Latest Origin Validation Error Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2020-09-16 CVE-2020-14519 This vulnerability allows an attacker to use the internal WebSockets API for CodeMeter (All versions prior to 7.00 are affected, including Version 7.0 or newer with the affected WebSockets API still enabled. 0.0
2020-08-10 CVE-2020-15652 Origin Validation Error vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect.
4.3
2020-08-07 CVE-2020-16168 Origin Validation Error vulnerability in Robotemi Temi Firmware 20190419.165201
Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors.
4.3
2020-07-14 CVE-2020-1449 Origin Validation Error vulnerability in Microsoft 365 Apps, Office and Project 2016
A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'.
9.3
2020-07-14 CVE-2020-1408 Origin Validation Error vulnerability in Microsoft products
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'.
9.3
2020-07-14 CVE-2020-15104 Origin Validation Error vulnerability in Envoyproxy Envoy
In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when validating TLS certificates, Envoy would incorrectly allow a wildcard DNS Subject Alternative Name apply to multiple subdomains.
5.5
2020-06-19 CVE-2020-14456 Origin Validation Error vulnerability in Mattermost Desktop
An issue was discovered in Mattermost Desktop App before 4.4.0.
7.5
2020-05-22 CVE-2020-12397 Origin Validation Error vulnerability in Mozilla Thunderbird
By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays.
4.3
2020-03-24 CVE-2020-8984 Origin Validation Error vulnerability in Zend Zendto
lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta allowed IP address spoofing via the X-Forwarded-For header.
network
low complexity
zend
CWE-346
5.0
2020-02-25 CVE-2020-8819 Origin Validation Error vulnerability in Cardgate Payments
An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce.
network
low complexity
cardgate
CWE-346
exploit available
5.5