Vulnerabilities > Origin Validation Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-10 | CVE-2021-45441 | Origin Validation Error vulnerability in Trendmicro products A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulate a specially crafted file to issue commands over a certain pipe and elevate to a higher level of privileges. | 7.8 |
| 2021-12-23 | CVE-2021-4024 | Origin Validation Error vulnerability in multiple products A flaw was found in podman. | 6.5 |
| 2021-12-14 | CVE-2021-44935 | Origin Validation Error vulnerability in Glfusion 1.7.9 glFusion CMS v1.7.9 is affected by an arbitrary user impersonation vulnerability in /public_html/comment.php. | 9.1 |
| 2021-12-13 | CVE-2021-39063 | Origin Validation Error vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. | 9.1 |
| 2021-12-08 | CVE-2021-38507 | Origin Validation Error vulnerability in multiple products The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on port 80. | 6.5 |
| 2021-12-08 | CVE-2021-43531 | Origin Validation Error vulnerability in Mozilla Firefox When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. | 4.3 |
| 2021-11-03 | CVE-2021-38497 | Origin Validation Error vulnerability in Mozilla Firefox Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. | 6.5 |
| 2021-10-26 | CVE-2021-41158 | Origin Validation Error vulnerability in Freeswitch FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. | 7.5 |
| 2021-10-08 | CVE-2021-37966 | Origin Validation Error vulnerability in multiple products Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2021-10-08 | CVE-2021-37967 | Origin Validation Error vulnerability in multiple products Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. | 4.3 |