Vulnerabilities > EA
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-02 | CVE-2020-27708 | Uncontrolled Search Path Element vulnerability in EA Origin A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. | 7.8 |
| 2020-11-02 | CVE-2020-15914 | Cross-site Scripting vulnerability in EA Origin Client 10.5.86 A cross-site scripting (XSS) vulnerability exists in the Origin Client for Mac and PC 10.5.86 or earlier that could allow a remote attacker to execute arbitrary Javascript in a target user’s Origin client. | 5.4 |
| 2020-02-20 | CVE-2019-19741 | Unspecified vulnerability in EA Origin Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. | 7.8 |
| 2019-12-27 | CVE-2013-4867 | Improper Privilege Management vulnerability in EA Karotz Smart Rabbit Firmware 12.07.19.00 Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking | 6.3 |
| 2019-12-12 | CVE-2019-19248 | Unspecified vulnerability in EA Origin 10.5.36/10.5.37/10.5.55.33574 Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2). | 7.8 |
| 2019-12-12 | CVE-2019-19247 | Unspecified vulnerability in EA Origin Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2). | 7.8 |
| 2019-06-14 | CVE-2019-12828 | Data Processing Errors vulnerability in EA Origin 10.5.36/10.5.37 An issue was discovered in Electronic Arts Origin before 10.5.39. | 8.8 |
| 2019-04-19 | CVE-2019-11354 | Injection vulnerability in EA Origin 10.5.36 The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. | 7.8 |