CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47369
https://notcve.org/view.php?id=CVE-2023-47369
09 Nov 2023 — The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers to send malicious notifications. La fuga del token de acceso al canal en best_training_member Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas. • https://github.com/syz913/CVE-reports/blob/main/best_training_member.md • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47370
https://notcve.org/view.php?id=CVE-2023-47370
09 Nov 2023 — The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicious notifications to victims. La fuga del token de acceso al canal en bluetrick Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas a las víctimas. • https://github.com/syz913/CVE-reports/blob/main/bluetrick.md • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47372
https://notcve.org/view.php?id=CVE-2023-47372
09 Nov 2023 — The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers to send malicious notifications to victims. La fuga del token de acceso al canal en UPDATESALON C-LOUNGE Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas a las víctimas. • https://github.com/syz913/CVE-reports/blob/main/UPDATESALON%20C-LOUNGE.md • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47373
https://notcve.org/view.php?id=CVE-2023-47373
09 Nov 2023 — The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send malicious notifications to victims. La fuga del token de acceso al canal en DRAGON FAMILY Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas a las víctimas. • https://github.com/syz913/CVE-reports/blob/main/DRAGON%20FAMILY.md • CWE-326: Inadequate Encryption Strength •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0897
https://notcve.org/view.php?id=CVE-2015-0897
31 Oct 2023 — LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker. LINE para Android versión 5.0.2 y anteriores y LINE para iOS versión 5.0.0 y anteriores son vulnerables a ataques MITM (man-in-the-middle) ya que la aplicación permite comunicaciones que no sean SSL/TLS. Como resultado, ... • http://official-blog.line.me/ja/archives/24809761.html • CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38845
https://notcve.org/view.php?id=CVE-2023-38845
25 Oct 2023 — An issue in Anglaise Company Anglaise.Company v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. Un problema en Anglaise Company Anglaise.Company v.13.6.1 permite a un atacante remoto obtener información confidencial a través de una solicitud GET manipulada. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38845.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38846
https://notcve.org/view.php?id=CVE-2023-38846
25 Oct 2023 — An issue in Marbre Lapin Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. Un problema en Marbre Lapin Line v.13.6.1 permite a un atacante remoto obtener información confidencial a través de una solicitud GET manipulada. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38846.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38847
https://notcve.org/view.php?id=CVE-2023-38847
25 Oct 2023 — An issue in CHRISTINA JAPAN Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. Un problema en CHRISTINA JAPAN Line v.13.6.1 permite a un atacante remoto obtener información confidencial a través de una solicitud GET manipulada. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38847.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38848
https://notcve.org/view.php?id=CVE-2023-38848
25 Oct 2023 — An issue in rmc R Beauty CLINIC Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. Un problema en rmc R Beauty CLINIC Line v.13.6.1 permite a un atacante remoto obtener información confidencial a través de una solicitud GET manipulada. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38848.md • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38849
https://notcve.org/view.php?id=CVE-2023-38849
25 Oct 2023 — An issue in tire-sales Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request. Un problema en Tire-Sales Line v.13.6.1 permite a un atacante remoto obtener información confidencial a través de una solicitud GET manipulada. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-38849.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •