Vulnerabilities > Origin Validation Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-17 | CVE-2020-11868 | Origin Validation Error vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp. | 7.5 |
| 2020-03-24 | CVE-2020-8984 | Origin Validation Error vulnerability in Zend Zendto lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta allowed IP address spoofing via the X-Forwarded-For header. | 7.5 |
| 2020-02-25 | CVE-2020-8819 | Origin Validation Error vulnerability in Cardgate Payments An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. | 8.1 |
| 2020-02-25 | CVE-2020-8818 | Origin Validation Error vulnerability in multiple products An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. | 8.1 |
| 2020-02-19 | CVE-2019-4640 | Origin Validation Error vulnerability in IBM Security Secret Server IBM Security Secret Server 10.7 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code which could result in an attacker executing malicious code. | 9.8 |
| 2020-02-11 | CVE-2020-0695 | Origin Validation Error vulnerability in Microsoft Office Online Server A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'. | 5.4 |
| 2020-01-23 | CVE-2019-16517 | Origin Validation Error vulnerability in Connectwise Control 19.3.25270.7185 An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. | 9.8 |
| 2020-01-14 | CVE-2020-0647 | Origin Validation Error vulnerability in Microsoft Office Online Server A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. | 5.4 |
| 2020-01-08 | CVE-2019-11762 | Origin Validation Error vulnerability in multiple products If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. | 6.1 |
| 2020-01-03 | CVE-2019-20329 | Origin Validation Error vulnerability in Openlambda Project Openlambda 20190910 OpenLambda 2019-09-10 allows DNS rebinding attacks against the OL server for the REST API on TCP port 5000. | 8.1 |