Vulnerabilities > Naver
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-27 | CVE-2023-25632 | Unspecified vulnerability in Naver Whale Browser The Android Mobile Whale browser app before 3.0.1.2 allows the attacker to bypass its browser unlock function via 'Open in Whale' feature. | 5.5 |
| 2022-06-13 | CVE-2022-24077 | Uncontrolled Search Path Element vulnerability in Naver Cloud Explorer Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection. | 7.8 |
| 2021-07-19 | CVE-2021-33592 | Unspecified vulnerability in Naver Toolbar NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arbitrary code via a crafted upgrade.xml file. | 9.8 |
| 2021-05-28 | CVE-2021-33591 | Unspecified vulnerability in Naver Comic Viewer An exposed remote debugging port in Naver Comic Viewer prior to 1.0.15.0 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 8.8 |
| 2020-05-20 | CVE-2020-9753 | Improper Verification of Cryptographic Signature vulnerability in Naver Whale Browser Installer Whale Browser Installer before 1.2.0.5 versions don't support signature verification for Flash installer. | 9.1 |
| 2020-03-23 | CVE-2020-9752 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Naver Cloud Explorer Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe. | 9.8 |
| 2020-03-03 | CVE-2020-9751 | Download of Code Without Integrity Check vulnerability in Naver Cloud Explorer Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker's server and execute it during the upgrade. | 9.1 |
| 2019-11-22 | CVE-2019-13157 | Path Traversal vulnerability in Naver Vaccine 2.1.4 nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive. | 7.5 |
| 2019-09-03 | CVE-2019-13156 | Out-of-bounds Write vulnerability in Naver Cloud Explorer NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle. | 7.5 |
| 2016-12-13 | CVE-2016-5060 | Cross-site Scripting vulnerability in Naver Ngrinder Multiple cross-site scripting (XSS) vulnerabilities in nGrinder before 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) description, (2) email, or (3) username parameter to user/save. | 6.1 |