Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
origin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-32308
Cross Site Scripting (XSS) vulnerability in uBlock Origin extension prior to 1.41.1 allows remote malicious users to run arbitrary code via a spoofed 'MessageSender.url' to the browser renderer process.
Ublock Origin Project Ublock Origin
7.5
CVSSv2
CVE-2013-2095
rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command injection
Openshift-origin-controller Project Openshift-origin-controller -
7.2
CVSSv2
CVE-2020-27708
A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for ...
Ea Origin
1 Article
6.8
CVSSv2
CVE-2019-12828
An issue exists in Electronic Arts Origin prior to 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin rem...
Ea Origin
1 EDB exploit
7.2
CVSSv2
CVE-2019-19247
Electronic Arts Origin up to and including 10.5.x allows Elevation of Privilege (issue 1 of 2).
Ea Origin
7.2
CVSSv2
CVE-2019-19248
Electronic Arts Origin up to and including 10.5.x allows Elevation of Privilege (issue 2 of 2).
Ea Origin
7.2
CVSSv2
CVE-2019-19741
Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies...
Ea Origin
3.5
CVSSv2
CVE-2022-24864
Origin Protocol is a blockchain based project. The Origin Protocol project website allows for malicious users to inject malicious Javascript via a POST request to `/presale/join`. User-controlled data is passed with no sanitization to SendGrid and injected into an email that is d...
Originprotocol Origin Website
5
CVSSv2
CVE-2015-3207
In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.
Openshift Origin 3.0.0
2.1
CVSSv2
CVE-2014-0084
Ruby gem openshift-origin-node prior to 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly.
Redhat Openshift Origin
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »