Vulnerabilities > Origin Validation Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-10 | CVE-2024-36303 | Origin Validation Error vulnerability in Trendmicro Apex ONE An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2024-36302. | 7.8 |
| 2024-05-03 | CVE-2023-27360 | Origin Validation Error vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. | 8.8 |
| 2024-04-05 | CVE-2024-2447 | Origin Validation Error vulnerability in Mattermost Server Mattermost versions 8.1.x before 8.1.11, 9.3.x before 9.3.3, 9.4.x before 9.4.4, and 9.5.x before 9.5.2 fail to authenticate the source of certain types of post actions, allowing an authenticated attacker to create posts as other users via a crafted post action. | 6.5 |
| 2024-02-20 | CVE-2024-26135 | Origin Validation Error vulnerability in Meshcentral MeshCentral is a full computer management web site. | 8.8 |
| 2024-02-14 | CVE-2024-0009 | Origin Validation Error vulnerability in Paloaltonetworks Pan-Os An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP address. | 6.3 |
| 2024-02-01 | CVE-2024-24557 | Origin Validation Error vulnerability in Mobyproject Moby Moby is an open-source project created by Docker to enable software containerization. | 7.8 |
| 2024-01-24 | CVE-2024-23898 | Origin Validation Error vulnerability in Jenkins Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking (CSWSH) vulnerability, allowing attackers to execute CLI commands on the Jenkins controller. | 8.8 |
| 2024-01-24 | CVE-2024-0814 | Origin Validation Error vulnerability in multiple products Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. | 6.5 |
| 2024-01-23 | CVE-2023-47193 | Origin Validation Error vulnerability in Trendmicro Apex ONE 2019 An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47194. | 7.8 |
| 2024-01-23 | CVE-2023-47194 | Origin Validation Error vulnerability in Trendmicro Apex ONE 2019 An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47195. | 7.8 |