Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ea origin vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-19741
Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies...
Ea Origin
7.8
CVSSv3
CVE-2020-27708
A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for ...
Ea Origin
1 Article
8.8
CVSSv3
CVE-2019-12828
An issue exists in Electronic Arts Origin prior to 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin rem...
Ea Origin
1 EDB exploit
7.8
CVSSv3
CVE-2019-19248
Electronic Arts Origin up to and including 10.5.x allows Elevation of Privilege (issue 2 of 2).
Ea Origin
7.8
CVSSv3
CVE-2019-19247
Electronic Arts Origin up to and including 10.5.x allows Elevation of Privilege (issue 1 of 2).
Ea Origin
5.4
CVSSv3
CVE-2020-15914
A cross-site scripting (XSS) vulnerability exists in the Origin Client for Mac and PC 10.5.86 or earlier that could allow a remote malicious user to execute arbitrary Javascript in a target user’s Origin client. An attacker could use this vulnerability to access sensitive d...
Ea Origin Client
7.8
CVSSv3
CVE-2019-11354
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplicati...
Ea Origin 10.5.36
1 EDB exploit
8.8
CVSSv3
CVE-2019-6739
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Malwarebytes Antimalware 3.6.1.2711. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. There is an issue with the...
Malwarebytes Antimalware 3.6.1.2711
8.1
CVSSv3
CVE-2019-6453
mIRC prior to 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome i...
Mirc Mirc
3 Github repositories
7.8
CVSSv3
CVE-2019-1636
A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, could allow an malicious user to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows operating systems. An a...
Cisco Webex Teams 3.0.4533
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »