Vulnerabilities > Origin Validation Error

DATE CVE VULNERABILITY TITLE RISK
2017-05-01 CVE-2017-6519 Origin Validation Error vulnerability in multiple products
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets.
network
low complexity
avahi canonical CWE-346
critical
 9.1
9.1
2017-04-21 CVE-2016-5168 Origin Validation Error vulnerability in Google Chrome
Skia, as used in Google Chrome before 50.0.2661.94, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information.
network
low complexity
google CWE-346
7.5
7.5
2017-02-13 CVE-2016-8358 Origin Validation Error vulnerability in Smiths-Medical Cadd-Solis Medication Safety Software
An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1.
network
high complexity
smiths-medical CWE-346
8.5
8.5
2017-02-09 CVE-2017-5858 Origin Validation Error vulnerability in Conversejs Converse.Js
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
conversejs CWE-346
5.9
5.9
2017-02-09 CVE-2017-5606 Origin Validation Error vulnerability in Xabber
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
xabber CWE-346
5.9
5.9
2017-02-09 CVE-2017-5605 Origin Validation Error vulnerability in Movim
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
movim CWE-346
5.9
5.9
2017-02-09 CVE-2017-5604 Origin Validation Error vulnerability in Mcabber
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
mcabber CWE-346
5.9
5.9
2017-02-09 CVE-2017-5603 Origin Validation Error vulnerability in Jitsi 2.5.5061/2.9.5544
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
jitsi CWE-346
5.9
5.9
2017-02-09 CVE-2017-5602 Origin Validation Error vulnerability in Jappix Project Jappix
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
jappix-project CWE-346
5.9
5.9
2017-02-09 CVE-2017-5593 Origin Validation Error vulnerability in Psi-Plus Psi+ 0.16.563.580/0.16.571.627
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
psi-plus CWE-346
5.9
5.9