-36214 | Med | 0.40 | 6.1 | 0.00 | Jul 13, 2021 | LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView. | ||
| CVE-2016-1156 | Med | 0.37 | 5.7 | 0.00 | Feb 19, 2016 | LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service (application crash) via a crafted post that is mishandled when displaying a Timeline. | ||
| CVE-2024-47158 | 0.00 | — | 0.00 | Oct 25, 2024 | N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is exploited, arbitrary code may be executed on the instructor's browser, or the instructor may be directed to a malicious website. | |||
| CVE-2024-1143 | 0.00 | — | 0.00 | Feb 2, 2024 | Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass. | |||
| CVE-2023-48129 | 0.00 | — | 0.00 | Jan 26, 2024 | An issue in kimono-oldnew mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | |||
| CVE-2023-48135 | 0.00 | — | 0.00 | Jan 26, 2024 | An issue in mimasaka_farm mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | |||
| CVE-2023-48126 | 0.00 | — | 0.00 | Jan 26, 2024 | An issue in Luxe Beauty Clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | |||
| CVE-2023-43991 | 0.00 | — | 0.00 | Jan 24, 2024 | An issue in PRIMA CLINIC mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | |||
| CVE-2023-43989 | 0.00 | — | 0.00 | Jan 24, 2024 | An issue in mokumoku chohu mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | |||
| CVE-2023-43994 | 0.00 | — | 0.00 | Jan 24, 2024 | An issue in Cleaning_makotoya mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | |||
| CVE-2023-43995 | 0.00 | — | 0.00 | Jan 24, 2024 | An issue in picot.golf mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. | |||
| CVE-2023-5554 | 0.00 | — | 0.00 | Oct 12, 2023 | Lack of TLS certificate verification in log transmission of a financial module within LINE client for iOS prior to 13.16.0. | |||
| CVE-2022-41568 | 0.00 | — | 0.00 | Nov 29, 2022 | LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat. | |||
| CVE-2013-7144 | 0.00 | — | 0.00 | Aug 16, 2014 | LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
- risk 0.51cvss 7.8epss 0.00
Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 and earlier on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
- risk 0.40cvss 6.1epss 0.00
LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView.
- risk 0.37cvss 5.7epss 0.00
LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service (application crash) via a crafted post that is mishandled when displaying a Timeline.
- CVE-2024-47158Oct 25, 2024risk 0.00cvss —epss 0.00
N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is exploited, arbitrary code may be executed on the instructor's browser, or the instructor may be directed to a malicious website.
- CVE-2024-1143Feb 2, 2024risk 0.00cvss —epss 0.00
Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass.
- CVE-2023-48129Jan 26, 2024risk 0.00cvss —epss 0.00
An issue in kimono-oldnew mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
- CVE-2023-48135Jan 26, 2024risk 0.00cvss —epss 0.00
An issue in mimasaka_farm mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
- CVE-2023-48126Jan 26, 2024risk 0.00cvss —epss 0.00
An issue in Luxe Beauty Clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
- CVE-2023-43991Jan 24, 2024risk 0.00cvss —epss 0.00
An issue in PRIMA CLINIC mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
- CVE-2023-43989Jan 24, 2024risk 0.00cvss —epss 0.00
An issue in mokumoku chohu mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
- CVE-2023-43994Jan 24, 2024risk 0.00cvss —epss 0.00
An issue in Cleaning_makotoya mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
- CVE-2023-43995Jan 24, 2024risk 0.00cvss —epss 0.00
An issue in picot.golf mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
- CVE-2023-5554Oct 12, 2023risk 0.00cvss —epss 0.00
Lack of TLS certificate verification in log transmission of a financial module within LINE client for iOS prior to 13.16.0.
- CVE-2022-41568Nov 29, 2022risk 0.00cvss —epss 0.00
LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat.
- CVE-2013-7144Aug 16, 2014risk 0.00cvss —epss 0.00
LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.