Skip to main content

Origin

6 CVEs product

Monthly

CVE-2020-27708 HIGH POC This Week

A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Origin
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2019-19248 HIGH This Week

Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Origin
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-19247 HIGH This Week

Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Origin
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-12828 HIGH POC THREAT This Week

An issue was discovered in Electronic Arts Origin before 10.5.39. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft RCE Origin
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
13.3%
CVE-2019-11354 HIGH POC THREAT This Week

The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft RCE Origin
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
23.1%
CVE-2015-8945 MEDIUM PATCH This Month

openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required.

Authentication Bypass Origin
NVD GitHub
CVSS 3.0
5.1
EPSS
0.1%
EPSS 1% CVSS 7.8
HIGH POC This Week

A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Origin
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Origin
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Origin
NVD
EPSS 13% CVSS 8.8
HIGH POC THREAT This Week

An issue was discovered in Electronic Arts Origin before 10.5.39. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft RCE Origin
NVD Exploit-DB
EPSS 23% CVSS 7.8
HIGH POC THREAT This Week

The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft RCE Origin
NVD Exploit-DB
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required.

Authentication Bypass Origin
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy