Vulnerabilities > Origin Validation Error
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-06-15 | CVE-2017-8530 | Origin Validation Error vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge does not properly enforce same-origin policies, aka "Microsoft Edge Security Feature Bypass Vulnerability". | 5.4 |
2017-06-15 | CVE-2017-8523 | Origin Validation Error vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge fails to correctly apply Same Origin Policy for HTML elements present in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability". | 4.3 |
2017-06-12 | CVE-2017-7667 | Origin Validation Error vulnerability in Apache Nifi Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin. | 7.5 |
2017-05-26 | CVE-2017-5646 | Origin Validation Error vulnerability in Apache Knox For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially crafted URL to impersonate another user while accessing WebHDFS through Apache Knox. | 6.8 |
2017-05-05 | CVE-2017-8793 | Origin Validation Error vulnerability in Accellion File Transfer Appliance 80540/911200/911210 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 8.8 |
2017-05-01 | CVE-2017-6519 | Origin Validation Error vulnerability in multiple products avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. | 9.1 |
2017-04-21 | CVE-2016-5168 | Origin Validation Error vulnerability in Google Chrome Skia, as used in Google Chrome before 50.0.2661.94, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information. | 7.5 |
2017-02-13 | CVE-2016-8358 | Origin Validation Error vulnerability in Smiths-Medical Cadd-Solis Medication Safety Software An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1. | 8.5 |
2017-02-09 | CVE-2017-5858 | Origin Validation Error vulnerability in Conversejs Converse.Js An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. | 5.9 |
2017-02-09 | CVE-2017-5606 | Origin Validation Error vulnerability in Xabber An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. | 5.9 |