• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-346

CVE-2020-0695

February 26, 2023 by

A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka ‘Microsoft Office Online Server Spoofing Vulnerability’.

CVE-2020-0647

February 26, 2023 by

A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications correctly, aka ‘Microsoft Office Online Spoofing Vulnerability’.

CVE-2019-9797

February 26, 2023 by

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66.

CVE-2019-9803

February 26, 2023 by

The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content Security Policy (CSP), navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some circumstances, allowing for potential man-in-the-middle attacks on the linked resources. This vulnerability affects Firefox < 66.

CVE-2019-9808

February 26, 2023 by

If WebRTC permission is requested from documents with data: or blob: URLs, the permission notifications do not properly display the originating domain. The notification states “Unknown origin” as the requestee, leading to user confusion about which site is asking for this permission. This vulnerability affects Firefox < 66.

CVE-2019-9817

February 26, 2023 by

Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 7
  • Go to page 8
  • Go to page 9
  • Go to page 10
  • Go to page 11
  • Interim pages omitted …
  • Go to page 25
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE