Vulnerabilities (CVE)

Filtered by CWE-346
Total 355 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-8235 1 Microsoft 3 Edge, Windows 10, Windows Server 2016 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.
CVE-2018-8112 1 Microsoft 1 Edge 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.
CVE-2018-6764 3 Canonical, Debian, Redhat 7 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 4 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
CVE-2018-6690 2 Mcafee, Microsoft 2 Application Change Control, Windows 2024-11-21 3.6 LOW 7.1 HIGH
Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system.
CVE-2018-6654 1 Grammarly 1 Grammarly 2024-11-21 6.8 MEDIUM 8.8 HIGH
The Grammarly extension before 2018-02-02 for Chrome allows remote attackers to discover authentication tokens via an 'action: "user"' request to iframe.gr_-ifr, because the exposure of these tokens is not restricted to any specific web site.
CVE-2018-5409 1 Printerlogic 1 Print Management 2024-11-21 10.0 HIGH 9.8 CRITICAL
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the code without sufficiently verifying the origin and integrity of the code. An attacker can execute malicious code by compromising the host server, performing DNS spoofing, or modifying the code in transit.
CVE-2018-5400 2 Arm, Auto-maskin 5 Arm7, Dcu 210e, Dcu 210e Firmware and 2 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices. The originating device sends a message in plaintext, 48:65:6c:6c:6f:20:57:6f:72:6c:64, "Hello World" over UDP ports 44444-44446 to the broadcast address for the LAN. Without verification devices respond to any of these broadcast messages on the LAN with a plaintext reply over UDP containing the device model and firmware version. Following this exchange the devices allow Modbus transmissions between the two devices on the standard Modbus port 502 TCP. Impact: An attacker can exploit this vulnerability to send arbitrary messages to any DCU or RP device through spoofing or replay attacks as long as they have access to the network. Affected releases are Auto-Maskin DCU-210E RP-210E: Versions prior to 3.7 on ARMv7.
CVE-2018-5157 4 Canonical, Debian, Mozilla and 1 more 10 Ubuntu Linux, Debian Linux, Firefox and 7 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
CVE-2018-5116 2 Canonical, Mozilla 2 Ubuntu Linux, Firefox 2024-11-21 7.5 HIGH 9.8 CRITICAL
WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with this permission. This vulnerability affects Firefox < 58.
CVE-2018-5109 2 Canonical, Mozilla 2 Ubuntu Linux, Firefox 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
An audio capture session can started under an incorrect origin from the site making the capture request. Users are still prompted to allow the request but the prompt can display the wrong origin, leading to user confusion about which site is making the request to capture an audio stream. This vulnerability affects Firefox < 58.
CVE-2018-4319 1 Apple 4 Icloud, Iphone Os, Itunes and 1 more 2024-11-21 5.8 MEDIUM 8.1 HIGH
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
CVE-2018-3834 1 Insteon 2 Hub, Hub Firmware 2024-11-21 7.8 HIGH 7.4 HIGH
An exploitable permanent denial of service vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using plain HTTP requests. The device doesn't check the kind of firmware image that is going to be installed and thus allows for flashing any signed firmware into any MCU. Since the device contains different and incompatible MCUs, flashing one firmware to the wrong MCU will result in a permanent brick condition. To trigger this vulnerability, an attacker needs to impersonate the remote server "cache.insteon.com" and serve a signed firmware image.
CVE-2018-20745 1 Yiiframework 1 Yii 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
Yii 2.x through 2.0.15.1 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems.
CVE-2018-20744 1 Go Cors Project 1 Go Cors 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems.
CVE-2018-18499 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.
CVE-2018-18494 4 Canonical, Debian, Mozilla and 1 more 11 Ubuntu Linux, Debian Linux, Firefox and 8 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
CVE-2018-16072 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
CVE-2018-14903 1 Epson 2 Wf-2750, Wf-2750 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
EPSON WF-2750 printers with firmware JP02I2 do not properly validate files before running updates, which allows remote attackers to cause a printer malfunction or send malicious data to the printer.
CVE-2018-12402 2 Canonical, Mozilla 2 Ubuntu Linux, Firefox 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resources otherwise unreachable to the malicious page, if they can convince the visitor to save the complete web page. Similarly, SameSite cookies are sent on cross-origin requests when the "Save Page As..." menu item is selected to save a page, which can result in saving the wrong version of resources based on those cookies. This vulnerability affects Firefox < 63.
CVE-2017-7808 1 Mozilla 1 Firefox 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
A content security policy (CSP) "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information. This vulnerability affects Firefox < 55.