Vulnerabilities > Origin Validation Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-23 | CVE-2021-26291 | Origin Validation Error vulnerability in multiple products Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. | 9.1 |
| 2021-04-14 | CVE-2021-28048 | Origin Validation Error vulnerability in Devolutions Server An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2021-04-12 | CVE-2020-15734 | Origin Validation Error vulnerability in Bitdefender Safepay 23.0.10.34 An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directories. | 5.5 |
| 2021-03-31 | CVE-2021-23986 | Origin Validation Error vulnerability in Mozilla Firefox A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. | 6.5 |
| 2021-03-09 | CVE-2021-21184 | Origin Validation Error vulnerability in multiple products Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 4.3 |
| 2021-03-09 | CVE-2021-21183 | Origin Validation Error vulnerability in multiple products Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 4.3 |
| 2021-03-09 | CVE-2021-21175 | Origin Validation Error vulnerability in multiple products Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2021-03-09 | CVE-2021-21164 | Origin Validation Error vulnerability in multiple products Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2021-03-09 | CVE-2021-21163 | Origin Validation Error vulnerability in multiple products Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server. | 6.5 |
| 2021-02-24 | CVE-2021-1231 | Origin Validation Error vulnerability in Cisco Nx-Os A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. | 4.7 |