Skip to main content

Adblock

2 CVEs product

Monthly

CVE-2019-11594 HIGH This Week

In AdBlock before 3.45.0, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Code Injection Open Redirect RCE Adblock
NVD
CVSS 3.0
8.1
EPSS
2.4%
CVE-2015-2692 CRITICAL POC PATCH Act Now

AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites and to disable arbitrary blocking filters. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Adblock
NVD GitHub
CVSS 3.0
10.0
EPSS
0.8%
EPSS 2% CVSS 8.1
HIGH This Week

In AdBlock before 3.45.0, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Code Injection Open Redirect RCE +1
NVD
EPSS 1% CVSS 10.0
CRITICAL POC PATCH Act Now

AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites and to disable arbitrary blocking filters. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Adblock
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy