Vulnerabilities > Origin Validation Error
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-08 | CVE-2021-37966 | Origin Validation Error vulnerability in multiple products Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
2021-10-08 | CVE-2021-37967 | Origin Validation Error vulnerability in multiple products Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. | 4.3 |
2021-10-08 | CVE-2021-30630 | Origin Validation Error vulnerability in multiple products Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. | 4.3 |
2021-09-23 | CVE-2021-41088 | Origin Validation Error vulnerability in ELV Elvish Elvish is a programming language and interactive shell, combined into one package. | 8.8 |
2021-09-13 | CVE-2020-27969 | Origin Validation Error vulnerability in Yandex Browser Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing | 7.3 |
2021-09-01 | CVE-2021-34435 | Origin Validation Error vulnerability in Eclipse Theia In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in an iframe inside the IDE. | 8.8 |
2021-08-26 | CVE-2021-30596 | Origin Validation Error vulnerability in multiple products Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
2021-08-18 | CVE-2021-39270 | Origin Validation Error vulnerability in Pingidentity RSA Securid Integration KIT In Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur. | 7.5 |
2021-04-30 | CVE-2021-21229 | Origin Validation Error vulnerability in multiple products Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | 6.5 |
2021-04-26 | CVE-2021-21211 | Origin Validation Error vulnerability in multiple products Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |