Giters

Rootkitsmm-zz / js-vuln-db

A collection of JavaScript engine CVEs with PoCs

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Case Study of JavaScript engine vulnerabilities

V8

JavaScriptCore

ChakraCore

  • CVE-2016-3386: Spread Operator, Stack Overflow, Richard Zhu
  • CVE-2016-7189: Array.join, Information Leak, Natalie Silvanovich, Google Project Zero
  • CVE-2016-7190: Array.map, Heap Overflow, Natalie Silvanovich, Google Project Zero
  • CVE-2016-7194: Function.apply, Information Leak, Natalie Silvanovich, Google Project Zero
  • CVE-2016-7200: Array.filter, Heap Corruption, Natalie Silvanovich, Google Project Zero
  • CVE-2016-7201: Array, Prototype, Type Confusion, Natalie Silvanovich, Google Project Zero
  • CVE-2016-7202: Array.reverse, Overflow, Natalie Silvanovich, Google Project Zero
  • CVE-2016-7203: Array.splice, Heap Overflow, Natalie Silvanovich, Google Project Zero
  • CVE-2016-7240: eval, Proxy, Type Confusion, Natalie Silvanovich, Google Project Zero
  • CVE-2016-7241: JSON.parse, Information Leak, Natalie Silvanovich, Google Project Zero
  • CVE-2016-7286: SIMD.toLocaleString, Uninitialized Memory, Natalie Silvanovich, Google Project Zero
  • CVE-2016-7287: Intl, Initialization, Type Confusion, Natalie Silvanovich, Google Project Zero

About

A collection of JavaScript engine CVEs with PoCs