Vulnerabilities > Origin Validation Error

DATE CVE VULNERABILITY TITLE RISK
2020-09-16 CVE-2020-14519 Origin Validation Error vulnerability in Wibu Codemeter 6.50A/6.81/6.90
This vulnerability allows an attacker to use the internal WebSockets API for CodeMeter (All versions prior to 7.00 are affected, including Version 7.0 or newer with the affected WebSockets API still enabled.
network
low complexity
wibu CWE-346
5.0
2020-08-10 CVE-2020-15652 Origin Validation Error vulnerability in multiple products
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect.
network
low complexity
mozilla canonical CWE-346
6.5
2020-08-07 CVE-2020-16168 Origin Validation Error vulnerability in Robotemi Temi Firmware
Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors.
network
low complexity
robotemi CWE-346
6.5
2020-07-14 CVE-2020-1449 Origin Validation Error vulnerability in Microsoft 365 Apps, Office and Project 2016
A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'.
network
microsoft CWE-346
critical
9.3
2020-07-14 CVE-2020-1408 Origin Validation Error vulnerability in Microsoft products
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'.
network
microsoft CWE-346
critical
9.3
2020-07-14 CVE-2020-15104 Origin Validation Error vulnerability in Envoyproxy Envoy
In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when validating TLS certificates, Envoy would incorrectly allow a wildcard DNS Subject Alternative Name apply to multiple subdomains.
network
low complexity
envoyproxy CWE-346
5.5
2020-06-19 CVE-2020-14456 Origin Validation Error vulnerability in Mattermost Desktop
An issue was discovered in Mattermost Desktop App before 4.4.0.
network
low complexity
mattermost CWE-346
7.5
2020-05-22 CVE-2020-12397 Origin Validation Error vulnerability in multiple products
By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays.
network
low complexity
mozilla canonical CWE-346
4.3
2020-04-17 CVE-2020-11868 Origin Validation Error vulnerability in multiple products
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
network
low complexity
ntp redhat netapp debian opensuse CWE-346
5.0
2020-03-24 CVE-2020-8984 Origin Validation Error vulnerability in Zend Zendto
lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta allowed IP address spoofing via the X-Forwarded-For header.
network
low complexity
zend CWE-346
5.0