The product does not properly verify that the source of data or communication is valid.
556 vulnerabilities with CWE-346
CVE-2024-51037
MEDIUM
kodbox < 1.52.04 - Sensitive Information Exposure via Captcha Feature in Password Reset
CVSS 5.3
CVE-2024-50654
HIGH
lilishop <= 4.2.4 - Incorrect Access Control via Coupon Collection Packet Replay
CVSS 7.5
CVE-2024-10534
CRITICAL
Dataprom Personnel Attendance Control... - Origin Validation Error
CVSS 9.8
CVE-2024-6674
HIGH
lollms_web_ui < 10 - Origin Validation Error via CORS Misconfiguration
CVSS 7.1
CVE-2024-10460
MEDIUM
Firefox < 132 and ESR < 128.4 - Origin Validation Error via Data URL in iframe
CVSS 5.3
CVE-2024-44734
HIGH
Mirotalk <9de226 - Privilege Escalation
CVSS 7.5
CVE-2024-9393
HIGH
Firefox < 131 and Firefox ESR < 115.16.0 - Origin Validation Error via Multipart Response
CVSS 7.5
CVE-2024-9392
CRITICAL
Firefox < 131 and ESR < 128.3 - Arbitrary Cross-Origin Page Loading via Compromised Content Process
CVSS 9.8
CVE-2024-44187
MEDIUM
Safari < 18 - Origin Validation Error in iframe Element
CVSS 6.5
CVE-2024-7978
MEDIUM
Google Chrome <128.0.6613.84 - Info Disclosure
CVSS 4.3
CVE-2024-41475
HIGH
Gnuboard g6 6.0.7 - Session Hijacking via CORS Misconfiguration
CVSS 8.8
CVE-2024-23458
HIGH
Zscaler Client Connector < 4.2.0.190 - Local Privilege Escalation via Reparse Point Bypass
CVSS 7.3
CVE-2024-41926
LOW
Mattermost 9.5.0-9.5.6 and 9.9.0 - Improper Access Control via RemoteId Spoofing
CVSS 2.7
CVE-2024-41143
HIGH
SKYSEA Client View 3.013.00-19.210.04e - Authenticated Arbitrary Process Execution via Origin Validation Error
CVSS 7.8
CVE-2024-22062
MEDIUM
ZXCLOUD IRAI - Privilege Escalation
CVSS 6.3
CVE-2024-5549
HIGH
stitionai devika - Origin Validation Error
CVSS 8.1
CVE-2024-36421
HIGH
Flowise 1.4.3 - Unauthenticated Origin Validation Error via CORS Misconfiguration
CVSS 7.5
CVE-2024-6301
MEDIUM
Conduit 0.8.0 - Federation User Impersonation via Origin Validation Bypass
CVSS 5.3
CVE-2024-37661
MEDIUM
TP-LINK TL-7DR5130 1.0.23 - Traffic Hijacking via Forged ICMP Redirect Messages
CVSS 6.3
CVE-2024-5905
MEDIUM
Cortex XDR Agent 7.9.0-7.9.101 and 8.1-8.1.1 - Local Denial of Service via Protection Mechanism Bypass
CVSS 4.4
CVE-2024-36303
HIGH
Trend Micro Apex One - Privilege Escalation
CVSS 7.8
CVE-2024-36302
HIGH
Trend Micro Apex One - Privilege Escalation
CVSS 7.8
CVE-2024-36472
MEDIUM
GNOME Shell through 45.7 - Unauthenticated Origin Validation Error via Portal Helper
CVSS 6.5
CVE-2024-28883
HIGH
BIG-IP APM Browser Network Access VPN Client 7.2.3-7.2.4.3 - Origin Validation Bypass
CVSS 7.4
CVE-2024-2377
HIGH
Hitachi Energy SDM600 - Origin Validation Error via HTTP Response Header
CVSS 7.6
Details
Vulnerabilities
556