Vulnerabilities > Origin Validation Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-28 | CVE-2018-20745 | Origin Validation Error vulnerability in Yiiframework YII Yii 2.x through 2.0.15.1 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems. | 5.9 |
| 2019-01-28 | CVE-2018-20744 | Origin Validation Error vulnerability in GO Cors Project GO Cors The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems. | 5.9 |
| 2019-01-09 | CVE-2018-16072 | Origin Validation Error vulnerability in Google Chrome A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 6.5 |
| 2018-10-08 | CVE-2018-5400 | Origin Validation Error vulnerability in Auto-Maskin DCU 210E Firmware and RP 210E Firmware The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices. | 9.1 |
| 2018-09-18 | CVE-2018-6690 | Origin Validation Error vulnerability in Mcafee Application Change Control Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system. | 7.1 |
| 2018-08-30 | CVE-2018-14903 | Origin Validation Error vulnerability in Epson Wf-2750 Firmware Jp02L2 EPSON WF-2750 printers with firmware JP02I2 do not properly validate files before running updates, which allows remote attackers to cause a printer malfunction or send malicious data to the printer. | 7.5 |
| 2018-08-02 | CVE-2018-3834 | Origin Validation Error vulnerability in Insteon HUB Firmware 1013 An exploitable permanent denial of service vulnerability exists in Insteon Hub running firmware version 1013. | 7.4 |
| 2018-06-14 | CVE-2018-8235 | Origin Validation Error vulnerability in Microsoft Edge A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. | 4.3 |
| 2018-06-11 | CVE-2018-5157 | Origin Validation Error vulnerability in multiple products Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. | 7.5 |
| 2018-06-11 | CVE-2018-5116 | Origin Validation Error vulnerability in multiple products WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active tab even if the frames are cross-origin. | 9.8 |