EUVD-2024-54844

Malicious code in bioql PyPI...

CVE-2024-51775 Apache Zeppelin: Command Injection via CSWSH

Missing Origin Validation in WebSockets vulnerability in Apache Zeppelin. The attacker could access the Zeppelin server from another origin without any restriction, and get internal information about paragraphs. This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0. Users are recommended...

CVE-2023-48679

Stored cross-site scripting XSS vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 37391...

CVE-2019-1447

A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1445...

Inateck Technology WP1001 Data Forgery Issue Vulnerability

The Inateck Technology WP1001 is a wireless presentation remote control from Inateck Technology, USA. A vulnerability exists in the Inateck Technology WP1001 v1.3C for data forgery issues. The vulnerability arises from a networked system or product that does not adequately validate the origin or...