Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
origin vulnerabilities and exploits
(subscribe to this query)
384
VMScore
CVE-2016-2825
Mozilla Firefox prior to 47.0 allows remote malicious users to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Mozilla Firefox
755
VMScore
CVE-2012-4908
Google Chrome prior to 18.0.1025308 on Android allows remote malicious users to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink.
Google Chrome
1 EDB exploit
516
VMScore
CVE-2011-4968
nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)
F5 Nginx 0.7.61
F5 Nginx 0.7.62
F5 Nginx 0.7.64
F5 Nginx 0.7.65
F5 Nginx 0.7.66
F5 Nginx 0.8.33
F5 Nginx 0.8.35
F5 Nginx 0.8.36
F5 Nginx 0.8.40
F5 Nginx 1.2.6
Debian Debian Linux 8.0
605
VMScore
CVE-2013-0747
The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox prior to 18.0, Firefox ESR 17.x prior to 17.0.2, Thunderbird prior to 17.0.2, Thunderbird ESR 17.x prior to 17.0.2, and SeaMonkey prior to 2.15 does not properly enforce the Same Origin Policy, which...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Thunderbird Esr
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
383
VMScore
CVE-2016-1967
Mozilla Firefox prior to 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote malicious users to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and perform...
Mozilla Firefox
383
VMScore
CVE-2009-2472
Mozilla Firefox prior to 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote malicious users to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross...
Mozilla Firefox
Fedoraproject Fedora 10
Suse Linux Enterprise Debuginfo 10
Suse Linux Enterprise Debuginfo 11
Opensuse Opensuse 11.0
Opensuse Opensuse 11.1
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
606
VMScore
CVE-2019-6453
mIRC prior to 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome i...
Mirc Mirc
3 Github repositories
383
VMScore
CVE-2012-5841
Mozilla Firefox prior to 17.0, Firefox ESR 10.x prior to 10.0.11, Thunderbird prior to 17.0, Thunderbird ESR 10.x prior to 10.0.11, and SeaMonkey prior to 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows re...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Thunderbird Esr
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.3
Redhat Enterprise Linux Server 5.0
231
VMScore
CVE-2012-0475
Mozilla Firefox 4.x up to and including 11.0, Thunderbird 5.0 up to and including 11.0, and SeaMonkey prior to 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote malicious users to bypass an IPv6 literal ACL via a cross-site (...
Mozilla Firefox 4.0.1
Mozilla Firefox 4.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 9.0
Mozilla Firefox 10.0
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 10.0.1
Mozilla Firefox 10.0.2
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox 11.0
Mozilla Firefox 5.0
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Thunderbird 6.0.1
Mozilla Thunderbird 6.0.2
Mozilla Thunderbird 10.0.2
Mozilla Thunderbird 10.0.3
Mozilla Thunderbird 10.0.4
383
VMScore
CVE-2008-2800
Mozilla Firefox prior to 2.0.0.15 and SeaMonkey prior to 1.1.10 allow remote malicious users to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT element in an unloaded...
Mozilla Firefox 2.0.0.12
Mozilla Firefox 2.0.0.13
Mozilla Firefox 2.0.0.9
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.8
Mozilla Firefox
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.11
Mozilla Firefox 2.0.0.7
Mozilla Firefox 2.0.0.8
Mozilla Seamonkey 1.1.6
Mozilla Seamonkey 1.1.7
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.3
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.3
Mozilla Seamonkey
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Firefox 2.0.0.4
Mozilla Firefox 2.0.0.5
Mozilla Firefox 2.0.0.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »