Vulnerabilities > Origin Validation Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-14 | CVE-2022-30228 | Origin Validation Error vulnerability in Siemens Sicam Gridedge Essential A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). | 6.5 |
| 2022-05-20 | CVE-2022-25227 | Origin Validation Error vulnerability in Cybelesoft Thinfinity VNC 4.0.0.1 Thinfinity VNC v4.0.0.1 contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can trick a user into browse malicious site, to obtain an 'ID' that can be used to send websocket requests and achieve RCE. | 8.8 |
| 2022-04-28 | CVE-2022-29818 | Origin Validation Error vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed | 7.1 |
| 2022-04-04 | CVE-2021-32985 | Origin Validation Error vulnerability in Aveva System Platform 2017/2020 AVEVA System Platform versions 2017 through 2020 R2 P01 does not properly verify that the source of data or communication is valid. | 7.2 |
| 2022-03-21 | CVE-2020-24772 | Origin Validation Error vulnerability in Clash Project Clash 0.11.4 In Dreamacro Clash for Windows v0.11.4, an attacker could embed a malicious iframe in a website with a crafted URL that would launch the Clash Windows client and force it to open a remote SMB share. | 8.8 |
| 2022-03-18 | CVE-2022-22594 | Origin Validation Error vulnerability in Apple products A cross-origin issue in the IndexDB API was addressed with improved input validation. | 6.5 |
| 2022-03-14 | CVE-2022-24762 | Origin Validation Error vulnerability in Sysend.Js Project Sysend.Js sysend.js is a library that allows a user to send messages between pages that are open in the same browser. | 6.5 |
| 2022-03-03 | CVE-2022-25146 | Origin Validation Error vulnerability in Liferay Digital Experience Platform and Liferay Portal The Remote App module in Liferay Portal Liferay Portal v7.4.3.4 through v7.4.3.8 and Liferay DXP 7.4 before update 5 does not check if the origin of event messages it receives matches the origin of the Remote App, allowing attackers to exfiltrate the CSRF token via a crafted event message. | 5.3 |
| 2022-02-20 | CVE-2021-46701 | Origin Validation Error vulnerability in Premid 2.2.0 PreMiD 2.2.0 allows unintended access via the websocket transport. | 6.5 |
| 2022-02-12 | CVE-2022-0108 | Origin Validation Error vulnerability in multiple products Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |