Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ea vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-19741
Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies...
Ea Origin
7.8
CVSSv3
CVE-2020-27708
A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for ...
Ea Origin
1 Article
7.8
CVSSv3
CVE-2019-19247
Electronic Arts Origin up to and including 10.5.x allows Elevation of Privilege (issue 1 of 2).
Ea Origin
6.3
CVSSv3
CVE-2013-4867
Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking
Ea Karotz Smart Rabbit Firmware 12.07.19.00
1 EDB exploit
7.8
CVSSv3
CVE-2019-11354
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplicati...
Ea Origin 10.5.36
1 EDB exploit
5.4
CVSSv3
CVE-2020-15914
A cross-site scripting (XSS) vulnerability exists in the Origin Client for Mac and PC 10.5.86 or earlier that could allow a remote malicious user to execute arbitrary Javascript in a target user’s Origin client. An attacker could use this vulnerability to access sensitive d...
Ea Origin Client
NA
CVE-2014-5921
The Need for Speed Network (aka com.ea.nfsautolog.bv) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Ea Need For Speed Network 1.0.1
7.5
CVSSv3
CVE-2016-1399
The packet-processing microcode in Cisco IOS 15.2(2)EA, 15.2(2)EA1, 15.2(2)EA2, and 15.2(4)EA on Industrial Ethernet 4000 devices and 15.2(2)EB and 15.2(2)EB1 on Industrial Ethernet 5000 devices allows remote malicious users to cause a denial of service (packet data corruption) v...
Cisco Ios 15.2\\(2\\)eb1
Cisco Ios 15.2\\(2\\)eb
Cisco Ios 15.2\\(4\\)ea
Cisco Ios 15.2\\(2\\)ea2
Cisco Ios 15.2\\(2\\)ea1
Cisco Ios 15.2\\(2\\)ea
NA
CVE-2012-1740
Unspecified vulnerability in the Oracle Application Express Listener component in Oracle Application Express Listener 1.1-ea, 1.1.1, 1.1.2, and 1.1.3 allows remote malicious users to affect confidentiality via unknown vectors.
Oracle Application Express Listener 1.1-ea
Oracle Application Express Listener 1.1.1
Oracle Application Express Listener 1.1.2
Oracle Application Express Listener 1.1.3
8.8
CVSSv3
CVE-2016-6557
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a vict...
Asus Rp-ac52 Firmware
Asus Ea-n66 Firmware -
Asus Rp-n12 Firmware -
Asus Rp-n14 Firmware -
Asus Rp-n53 Firmware -
Asus Rp-ac56 Firmware -
Asus Wmp-n12 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »