Skip to main content
CVE-2019-11595 CRITICAL POC Act Now

In uBlock before 0.9.5.15, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Open Redirect RCE Ublock Origin
NVD
CVSS 3.0
9.0
EPSS
2.4%
CVE-2019-3563 CRITICAL PATCH Act Now

Wangle's LineBasedFrameDecoder contains logic for identifying newlines which incorrectly advances a buffer, leading to a potential underflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Wangle
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2019-3561 CRITICAL Act Now

Insufficient boundary checks for the strrpos and strripos functions allow access to out-of-bounds memory. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Hhvm
NVD GitHub
CVSS 3.0
9.8
EPSS
1.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy