Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-346

CWE-346

Origin Validation Error

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not properly verify that the source of data or communication is valid.

557 vulnerabilities with CWE-346

CVE-2020-15733 MEDIUM

Bitdefender Antivirus Plus < 25.0.7.29 - Origin Validation Error in SafePay

CVE-2020-26234 MEDIUM

Opencast < 7.9 - Man-in-the-Middle Attack via Disabled HTTPS Hostname Verification

CVE-2020-26253 MEDIUM

Kirby CMS <3.3.6 & Kirby Panel <2.5.14 - Info Disclosure

CVE-2020-3864 HIGH

iCloud for Windows <7.17 - Info Disclosure

CVE-2020-15682 MEDIUM

Firefox < 82.0 - Origin Spoofing via External Protocol Prompt

CVE-2020-16952 HIGH

Microsoft SharePoint Server-Side Include and ViewState RCE

CVE-2020-16951 HIGH

Microsoft SharePoint - Remote Code Execution via Application Package Source Markup

CVE-2020-9903 HIGH

Safari < 13.1.2 - Password Suggestion for Wrong Domain

CVE-2020-26527 CRITICAL

Damstra Smart Asset 2020.7 - Origin Validation Error via API Version Endpoint

CVE-2020-15773 MEDIUM

Gradle Enterprise < 2020.2.4 - Unauthenticated Data Exposure via Export API

CVE-2020-14519 HIGH

CodeMeter < 7.00 - Origin Validation Error via WebSockets API

CVE-2020-15652 MEDIUM

Firefox < 79.0 and Firefox ESR < 68.11 - Origin Validation Error via JavaScript Worker Stack Trace

CVE-2020-16168 MEDIUM

temi_firmware < 1.3.7931 - Origin Validation Error

CVE-2020-1449 HIGH

Microsoft Project - Remote Code Execution via Unchecked File Source Markup

CVE-2020-1408 HIGH

Microsoft Windows Font Library - Remote Code Execution

CVE-2020-15104 MEDIUM

Envoy <1.12.6-1.15.0 - Info Disclosure

CVE-2020-14456 HIGH

Mattermost Desktop App < 4.4.0 - Origin Validation Error

CVE-2020-12397 MEDIUM

Thunderbird <68.8.0 - Info Disclosure

CVE-2020-11069 HIGH

TYPO3 CMS 9.0.0-9.5.16 and 10.0.0-10.4.1 - Same-Site Request Forgery via Malicious Uploaded Resource

CVE-2020-11868 HIGH

ntp < 4.2.8p14 and 4.3.x < 4.3.100 - Unauthenticated Denial of Service via Spoofed Server Mode Packet

CVE-2020-8984 HIGH

ZendTo < 5.22-2 Beta - IP Address Spoofing via X-Forwarded-For Header

CVE-2020-8819 HIGH

CardGate Payments <3.1.15 - Auth Bypass

CVE-2020-8818 HIGH

CardGate Payments <2.0.30 - Auth Bypass

CVE-2020-0695 MEDIUM

Office Online Server - Spoofing via Origin Validation Error

CVE-2020-0647 MEDIUM

Office Online Server - Spoofing via Origin Validation Error

Previous Page 18 of 23 Next

Details

Vulnerabilities 557

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy