Vulnerabilities > Origin Validation Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-16 | CVE-2020-14519 | Origin Validation Error vulnerability in Wibu Codemeter 6.50A/6.81/6.90 This vulnerability allows an attacker to use the internal WebSockets API for CodeMeter (All versions prior to 7.00 are affected, including Version 7.0 or newer with the affected WebSockets API still enabled. | 5.0 |
| 2020-08-10 | CVE-2020-15652 | Origin Validation Error vulnerability in multiple products By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. | 6.5 |
| 2020-08-07 | CVE-2020-16168 | Origin Validation Error vulnerability in Robotemi Temi Firmware Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors. | 6.5 |
| 2020-07-14 | CVE-2020-1449 | Origin Validation Error vulnerability in Microsoft 365 Apps, Office and Project 2016 A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'. | 9.3 |
| 2020-07-14 | CVE-2020-1408 | Origin Validation Error vulnerability in Microsoft products A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. | 9.3 |
| 2020-07-14 | CVE-2020-15104 | Origin Validation Error vulnerability in Envoyproxy Envoy In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when validating TLS certificates, Envoy would incorrectly allow a wildcard DNS Subject Alternative Name apply to multiple subdomains. | 5.5 |
| 2020-06-19 | CVE-2020-14456 | Origin Validation Error vulnerability in Mattermost Desktop An issue was discovered in Mattermost Desktop App before 4.4.0. | 7.5 |
| 2020-05-22 | CVE-2020-12397 | Origin Validation Error vulnerability in multiple products By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. | 4.3 |
| 2020-04-17 | CVE-2020-11868 | Origin Validation Error vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp. | 5.0 |
| 2020-03-24 | CVE-2020-8984 | Origin Validation Error vulnerability in Zend Zendto lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta allowed IP address spoofing via the X-Forwarded-For header. | 5.0 |