Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
origin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3649
Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D (aka D2D) API is used on Windows in conjunction with the Azure graphics back-end, allow remote malicious users to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this d...
Mozilla Firefox 7.0
Mozilla Thunderbird 7.0
NA
CVE-2010-0648
Mozilla Firefox, possibly prior to 3.6, allows remote malicious users to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.style...
Mozilla Firefox
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.5
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.14
Mozilla Firefox 3.0.13
Mozilla Firefox 2.0.0.18
Mozilla Firefox 2.0.0.17
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.9
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.3
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.11
Mozilla Firefox 2.0.0.16
Mozilla Firefox 2.0.0.15
Mozilla Firefox 2.0.0.8
Mozilla Firefox 2.0.0.7
Mozilla Firefox 2.0
NA
CVE-2002-0783
Opera 6.01, 6.0, and 5.12 allows remote malicious users to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL.
Opera Software Opera Web Browser 5.12
Opera Software Opera Web Browser 6.0
Opera Software Opera Web Browser 6.0.1
1 EDB exploit
6.5
CVSSv3
CVE-2018-0278
A vulnerability in the management console of Cisco Firepower System Software could allow an unauthenticated, remote malicious user to access sensitive data about the system. The vulnerability is due to improper cross-origin domain protections for the WebSocket protocol. An attack...
Cisco Firepower Management Center 6.2.0
Cisco Firepower Management Center 6.2.1
Cisco Firepower Management Center 6.2.2
Cisco Firepower Management Center 6.2.3
Cisco Firepower Management Center 6.1.0
NA
CVE-2011-3653
Mozilla Firefox prior to 8.0 and Thunderbird prior to 8.0 on Mac OS X do not properly interact with the GPU memory behavior of a certain driver for Intel integrated GPUs, which allows remote malicious users to bypass the Same Origin Policy and read image data via vectors related ...
Mozilla Firefox 6.0.1
Mozilla Firefox 6.0
Mozilla Firefox 4.0
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.2
Mozilla Firefox 7.0
Mozilla Firefox 6.0.2
Mozilla Firefox 3.6.12
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6.14
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.14
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.14
NA
CVE-2002-0723
Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote malicious users to read client files or invoke executable objects via the Object tag, aka "Cross Domain Verification in Object Tag."
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
1 EDB exploit
NA
CVE-2014-1552
Mozilla Firefox prior to 31.0 and Thunderbird prior to 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote malicious users to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect.
Mozilla Thunderbird 24.6
Mozilla Thunderbird 24.5
Mozilla Thunderbird 24.4
Mozilla Firefox
Mozilla Thunderbird 24.1
Mozilla Thunderbird 24.1.1
Mozilla Thunderbird 24.0
Mozilla Thunderbird 24.0.1
Mozilla Thunderbird
Mozilla Thunderbird 24.2
Mozilla Thunderbird 24.3
NA
CVE-2003-1071
rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.
Sun Sunos 5.7
Sun Solaris 7.0
Sun Sunos 5.8
Sun Solaris 8.0
Sun Sunos 5.5.1
Sun Solaris 2.5.1
Sun Solaris 9.0
Sun Solaris 2.6
Sun Sunos -
1 EDB exploit
NA
CVE-2015-7184
The fetch API implementation in Mozilla Firefox prior to 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote malicious users to ...
Mozilla Firefox
7.8
CVSSv3
CVE-2023-47193
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order t...
Trendmicro Apex One 2019
Trendmicro Apex One
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »