Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
origin vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-11354
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplicati...
Ea Origin 10.5.36
1 EDB exploit
5
CVSSv2
CVE-2015-3207
In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.
Openshift Origin 3.0.0
6.8
CVSSv2
CVE-2019-11595
In uBlock prior to 0.9.5.15, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect.
Ublockorigin Ublock Origin
3.5
CVSSv2
CVE-2020-15914
A cross-site scripting (XSS) vulnerability exists in the Origin Client for Mac and PC 10.5.86 or earlier that could allow a remote malicious user to execute arbitrary Javascript in a target user’s Origin client. An attacker could use this vulnerability to access sensitive d...
Ea Origin Client
4
CVSSv2
CVE-2015-5250
The API server in OpenShift Origin 1.0.5 allows remote malicious users to cause a denial of service (master process crash) via crafted JSON data.
Redhat Openshift Origin 1.0.5
2.1
CVSSv2
CVE-2014-0068
It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission.
Redhat Openshift-origin-node-util -
4.3
CVSSv2
CVE-2022-0552
A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content. This flaw affects origi...
Redhat Origin-aggregated-logging 3.11
3.6
CVSSv2
CVE-2013-0164
The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin prior to 1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
Redhat Openshift
Redhat Openshift Origin 1.0.5
7.5
CVSSv2
CVE-2012-5646
node-util/www/html/restorer.php in the Red Hat OpenShift Origin prior to 1.0.5-3 allows remote malicious users to execute arbitrary commands via a crafted uuid in the PATH_INFO.
Redhat Openshift Origin
Redhat Openshift 1.0
5.8
CVSSv2
CVE-2012-5647
Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin prior to 1.0.5-3 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PATH_INFO.
Redhat Openshift Origin
Redhat Openshift 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »