Vulnerabilities > Origin Validation Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-15 | CVE-2024-10534 | Origin Validation Error vulnerability in Dataprom Personnel Attendance Control Systems / Access Control Security Systems Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS) allows Traffic Injection.This issue affects Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS): before 2024. | 9.8 |
| 2024-10-29 | CVE-2024-6674 | Origin Validation Error vulnerability in Lollms web UI A CORS misconfiguration in parisneo/lollms-webui prior to version 10 allows attackers to steal sensitive information such as logs, browser sessions, and settings containing private API keys from other services. | 7.1 |
| 2024-09-17 | CVE-2024-44187 | Origin Validation Error vulnerability in Apple products A cross-origin issue existed with "iframe" elements. | 6.5 |
| 2024-08-12 | CVE-2024-41475 | Origin Validation Error vulnerability in SIR Gnuboard 6.0.7 Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS misconfiguration. | 8.8 |
| 2024-08-06 | CVE-2024-23458 | Origin Validation Error vulnerability in Zscaler Client Connector While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. | 7.8 |
| 2024-08-01 | CVE-2024-41926 | Origin Validation Error vulnerability in Mattermost Server Mattermost versions 9.9.x <= 9.9.0 and 9.5.x <= 9.5.6 fail to validate the source of sync messages and only allow the correct remote IDs, which allows a malicious remote to set arbitrary RemoteId values for synced users and therefore claim that a user was synced from another remote. | 4.3 |
| 2024-07-29 | CVE-2024-41143 | Origin Validation Error vulnerability in Skygroup Skysea Client View Origin validation error vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. | 7.8 |
| 2024-07-01 | CVE-2024-36421 | Origin Validation Error vulnerability in Flowiseai Flowise 1.4.3 Flowise is a drag & drop user interface to build a customized large language model flow. | 7.5 |
| 2024-06-25 | CVE-2024-6301 | Origin Validation Error vulnerability in Conduit Lack of validation of origin in federation API in Conduit, allowing any remote server to impersonate any user from any server in most EDUs | 7.5 |
| 2024-06-10 | CVE-2024-36303 | Origin Validation Error vulnerability in Trendmicro Apex ONE An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2024-36302. | 7.8 |