Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
origin vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-32308
Cross Site Scripting (XSS) vulnerability in uBlock Origin extension prior to 1.41.1 allows remote malicious users to run arbitrary code via a spoofed 'MessageSender.url' to the browser renderer process.
Ublock Origin Project Ublock Origin
9.8
CVSSv3
CVE-2013-2095
rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command injection
Openshift-origin-controller Project Openshift-origin-controller -
7.8
CVSSv3
CVE-2019-19247
Electronic Arts Origin up to and including 10.5.x allows Elevation of Privilege (issue 1 of 2).
Ea Origin
7.8
CVSSv3
CVE-2019-19248
Electronic Arts Origin up to and including 10.5.x allows Elevation of Privilege (issue 2 of 2).
Ea Origin
7.8
CVSSv3
CVE-2019-19741
Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies...
Ea Origin
7.8
CVSSv3
CVE-2020-27708
A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for ...
Ea Origin
1 Article
8.8
CVSSv3
CVE-2019-12828
An issue exists in Electronic Arts Origin prior to 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin rem...
Ea Origin
1 EDB exploit
9
CVSSv3
CVE-2019-11595
In uBlock prior to 0.9.5.15, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect.
Ublockorigin Ublock Origin
6.1
CVSSv3
CVE-2014-3592
OpenShift Origin: Improperly validated team names could allow stored XSS attacks
Redhat Openshift Origin
5.4
CVSSv3
CVE-2020-15914
A cross-site scripting (XSS) vulnerability exists in the Origin Client for Mac and PC 10.5.86 or earlier that could allow a remote malicious user to execute arbitrary Javascript in a target user’s Origin client. An attacker could use this vulnerability to access sensitive d...
Ea Origin Client
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »