Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
origin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-1552
Mozilla Firefox prior to 31.0 and Thunderbird prior to 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote malicious users to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect.
Mozilla Thunderbird 24.6
Mozilla Thunderbird 24.5
Mozilla Thunderbird 24.4
Mozilla Firefox
Mozilla Thunderbird 24.1
Mozilla Thunderbird 24.1.1
Mozilla Thunderbird 24.0
Mozilla Thunderbird 24.0.1
Mozilla Thunderbird
Mozilla Thunderbird 24.2
Mozilla Thunderbird 24.3
NA
CVE-2015-7184
The fetch API implementation in Mozilla Firefox prior to 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote malicious users to ...
Mozilla Firefox
7.8
CVSSv3
CVE-2023-47195
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order t...
Trendmicro Apex One 2019
Trendmicro Apex One
7.8
CVSSv3
CVE-2023-47196
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order t...
Trendmicro Apex One 2019
Trendmicro Apex One
7.8
CVSSv3
CVE-2023-47199
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order t...
Trendmicro Apex One 2019
Trendmicro Apex One
7.8
CVSSv3
CVE-2021-45441
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulate a specially crafted file to issue commands over a certain pipe and elevate to a higher level of privileges. Please note: an attacker must first obta...
Trendmicro Worry-free Business Security 10.0
Trendmicro Apex One 2019
Trendmicro Worry-free Business Security Services -
7.8
CVSSv3
CVE-2023-47201
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target sy...
Trendmicro Apex One 2019
Trendmicro Apex One
7.8
CVSSv3
CVE-2023-47200
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target sy...
Trendmicro Apex One 2019
Trendmicro Apex One
NA
CVE-2012-3985
Mozilla Firefox prior to 16.0, Thunderbird prior to 16.0, and SeaMonkey prior to 2.13 do not properly implement the HTML5 Same Origin Policy, which allows remote malicious users to conduct cross-site scripting (XSS) attacks by leveraging initial-origin access after document.domai...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
NA
CVE-2010-3847
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) up to and including 2.11.2, and 2.12.x up to and including 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 1.00
Gnu Glibc 1.06
Gnu Glibc 2.1.1
Gnu Glibc 1.02
Gnu Glibc 2.0.3
Gnu Glibc 1.07
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.12.0
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 1.04
Gnu Glibc 1.01
4 EDB exploits
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »