Shodan
Vulnerabilities
Vulnerable Software
Naver:  Security Vulnerabilities
CVE-2021-33591
An exposed remote debugging port in Naver Comic Viewer prior to 1.0.15.0 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.009
Published
2021-05-28
CVE-2020-9753
Whale Browser Installer before 1.2.0.5 versions don't support signature verification for Flash installer.
CVSS Score
9.1
EPSS Score
0.002
Published
2020-05-20
CVE-2020-9752
Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-03-23
CVE-2020-9751
Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker's server and execute it during the upgrade.
CVSS Score
9.1
EPSS Score
0.001
Published
2020-03-03
CVE-2019-13157
nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-11-22
CVE-2019-13156
NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-09-03
CVE-2016-5060
Multiple cross-site scripting (XSS) vulnerabilities in nGrinder before 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) description, (2) email, or (3) username parameter to user/save.
CVSS Score
6.1
EPSS Score
0.005
Published
2016-12-13
CVE-2014-6980
The LINE PLAY (aka jp.naver.lineplay.android) application 2.3.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVSS Score
5.4
EPSS Score
0.0
Published
2014-10-16
CVE-2012-5182
The Loctouch application 3.4.6 and earlier for Android does not properly handle implicit intents, which allows attackers to obtain sensitive information about logged locations via a crafted application.
CVSS Score
4.3
EPSS Score
0.003
Published
2012-12-26
CVE-2012-5183
The Loctouch application 3.4.6 and earlier for Android allows attackers to obtain sensitive information about logged locations via a crafted application that leverages read permission for system log files.
CVSS Score
2.6
EPSS Score
0.003
Published
2012-12-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved