Vulnerabilities (CVE)

Filtered by vendor Naver Subscribe
Total 14 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-25632 1 Naver 1 Whale Browser 2024-11-21 N/A 5.5 MEDIUM
The Android Mobile Whale browser app before 3.0.1.2 allows the attacker to bypass its browser unlock function via 'Open in Whale' feature.
CVE-2022-24077 1 Naver 1 Cloud Explorer 2024-11-21 6.9 MEDIUM 7.8 HIGH
Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection.
CVE-2021-33592 1 Naver 1 Toolbar 2024-11-21 7.5 HIGH 9.8 CRITICAL
NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arbitrary code via a crafted upgrade.xml file. Special characters in filename parameter can be the cause of bypassing code signing check function.
CVE-2021-33591 1 Naver 1 Comic Viewer 2024-11-21 6.8 MEDIUM 8.8 HIGH
An exposed remote debugging port in Naver Comic Viewer prior to 1.0.15.0 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2020-9753 1 Naver 1 Whale Browser Installer 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Whale Browser Installer before 1.2.0.5 versions don't support signature verification for Flash installer.
CVE-2020-9752 1 Naver 1 Cloud Explorer 2024-11-21 7.5 HIGH 9.8 CRITICAL
Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe.
CVE-2020-9751 1 Naver 1 Cloud Explorer 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker's server and execute it during the upgrade.
CVE-2019-13157 1 Naver 1 Vaccine 2024-11-21 6.4 MEDIUM 7.5 HIGH
nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive.
CVE-2019-13156 1 Naver 1 Cloud Explorer 2024-11-21 5.0 MEDIUM 7.5 HIGH
NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle.
CVE-2016-5060 1 Naver 1 Ngrinder 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in nGrinder before 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) description, (2) email, or (3) username parameter to user/save.
CVE-2014-6980 1 Naver 1 Line Play 2024-11-21 5.4 MEDIUM N/A
The LINE PLAY (aka jp.naver.lineplay.android) application 2.3.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2012-5183 1 Naver 1 Loctouch 2024-11-21 2.6 LOW N/A
The Loctouch application 3.4.6 and earlier for Android allows attackers to obtain sensitive information about logged locations via a crafted application that leverages read permission for system log files.
CVE-2012-5182 1 Naver 1 Loctouch 2024-11-21 4.3 MEDIUM N/A
The Loctouch application 3.4.6 and earlier for Android does not properly handle implicit intents, which allows attackers to obtain sensitive information about logged locations via a crafted application.
CVE-2012-4005 1 Naver 1 Nhn Japan Naver Line 2024-11-21 5.0 MEDIUM N/A
The NHN Japan NAVER LINE application before 2.5.5 for Android does not properly handle implicit intents, which allows remote attackers to obtain sensitive message information via a crafted application.