Search
Total
172 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8069 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Macos and 5 more | 2021-11-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user. | |||||
| CVE-2021-38497 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-11-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2. | |||||
| CVE-2020-27969 | 1 Yandex | 1 Yandex Browser | 2021-09-22 | 7.5 HIGH | 7.3 HIGH |
| Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing | |||||
| CVE-2021-39185 | 1 Typelevel | 1 Http4s | 2021-09-15 | 6.4 MEDIUM | 9.1 CRITICAL |
| Http4s is a minimal, idiomatic Scala interface for HTTP services. In http4s versions 0.21.26 and prior, 0.22.0 through 0.22.2, 0.23.0, 0.23.1, and 1.0.0-M1 through 1.0.0-M24, the default CORS configuration is vulnerable to an origin reflection attack. The middleware is also susceptible to a Null Origin Attack. The problem is fixed in 0.21.27, 0.22.3, 0.23.2, and 1.0.0-M25. The original `CORS` implementation and `CORSConfig` are deprecated. See the GitHub GHSA for more information, including code examples and workarounds. | |||||
| CVE-2021-39175 | 1 Hedgedoc | 1 Hedgedoc | 2021-09-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| HedgeDoc is a platform to write and share markdown. In versions prior to 1.9.0, an unauthenticated attacker can inject arbitrary JavaScript into the speaker-notes of the slide-mode feature by embedding an iframe hosting the malicious code into the slides or by embedding the HedgeDoc instance into another page. The problem is patched in version 1.9.0. There are no known workarounds aside from upgrading. | |||||
| CVE-2021-37705 | 1 Microsoft | 1 Onefuzz | 2021-08-30 | 6.8 MEDIUM | 10.0 CRITICAL |
| OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform. Starting with OneFuzz 2.12.0 or greater, an incomplete authorization check allows an authenticated user from any Azure Active Directory tenant to make authorized API calls to a vulnerable OneFuzz instance. To be vulnerable, a OneFuzz deployment must be both version 2.12.0 or greater and deployed with the non-default --multi_tenant_domain option. This can result in read/write access to private data such as software vulnerability and crash information, security testing tools and proprietary code and symbols. Via authorized API calls, this also enables tampering with existing data and unauthorized code execution on Azure compute resources. This issue is resolved starting in release 2.31.0, via the addition of application-level check of the bearer token's `issuer` against an administrator-configured allowlist. As a workaround users can restrict access to the tenant of a deployed OneFuzz instance < 2.31.0 by redeploying in the default configuration, which omits the `--multi_tenant_domain` option. | |||||
| CVE-2021-39270 | 1 Pingidentity | 1 Rsa Securid Integration Kit | 2021-08-26 | 5.0 MEDIUM | 7.5 HIGH |
| In Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur. | |||||
| CVE-2021-23986 | 1 Mozilla | 1 Firefox | 2021-08-06 | 4.3 MEDIUM | 6.5 MEDIUM |
| A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which should not have cross-origin permissions. This cross-origin request was made without cookies, so the sensitive information disclosed by the violation was limited to local-network resources or resources that perform IP-based authentication. This vulnerability affects Firefox < 87. | |||||
| CVE-2020-35556 | 1 Acronis | 1 Cyber Protect | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the local notification service misconfigures CORS, information disclosure can occur. | |||||
| CVE-2021-21209 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2021-06-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-21211 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2021-06-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-21229 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2021-06-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |||||
| CVE-2020-3864 | 2 Apple, Redhat | 9 Icloud, Ipados, Iphone Os and 6 more | 2021-05-18 | 7.2 HIGH | 7.8 HIGH |
| A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. | |||||
| CVE-2021-31718 | 1 Npupnp Project | 1 Npupnp | 2021-05-05 | 6.8 MEDIUM | 8.8 HIGH |
| The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server (including UPnP SOAP and GENA endpoints), leading to remote code execution. | |||||
| CVE-2021-28048 | 1 Devolutions | 1 Devolutions Server | 2021-04-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2020-15734 | 1 Bitdefender | 1 Safepay | 2021-04-21 | 2.1 LOW | 5.5 MEDIUM |
| An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directories. This issue affects: Bitdefender Safepay versions prior to 25.0.7.29. | |||||
| CVE-2017-5646 | 1 Apache | 1 Knox | 2021-04-06 | 4.9 MEDIUM | 6.8 MEDIUM |
| For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially crafted URL to impersonate another user while accessing WebHDFS through Apache Knox. This may result in escalated privileges and unauthorized data access. While this activity is audit logged and can be easily associated with the authenticated user, this is still a serious security issue. All users are recommended to upgrade to the Apache Knox 0.12.0 release. | |||||
| CVE-2021-21136 | 2 Google, Microsoft | 3 Android, Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-21135 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-20199 | 1 Podman Project | 1 Podman | 2021-02-26 | 4.3 MEDIUM | 5.9 MEDIUM |
| Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards. | |||||
| CVE-2021-27197 | 1 Pelco | 1 Digital Sentry Server | 2021-02-19 | 8.8 HIGH | 8.1 HIGH |
| DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write vulnerability. The AppendToTextFile method doesn't check if it's being called from the application or from a malicious user. The vulnerability is triggered when a remote attacker crafts an HTML page (e.g., with "OBJECT classid=" and "<SCRIPT language='vbscript'>") to overwrite arbitrary files. | |||||
| CVE-2020-28481 | 1 Socket | 1 Socket.io | 2021-01-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default. | |||||
| CVE-2020-4881 | 1 Ibm | 1 Planning Analytics | 2021-01-22 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the lack of server hostname verification for SSL/TLS communication. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 190851. | |||||
| CVE-2020-6881 | 1 Zte | 6 Zxhn E8810, Zxhn E8810 Firmware, Zxhn E8820 and 3 more | 2020-12-22 | 5.0 MEDIUM | 7.5 HIGH |
| ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. A remote attacker could connect to the MQTT server and send an MQTT exception message to the specified device, which will cause the device to deny service. This affects:<ZXHN E8810, ZXHN E8820, ZXHN E8822><E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13> | |||||
| CVE-2020-26251 | 1 Openzaak | 1 Open Zaak | 2020-12-22 | 4.3 MEDIUM | 4.7 MEDIUM |
| Open Zaak is a modern, open-source data- and services-layer to enable zaakgericht werken, a Dutch approach to case management. In Open Zaak before version 1.3.3 the Cross-Origin-Resource-Sharing policy in Open Zaak is currently wide open - every client is allowed. This allows evil.com to run scripts that perform AJAX calls to known Open Zaak installations, and the browser will not block these. This was intended to only apply to development machines running on localhost/127.0.0.1. Open Zaak 1.3.3 disables CORS by default, while it can be opted-in through environment variables. The vulnerability does not actually seem exploitable because: a) The session cookie has a `Same-Site: Lax` policy which prevents it from being sent along in Cross-Origin requests. b) All pages that give access to (production) data are login-protected c) `Access-Control-Allow-Credentials` is set to `false` d) CSRF checks probably block the remote origin, since they're not explicitly added to the trusted allowlist. | |||||
| CVE-2020-15733 | 1 Bitdefender | 1 Antivirus Plus | 2020-12-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus allows a web resource to misrepresent itself in the URL bar. This issue affects: Bitdefender Antivirus Plus versions prior to 25.0.7.29. | |||||
| CVE-2020-26234 | 1 Apereo | 1 Opencast | 2020-12-10 | 2.1 LOW | 4.8 MEDIUM |
| Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. Hostname verification is an important part when using HTTPS to ensure that the presented certificate is valid for the host. Disabling it can allow for man-in-the-middle attacks. This problem is fixed in Opencast 7.9 and Opencast 8.8 Please be aware that fixing the problem means that Opencast will not simply accept any self-signed certificates any longer without properly importing them. If you need those, please make sure to import them into the Java key store. Better yet, get a valid certificate. | |||||
| CVE-2020-26253 | 1 Getkirby | 2 Kirby, Panel | 2020-12-08 | 4.3 MEDIUM | 5.9 MEDIUM |
| Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.3.6, and Kirby Panel before version 2.5.14 there is a vulnerability in which the admin panel may be accessed if hosted on a .dev domain. In order to protect new installations on public servers that don't have an admin account for the Panel yet, we block account registration there by default. This is a security feature, which we implemented years ago in Kirby 2. It helps to avoid that you forget registering your first admin account on a public server. In this case – without our security block – someone else might theoretically be able to find your site, find out it's running on Kirby, find the Panel and then register the account first. It's an unlikely situation, but it's still a certain risk. To be able to register the first Panel account on a public server, you have to enforce the installer via a config setting. This helps to push all users to the best practice of registering your first Panel account on your local machine and upload it together with the rest of the site. This installation block implementation in Kirby versions before 3.3.6 still assumed that .dev domains are local domains, which is no longer true. In the meantime, those domains became publicly available. This means that our installation block is no longer working as expected if you use a .dev domain for your Kirby site. Additionally the local installation check may also fail if your site is behind a reverse proxy. You are only affected if you use a .dev domain or your site is behind a reverse proxy and you have not yet registered your first Panel account on the public server and someone finds your site and tries to login at `yourdomain.dev/panel` before you register your first account. You are not affected if you have already created one or multiple Panel accounts (no matter if on a .dev domain or behind a reverse proxy). The problem has been patched in Kirby 3.3.6. Please upgrade to this or a later version to fix the vulnerability. | |||||
| CVE-2020-15682 | 1 Mozilla | 1 Firefox | 2020-10-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| When a link to an external protocol was clicked, a prompt was presented that allowed the user to choose what application to open it in. An attacker could induce that prompt to be associated with an origin they didn't control, resulting in a spoofing attack. This was fixed by changing external protocol prompts to be tab-modal while also ensuring they could not be incorrectly associated with a different origin. This vulnerability affects Firefox < 82. | |||||
| CVE-2019-8754 | 1 Apple | 1 Mac Os X | 2020-10-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. A malicious HTML document may be able to render iframes with sensitive user information. | |||||
| CVE-2019-8282 | 1 Gemalto | 1 Sentinel Ldk | 2020-10-22 | 2.6 LOW | 5.3 MEDIUM |
| Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. This allows attacker to do man-in-the-middle (MITM) attack and replace original language pack by malicious one. | |||||
| CVE-2020-9903 | 1 Apple | 3 Ipad Os, Iphone Os, Safari | 2020-10-20 | 5.0 MEDIUM | 7.5 HIGH |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. A malicious attacker may cause Safari to suggest a password for the wrong domain. | |||||
| CVE-2020-26527 | 1 Damstratechnology | 1 Smart Asset | 2020-10-14 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in API/api/Version in Damstra Smart Asset 2020.7. Cross-origin resource sharing trusts random origins by accepting the arbitrary 'Origin: example.com' header and responding with 200 OK and a wildcard 'Access-Control-Allow-Origin: *' header. | |||||
| CVE-2019-11777 | 1 Eclipse | 1 Paho Java Client | 2020-10-06 | 5.0 MEDIUM | 7.5 HIGH |
| In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. This could allow one MQTT server to impersonate another and provide the client library with incorrect information. | |||||
| CVE-2020-15773 | 1 Gradle | 1 Enterprise | 2020-09-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Gradle Enterprise before 2020.2.4. Because of unrestricted cross-origin requests to read-only data in the Export API, an attacker can access data as a user (for the duration of the browser session) after previously explicitly authenticating with the API. | |||||
| CVE-2020-14519 | 1 Wibu | 1 Codemeter | 2020-09-22 | 5.0 MEDIUM | 7.5 HIGH |
| This vulnerability allows an attacker to use the internal WebSockets API for CodeMeter (All versions prior to 7.00 are affected, including Version 7.0 or newer with the affected WebSockets API still enabled. This is especially relevant for systems or devices where a web browser is used to access a web server) via a specifically crafted Java Script payload, which may allow alteration or creation of license files for when combined with CVE-2020-14515. | |||||
| CVE-2019-16237 | 4 Canonical, Debian, Dino and 1 more | 4 Ubuntu Linux, Debian Linux, Dino and 1 more | 2020-09-14 | 5.0 MEDIUM | 7.5 HIGH |
| Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala. | |||||
| CVE-2019-16235 | 4 Canonical, Debian, Dino and 1 more | 4 Ubuntu Linux, Debian Linux, Dino and 1 more | 2020-09-14 | 5.0 MEDIUM | 7.5 HIGH |
| Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala. | |||||
| CVE-2020-16168 | 1 Robotemi | 2 Temi, Temi Firmware | 2020-09-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors. | |||||
| CVE-2019-1447 | 1 Microsoft | 1 Office Online Server | 2020-08-24 | 5.8 MEDIUM | 5.4 MEDIUM |
| A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1445. | |||||
| CVE-2018-4319 | 1 Apple | 4 Icloud, Iphone Os, Itunes and 1 more | 2020-08-24 | 5.8 MEDIUM | 8.1 HIGH |
| A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||||
| CVE-2018-8112 | 1 Microsoft | 1 Edge | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. | |||||
| CVE-2018-8235 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge. | |||||
| CVE-2019-11723 | 1 Mozilla | 1 Firefox | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This vulnerability affects Firefox < 68. | |||||
| CVE-2019-1235 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server process does not validate the source of input or commands it receives, aka 'Windows Text Service Framework Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-13664 | 1 Google | 1 Chrome | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | |||||
| CVE-2019-13740 | 1 Google | 1 Chrome | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |||||
| CVE-2019-1413 | 1 Microsoft | 4 Edge, Windows 10, Windows Server 2016 and 1 more | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension requests and fails to request host permission for all_urls, aka 'Microsoft Edge Security Feature Bypass Vulnerability'. | |||||
| CVE-2019-1442 | 1 Microsoft | 1 Sharepoint Server | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'. | |||||
| CVE-2019-1445 | 1 Microsoft | 1 Office Online Server | 2020-08-24 | 5.8 MEDIUM | 5.4 MEDIUM |
| A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1447. | |||||