Vulnerabilities > Origin Validation Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-15104 | Origin Validation Error vulnerability in Envoyproxy Envoy In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when validating TLS certificates, Envoy would incorrectly allow a wildcard DNS Subject Alternative Name apply to multiple subdomains. | 5.4 |
| 2020-06-19 | CVE-2020-14456 | Origin Validation Error vulnerability in Mattermost Desktop An issue was discovered in Mattermost Desktop App before 4.4.0. | 7.3 |
| 2020-05-22 | CVE-2020-12397 | Origin Validation Error vulnerability in multiple products By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. | 4.3 |
| 2020-04-17 | CVE-2020-11868 | Origin Validation Error vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp. | 7.5 |
| 2020-03-24 | CVE-2020-8984 | Origin Validation Error vulnerability in Zend Zendto lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta allowed IP address spoofing via the X-Forwarded-For header. | 7.5 |
| 2020-02-25 | CVE-2020-8819 | Origin Validation Error vulnerability in Cardgate Payments An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. | 8.1 |
| 2020-02-25 | CVE-2020-8818 | Origin Validation Error vulnerability in multiple products An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. | 8.1 |
| 2020-02-19 | CVE-2019-4640 | Origin Validation Error vulnerability in IBM Security Secret Server IBM Security Secret Server 10.7 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code which could result in an attacker executing malicious code. | 9.8 |
| 2020-02-11 | CVE-2020-0695 | Origin Validation Error vulnerability in Microsoft Office Online Server A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'. | 5.4 |
| 2020-01-23 | CVE-2019-16517 | Origin Validation Error vulnerability in Connectwise Control 19.3.25270.7185 An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. | 9.8 |