Total
265 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-43531 | 1 Mozilla | 1 Firefox | 2021-12-10 | 4.3 MEDIUM | 4.3 MEDIUM |
| When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should have access to. This was fixed to provide the pre-redirect URL. This is related to CVE-2021-43532 but in the context of Web Extensions. This vulnerability affects Firefox < 94. | |||||
| CVE-2019-8069 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Macos and 5 more | 2021-11-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user. | |||||
| CVE-2021-38497 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-11-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2. | |||||
| CVE-2020-11069 | 1 Typo3 | 1 Typo3 | 2021-11-04 | 6.8 MEDIUM | 8.8 HIGH |
| In TYPO3 CMS 9.0.0 through 9.5.16 and 10.0.0 through 10.4.1, it has been discovered that the backend user interface and install tool are vulnerable to a same-site request forgery. A backend user can be tricked into interacting with a malicious resource an attacker previously managed to upload to the web server. Scripts are then executed with the privileges of the victims' user session. In a worst-case scenario, new admin users can be created which can directly be used by an attacker. The vulnerability is basically a cross-site request forgery (CSRF) triggered by a cross-site scripting vulnerability (XSS) - but happens on the same target host - thus, it's actually a same-site request forgery. Malicious payload such as HTML containing JavaScript might be provided by either an authenticated backend user or by a non-authenticated user using a third party extension, e.g. file upload in a contact form with knowing the target location. To be successful, the attacked victim requires an active and valid backend or install tool user session at the time of the attack. This has been fixed in 9.5.17 and 10.4.2. The deployment of additional mitigation techniques is suggested as described below. - Sudo Mode Extension This TYPO3 extension intercepts modifications to security relevant database tables, e.g. those storing user accounts or storages of the file abstraction layer. Modifications need to confirmed again by the acting user providing their password again. This technique is known as sudo mode. This way, unintended actions happening in the background can be mitigated. - https://github.com/FriendsOfTYPO3/sudo-mode - https://extensions.typo3.org/extension/sudo_mode - Content Security Policy Content Security Policies tell (modern) browsers how resources served a particular site are handled. It is also possible to disallow script executions for specific locations. In a TYPO3 context, it is suggested to disallow direct script execution at least for locations /fileadmin/ and /uploads/. | |||||
| CVE-2020-27969 | 1 Yandex | 1 Yandex Browser | 2021-09-22 | 7.5 HIGH | 7.3 HIGH |
| Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing | |||||
| CVE-2021-39185 | 1 Typelevel | 1 Http4s | 2021-09-15 | 6.4 MEDIUM | 9.1 CRITICAL |
| Http4s is a minimal, idiomatic Scala interface for HTTP services. In http4s versions 0.21.26 and prior, 0.22.0 through 0.22.2, 0.23.0, 0.23.1, and 1.0.0-M1 through 1.0.0-M24, the default CORS configuration is vulnerable to an origin reflection attack. The middleware is also susceptible to a Null Origin Attack. The problem is fixed in 0.21.27, 0.22.3, 0.23.2, and 1.0.0-M25. The original `CORS` implementation and `CORSConfig` are deprecated. See the GitHub GHSA for more information, including code examples and workarounds. | |||||
| CVE-2021-23986 | 1 Mozilla | 1 Firefox | 2021-08-06 | 4.3 MEDIUM | 6.5 MEDIUM |
| A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which should not have cross-origin permissions. This cross-origin request was made without cookies, so the sensitive information disclosed by the violation was limited to local-network resources or resources that perform IP-based authentication. This vulnerability affects Firefox < 87. | |||||
| CVE-2019-20329 | 1 Openlambda Project | 1 Openlambda | 2021-07-21 | 5.8 MEDIUM | 8.1 HIGH |
| OpenLambda 2019-09-10 allows DNS rebinding attacks against the OL server for the REST API on TCP port 5000. | |||||
| CVE-2019-5227 | 1 Huawei | 8 Hisuite, Hisuite Firmware, Mate 20 and 5 more | 2021-07-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version. | |||||
| CVE-2020-0695 | 1 Microsoft | 1 Office Online Server | 2021-07-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'. | |||||
| CVE-2019-3980 | 1 Solarwinds | 1 Dameware Mini Remote Control | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run under the Local System account. | |||||
| CVE-2019-4640 | 2 Ibm, Microsoft | 2 Security Secret Server, Windows | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| IBM Security Secret Server 10.7 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code which could result in an attacker executing malicious code. IBM X-Force ID: 170046. | |||||
| CVE-2019-5226 | 1 Huawei | 8 Hisuite, Hisuite Firmware, Mate 20 and 5 more | 2021-07-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version. | |||||
| CVE-2020-0647 | 1 Microsoft | 1 Office Online Server | 2021-07-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. | |||||
| CVE-2020-3864 | 2 Apple, Redhat | 9 Icloud, Ipados, Iphone Os and 6 more | 2021-05-18 | 7.2 HIGH | 7.8 HIGH |
| A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. | |||||
| CVE-2021-31718 | 1 Npupnp Project | 1 Npupnp | 2021-05-05 | 6.8 MEDIUM | 8.8 HIGH |
| The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server (including UPnP SOAP and GENA endpoints), leading to remote code execution. | |||||
| CVE-2021-28048 | 1 Devolutions | 1 Devolutions Server | 2021-04-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2020-15734 | 1 Bitdefender | 1 Safepay | 2021-04-21 | 2.1 LOW | 5.5 MEDIUM |
| An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directories. This issue affects: Bitdefender Safepay versions prior to 25.0.7.29. | |||||
| CVE-2021-21136 | 2 Google, Microsoft | 3 Android, Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-21135 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||