Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-346 (源验证错误) — Vulnerability Class 152

152 vulnerabilities classified as CWE-346 (源验证错误). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-44189 Junos OS Evolved: PTX10003 Series: MAC address validation bypass vulnerability — Junos OS Evolved 6.1 Medium2023-10-11
CVE-2023-3654 Origin Check Bypass — cashIT! - serving solutions. 9.4 Critical2023-10-03
CVE-2023-3581 WebSockets accept connections from HTTPS origin — Mattermost 6.2 Medium2023-07-17
CVE-2023-2639 Rockwell Automation FactoryTalk System Services Vulnerable to Sensitive Information Disclosure — FactoryTalk System Services 4.1 Medium2023-06-13
CVE-2022-45139 WAGO: Origin validation error through CORS misconfiguration — Compact Controller CC100 (751-9301) 5.3 Medium2023-02-27
CVE-2022-41961 BigBlueButton subject to Ineffective user bans — bigbluebutton 4.3 Medium2022-12-16
CVE-2022-41924 Tailscale Windows daemon is vulnerable to RCE via CSRF — tailscale 8.8 -2022-11-23
CVE-2022-3457 Origin Validation Error in ikus060/rdiffweb — ikus060/rdiffweb 8.8 -2022-10-13
CVE-2022-23764 TERUTEN WebCube update remote code execution vulnerability — WebCube 8.8 High2022-08-17
CVE-2022-23763 DOUZONE BIZON NeoRS file download and execute vulnerability — NeoRS 7.8 High2022-06-28
CVE-2022-1747 Dominion Voting Systems ImageCast X 访问控制错误漏洞 — ImageCast X firmware 4.6 -2022-06-24
CVE-2022-30228 Siemens SICAM GridEdge Essential 访问控制错误漏洞 — SICAM GridEdge (Classic) 8.8 High2022-06-14
CVE-2022-29818 Jetbrains JetBrains IntelliJ IDEA 访问控制错误漏洞 — IntelliJ IDEA 3.9 Low2022-04-28
CVE-2021-32985 AVEVA System Platform Origin Validation Error — AVEVA System Platform 7.2 High2022-04-04
CVE-2022-23032 F5 BIG-IP APM 访问控制错误漏洞 — BIG-IP Edge Client for Mac and Windows 8.2 -2022-01-25
CVE-2020-9060 Silicon Labs Z-Wave Chipsets 资源管理错误漏洞 — ZEN25 6.5 -2022-01-07
CVE-2021-39185 Default CORS config allows any origin with credentials — http4s 9.1 Critical2021-09-01
CVE-2020-15734 Same-origin policy vulnerability in Bitdefender Safepay — Safepay 5.5 Medium2021-04-12
CVE-2021-20199 Podman onwards 访问控制错误漏洞 — podman 5.9 -2021-02-02
CVE-2020-26251 CORS configuration is possibly vulnerable — open-zaak 4.7 Medium2020-12-18
CVE-2020-15733 URL Spoofing Vulnerability in Bitdefender SafePay (VA-8958) — Antivirus Plus 6.5 Medium2020-12-14
CVE-2020-26234 Disabled Hostname Verification in OpenCast — opencast 4.8 Medium2020-12-08
CVE-2020-26253 .dev domains treated as local in Kirby — kirby 6.8 Medium2020-12-08
CVE-2020-14519 Wibu CodeMeter WebSockets API 访问控制错误漏洞 — CodeMeter 7.5 -2020-09-16
CVE-2020-15104 TLS Validation Vulnerability in Envoy — envoy 4.6 Medium2020-07-14
CVE-2019-11777 Eclipse Paho Java client library 输入验证错误漏洞 — Eclipse Paho 7.5 -2019-09-11
CVE-2019-9498 The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-Commit — hostapd with EAP-pwd support 8.1 -2019-04-17
CVE-2019-9499 The implementations of EAP-PWD in wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit — hostapd with EAP-pwd support 8.1 -2019-04-17
CVE-2018-15723 Logitech Harmony Hub 命令注入漏洞 — Logitech Harmony Hub 9.8 -2018-12-20
CVE-2018-5400 The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices, resulting in an origin validation error — DCU-210E 9.8 -2018-10-08

Vulnerabilities classified as CWE-346 (源验证错误) represent 152 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.