5311 matches found
Microsoft Entra ID Elevation of Privilege Vulnerability
Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...
EUVD-2025-209915
An origin validation error vulnerability in the Trend Micro Apex One mac agent self-protection mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in ord...
CVE-2025-71217
An origin validation error vulnerability in the Trend Micro Apex One mac agent self-protection mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in ord...
CVE-2025-71217
An origin validation error vulnerability in the Trend Micro Apex One mac agent self-protection mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in ord...
CVE-2025-71217
An origin validation error vulnerability in the Trend Micro Apex One mac agent self-protection mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in ord...
CVE-2025-71217
Summary of CVE-2025-71217 : An origin validation error in the Trend Micro Apex One (mac) agent self-protection mechanism (TmSelfProtect) allows a local attacker who already has low-privilege code execution to escalate privileges on affected installations. The vulnerability stems from insufficient...
CVE-2025-71214
An origin validation error vulnerability in the Trend Micro Apex One mac agent iCore service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
EUVD-2025-209912
An origin validation error vulnerability in the Trend Micro Apex One mac agent iCore service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
CVE-2025-71214
An origin validation error vulnerability in the Trend Micro Apex One mac agent iCore service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
CVE-2025-71214
An origin validation error vulnerability in the Trend Micro Apex One mac agent iCore service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
EUVD-2025-209913
An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...
CVE-2025-71213
An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...
CVE-2025-71213
CVE-2025-71213 is a local privilege escalation in Trend Micro Apex One caused by an origin validation error. The public notices describe a flaw in the Apex One components (notably the NT Listener service per ZDI) where insufficient validation of the origin of commands allows a local attacker who ...
CVE-2025-71213
An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...
Langflow Origin Validation Error Vulnerability
Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh...
Astra Linux – Vulnerability in Zabbix
The cause of the vulnerability is improper validation of the “Name” field in the form input on the Graph page in the Items section...
Origin Validation Error
Overview Affected versions of this package are vulnerable to Origin Validation Error in the /ajax-api endpoints. An attacker can gain unauthorized access to the Assistant's configuration and execute arbitrary commands by sending crafted cross-origin requests from a malicious webpage. Remediation...
Origin Validation Error
Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Origin Validation Error in the /ajax-api endpoints. An attacker ca...
NetBSD 输入验证错误漏洞
NetBSD is an open-source Unix-like operating system developed by the NetBSD Foundation. Prior to version ec8451, there was a vulnerability related to input validation. This vulnerability stemmed from the fact that the local variable iovlen was declared as a signed integer in the cryptodevop...
Origin Validation Error
Dozzle is vulnerable to Origin Validation Error. The vulnerability is due to improper origin validation in the WebSocket upgrader, where connections from any origin are accepted and authenticated with the victim's JWT cookie, allowing attackers to hijack authenticated sessions and gain unauthoriz...