Shodan
Vulnerabilities
Vulnerable Software
Linecorp:  Security Vulnerabilities
CVE-2023-39734
The leakage of the client secret in VISION MEAT WORKS TrackDiner10/10_mc Line v13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.
CVSS Score
8.2
EPSS Score
0.004
Published
2023-10-25
CVE-2023-39735
The leakage of the client secret in Uomasa_Saiji_news Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.
CVSS Score
8.2
EPSS Score
0.002
Published
2023-10-25
CVE-2023-39736
The leakage of the client secret in Fukunaga_memberscard Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.
CVSS Score
8.2
EPSS Score
0.002
Published
2023-10-25
CVE-2023-39737
The leakage of the client secret in Matsuya Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.
CVSS Score
8.2
EPSS Score
0.002
Published
2023-10-25
CVE-2023-39739
The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.
CVSS Score
8.2
EPSS Score
0.002
Published
2023-10-25
CVE-2023-39740
The leakage of the client secret in Onigiriya-musubee Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.
CVSS Score
8.2
EPSS Score
0.002
Published
2023-10-25
CVE-2023-5554
Lack of TLS certificate verification in log transmission of a financial module within LINE Client for iOS prior to 13.16.0.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-10-12
CVE-2023-44487
Known exploited
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVSS Score
7.5
EPSS Score
0.944
Published
2023-10-10
CVE-2023-43297
An issue in animal-art-lab v13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-02
CVE-2023-38493
Armeria is a microservice framework Spring supports Matrix variables. When Spring integration is used, Armeria calls Spring controllers via `TomcatService` or `JettyService` with the path that may contain matrix variables. Prior to version 1.24.3, the Armeria decorators might not invoked because of the matrix variables. If an attacker sends a specially crafted request, the request may bypass the authorizer. Version 1.24.3 contains a patch for this issue.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-07-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved