Vulnerabilities > Origin Validation Error

DATE CVE VULNERABILITY TITLE RISK
2023-07-13 CVE-2023-21260 Origin Validation Error vulnerability in Google Android
In notification access permission dialog box, malicious application can embedded a very long service label that overflow the original user prompt and possibly contains mis-leading information to be appeared as a system message for user confirmation.
local
low complexity
google CWE-346
5.5
2023-06-13 CVE-2023-2639 Origin Validation Error vulnerability in Rockwellautomation products
The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the origin of the communication is from a legitimate local client device.  This may allow a threat actor to craft a malicious website that, when visited, will send a malicious script that can connect to the local WebSocket endpoint and wait for events as if it was a valid client device.
network
low complexity
rockwellautomation CWE-346
4.7
2023-06-02 CVE-2023-23601 Origin Validation Error vulnerability in Mozilla Firefox
Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks.
network
low complexity
mozilla CWE-346
6.5
2023-05-31 CVE-2023-28349 Origin Validation Error vulnerability in Faronics Insight 10.0.19045
An issue was discovered in Faronics Insight 10.0.19045 on Windows.
low complexity
faronics CWE-346
8.8
2023-04-28 CVE-2023-30856 Origin Validation Error vulnerability in Edex-Ui Project Edex-Ui
eDEX-UI is a science fiction terminal emulator.
network
low complexity
edex-ui-project CWE-346
critical
10.0
2023-03-23 CVE-2023-26114 Origin Validation Error vulnerability in Coder Code-Server
Versions of the package code-server before 4.10.1 are vulnerable to Missing Origin Validation in WebSockets handshakes.
network
low complexity
coder CWE-346
critical
9.3
2023-03-03 CVE-2023-0957 Origin Validation Error vulnerability in Gitpod
An issue was discovered in Gitpod versions prior to release-2022.11.2.16.
network
low complexity
gitpod CWE-346
critical
9.6
2023-01-18 CVE-2021-33959 Origin Validation Error vulnerability in Plex Media Server
Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.
network
low complexity
plex CWE-346
7.5
2023-01-10 CVE-2023-22899 Origin Validation Error vulnerability in Zip4J Project Zip4J
Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive.
network
high complexity
zip4j-project CWE-346
5.9
2023-01-09 CVE-2014-125071 Origin Validation Error vulnerability in Gribbit Project Gribbit
A vulnerability was found in lukehutch Gribbit.
network
low complexity
gribbit-project CWE-346
critical
9.8