Search
Total
172 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-16951 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 6.8 MEDIUM | 8.6 HIGH |
| <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p> <p>Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.</p> <p>The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.</p> | |||||
| CVE-2020-16952 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-12-31 | 6.8 MEDIUM | 8.6 HIGH |
| <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p> <p>Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.</p> <p>The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.</p> | |||||
| CVE-2023-3654 | 1 Cashit | 1 Cashit\! | 2023-12-28 | N/A | 9.8 CRITICAL |
| cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a origin bypass via the host header in an HTTP request. This vulnerability can be triggered by an HTTP endpoint exposed to the network. | |||||
| CVE-2023-5858 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-12-22 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2023-5853 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-12-22 | N/A | 4.3 MEDIUM |
| Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-5859 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-12-22 | N/A | 4.3 MEDIUM |
| Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low) | |||||
| CVE-2023-5851 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-12-22 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-49803 | 1 Koajs | 1 Cross-origin Resource Sharing For Koa | 2023-12-14 | N/A | 7.5 HIGH |
| @koa/cors npm provides Cross-Origin Resource Sharing (CORS) for koa, a web framework for Node.js. Prior to version 5.0.0, the middleware operates in a way that if an allowed origin is not provided, it will return an `Access-Control-Allow-Origin` header with the value of the origin from the request. This behavior completely disables one of the most crucial elements of browsers - the Same Origin Policy (SOP), this could cause a very serious security threat to the users of this middleware. If such behavior is expected, for instance, when middleware is used exclusively for prototypes and not for production applications, it should be heavily emphasized in the documentation along with an indication of the risks associated with such behavior, as many users may not be aware of it. Version 5.0.0 fixes this vulnerability. | |||||
| CVE-2023-49805 | 2 Dockge.kuma, Uptime.kuma | 2 Dockge, Uptime Kuma | 2023-12-14 | N/A | 8.8 HIGH |
| Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, the application uses WebSocket (with Socket.io), but it does not verify that the source of communication is valid. This allows third-party website to access the application on behalf of their client. When connecting to the server using Socket.IO, the server does not validate the `Origin` header leading to other site being able to open connections to the server and communicate with it. Other websites still need to authenticate to access most features, however this can be used to circumvent firewall protections made in place by people deploying the application. Without origin validation, Javascript executed from another origin would be allowed to connect to the application without any user interaction. Without login credentials, such a connection is unable to access protected endpoints containing sensitive data of the application. However, such a connection may allow attacker to further exploit unseen vulnerabilities of the application. Users with "No-auth" mode configured who are relying on a reverse proxy or firewall to provide protection to the application would be especially vulnerable as it would grant the attacker full access to the application. In version 1.23.9, additional verification of the HTTP Origin header has been added to the socket.io connection handler. By default, if the `Origin` header is present, it would be checked against the Host header. Connection would be denied if the hostnames do not match, which would indicate that the request is cross-origin. Connection would be allowed if the `Origin` header is not present. Users can override this behavior by setting environment variable `UPTIME_KUMA_WS_ORIGIN_CHECK=bypass`. | |||||
| CVE-2023-28794 | 1 Zscaler | 1 Client Connector | 2023-11-14 | N/A | 6.5 MEDIUM |
| Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6. | |||||
| CVE-2023-29505 | 1 Zohocorp | 1 Manageengine Network Configuration Manager | 2023-08-10 | N/A | 8.8 HIGH |
| An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The WebSocket endpoint allows Cross-site WebSocket hijacking. | |||||
| CVE-2023-4045 | 2 Debian, Mozilla | 3 Debian Linux, Firefox, Firefox Esr | 2023-08-09 | N/A | 5.3 MEDIUM |
| Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. | |||||
| CVE-2021-33959 | 1 Plex | 1 Media Server | 2023-08-08 | N/A | 7.5 HIGH |
| Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service. | |||||
| CVE-2022-22757 | 1 Mozilla | 1 Firefox | 2023-08-08 | N/A | 6.5 MEDIUM |
| Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user's browser to control it. <br>*This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.*. This vulnerability affects Firefox < 97. | |||||
| CVE-2023-2850 | 1 Nodebb | 1 Nodebb | 2023-08-07 | N/A | 4.7 MEDIUM |
| NodeBB is affected by a Cross-Site WebSocket Hijacking vulnerability due to missing validation of the request origin. Exploitation of this vulnerability allows certain user information to be extracted by attacker. | |||||
| CVE-2023-30949 | 1 Palantir | 1 Slate | 2023-08-04 | N/A | 5.3 MEDIUM |
| A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the page's content, which could lead to phishing attacks. | |||||
| CVE-2023-3581 | 1 Mattermost | 1 Mattermost Server | 2023-07-27 | N/A | 8.1 HIGH |
| Mattermost fails to properly validate the origin of a websocket connection allowing a MITM attacker on Mattermost to access the websocket APIs. | |||||
| CVE-2022-1497 | 1 Google | 1 Chrome | 2022-07-28 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in Input in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to spoof the contents of cross-origin websites via a crafted HTML page. | |||||
| CVE-2021-26291 | 3 Apache, Oracle, Quarkus | 4 Maven, Financial Services Analytical Applications Infrastructure, Goldengate Big Data And Application Adapters and 1 more | 2022-07-25 | 6.4 MEDIUM | 9.1 CRITICAL |
| Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. Maven is changing the default behavior in 3.8.1+ to no longer follow http (non-SSL) repository references by default. More details available in the referenced urls. If you are currently using a repository manager to govern the repositories used by your builds, you are unaffected by the risks present in the legacy behavior, and are unaffected by this vulnerability and change to default behavior. See this link for more information about repository management: https://maven.apache.org/repository-management.html | |||||
| CVE-2021-46701 | 1 Premid | 1 Premid | 2022-07-12 | 6.4 MEDIUM | 6.5 MEDIUM |
| PreMiD 2.2.0 allows unintended access via the websocket transport. An attacker can receive events from a socket and emit events to a socket, potentially interfering with a victim's "now playing" status on Discord. | |||||
| CVE-2021-30630 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-07-12 | 4.3 MEDIUM | 4.3 MEDIUM |
| Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-45441 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Worry-free Business Security and 1 more | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulate a specially crafted file to issue commands over a certain pipe and elevate to a higher level of privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2021-37967 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-07-12 | 4.3 MEDIUM | 4.3 MEDIUM |
| Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-23763 | 2 Douzone, Microsoft | 2 Neors, Windows | 2022-07-11 | 6.8 MEDIUM | 8.8 HIGH |
| Origin validation error vulnerability in NeoRS’s ActiveX moudle allows attackers to download and execute arbitrary files. Remote attackers can use this vulerability to encourage users to access crafted web pages, causing damage such as malicious code infections. | |||||
| CVE-2022-1747 | 1 Dominionvoting | 2 Democracy Suite, Imagecast X | 2022-07-05 | 2.1 LOW | 4.6 MEDIUM |
| The authentication mechanism used by voters to activate a voting session on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. An attacker could leverage this vulnerability to print an arbitrary number of ballots without authorization. | |||||
| CVE-2019-5036 | 1 Google | 2 Nest Cam Iq Indoor, Nest Cam Iq Indoor Firmware | 2022-06-27 | 7.8 HIGH | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality of the Nest Cam IQ Indoor, version 4620002. A specially crafted weave packets can cause an arbitrary Weave Exchange Session to close, resulting in a denial of service. An attacker can send a specially crafted packet to trigger this vulnerability. | |||||
| CVE-2022-30228 | 1 Siemens | 1 Sicam Gridedge Essential | 2022-06-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not apply cross-origin resource sharing (CORS) restrictions for critical operations. In case an attacker tricks a legitimate user into accessing a special resource a malicious request could be executed. | |||||
| CVE-2019-5062 | 1 W1.fi | 1 Hostapd | 2022-06-17 | 3.3 LOW | 6.5 MEDIUM |
| An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service. | |||||
| CVE-2022-31024 | 1 Nextcloud | 1 Richdocuments | 2022-06-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| richdocuments is the repository for NextCloud Collabra, the app for Nextcloud Office collaboration. Prior to versions 6.0.0, 5.0.4, and 4.2.6, a user could be tricked into working against a remote Office by sending them a federated share. richdocuments versions 6.0.0, 5.0.4 and 4.2.6 contain a fix for this issue. There are currently no known workarounds available. | |||||
| CVE-2009-1185 | 7 Canonical, Debian, Fedoraproject and 4 more | 9 Ubuntu Linux, Debian Linux, Fedora and 6 more | 2022-06-03 | 7.2 HIGH | N/A |
| udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. | |||||
| CVE-2022-25227 | 1 Cybelesoft | 1 Thinfinity Vnc | 2022-06-01 | 6.8 MEDIUM | 8.8 HIGH |
| Thinfinity VNC v4.0.0.1 contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can trick a user into browse malicious site, to obtain an 'ID' that can be used to send websocket requests and achieve RCE. | |||||
| CVE-2022-29818 | 1 Jetbrains | 1 Intellij Idea | 2022-05-05 | 3.6 LOW | 7.1 HIGH |
| In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed | |||||
| CVE-2020-11868 | 5 Debian, Netapp, Ntp and 2 more | 24 Debian Linux, All Flash Fabric-attached Storage 8300, All Flash Fabric-attached Storage 8300 Firmware and 21 more | 2022-04-26 | 5.0 MEDIUM | 7.5 HIGH |
| ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp. | |||||
| CVE-2022-0120 | 1 Google | 1 Chrome | 2022-02-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website. | |||||
| CVE-2022-0113 | 1 Google | 1 Chrome | 2022-02-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-38507 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2022-02-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on port 80. However, if a second encrypted port on the same IP address (e.g. port 8443) did not opt-in to opportunistic encryption; a network attacker could forward a connection from the browser to port 443 to port 8443, causing the browser to treat the content of port 8443 as same-origin with HTTP. This was resolved by disabling the Opportunistic Encryption feature, which had low usage. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. | |||||
| CVE-2021-37966 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2022-02-18 | 4.3 MEDIUM | 4.3 MEDIUM |
| Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2022-0111 | 1 Google | 1 Chrome | 2022-02-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page. | |||||
| CVE-2022-0108 | 1 Google | 1 Chrome | 2022-02-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-4024 | 3 Fedoraproject, Podman Project, Redhat | 3 Fedora, Podman, Enterprise Linux | 2022-02-08 | 6.4 MEDIUM | 6.5 MEDIUM |
| A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall, an attacker can potentially use the `gvproxy` API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host's services by forwarding all ports to the VM. | |||||
| CVE-2022-23032 | 1 F5 | 2 Big-ip Access Policy Manager, Big-ip Access Policy Manager Client | 2022-02-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| In all versions before 7.2.1.4, when proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2021-39063 | 2 Ibm, Linux | 2 Spectrum Protect Plus, Linux Kernel | 2021-12-15 | 6.4 MEDIUM | 9.1 CRITICAL |
| IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 214956. | |||||
| CVE-2021-44935 | 1 Glfusion | 1 Glfusion | 2021-12-15 | 6.4 MEDIUM | 9.1 CRITICAL |
| glFusion CMS v1.7.9 is affected by an arbitrary user impersonation vulnerability in /public_html/comment.php. The attacker can complete the attack remotely without interaction. | |||||
| CVE-2021-43531 | 1 Mozilla | 1 Firefox | 2021-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
| When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should have access to. This was fixed to provide the pre-redirect URL. This is related to CVE-2021-43532 but in the context of Web Extensions. This vulnerability affects Firefox < 94. | |||||
| CVE-2021-21164 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Iphone Os, Debian Linux, Fedora and 1 more | 2021-12-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-21163 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Iphone Os, Debian Linux, Fedora and 1 more | 2021-12-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server. | |||||
| CVE-2021-21175 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2021-12-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-21184 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2021-12-03 | 4.3 MEDIUM | 4.3 MEDIUM |
| Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-21183 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2021-12-03 | 4.3 MEDIUM | 4.3 MEDIUM |
| Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-30596 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2021-11-30 | 4.3 MEDIUM | 4.3 MEDIUM |
| Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||