Vulnerabilities > Origin Validation Error

DATE CVE VULNERABILITY TITLE RISK
2021-04-12 CVE-2020-15734 Origin Validation Error vulnerability in Bitdefender Safepay 23.0.10.34
An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directories.
local
low complexity
bitdefender CWE-346
5.5
5.5
2021-03-31 CVE-2021-23986 Origin Validation Error vulnerability in Mozilla Firefox
A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL.
network
low complexity
mozilla CWE-346
6.5
6.5
2021-03-09 CVE-2021-21184 Origin Validation Error vulnerability in multiple products
Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-346
4.3
4.3
2021-03-09 CVE-2021-21183 Origin Validation Error vulnerability in multiple products
Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-346
4.3
4.3
2021-03-09 CVE-2021-21175 Origin Validation Error vulnerability in multiple products
Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-346
6.5
6.5
2021-03-09 CVE-2021-21164 Origin Validation Error vulnerability in multiple products
Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-346
6.5
6.5
2021-03-09 CVE-2021-21163 Origin Validation Error vulnerability in multiple products
Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server.
network
low complexity
google fedoraproject debian CWE-346
6.5
6.5
2021-02-24 CVE-2021-1231 Origin Validation Error vulnerability in Cisco Nx-Os
A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface.
low complexity
cisco CWE-346
4.7
4.7
2021-02-12 CVE-2021-27197 Origin Validation Error vulnerability in Pelco Digital Sentry Server
DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write vulnerability.
network
low complexity
pelco CWE-346
8.1
8.1
2021-02-09 CVE-2021-21136 Origin Validation Error vulnerability in multiple products
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google microsoft CWE-346
6.5
6.5