Pwn | Target | Feature | CVE/issue | Vulnerability | Comment |
---|---|---|---|---|---|
N/A | N/A | N/A | Utils | N/A | |
wasm | CVE-2017-5122 | Out of bound read | |||
wasm | async,Side effect | CVE-2018-6122 | Type confusion | ||
wasm | GC | CVE-2024-3156 | Inappropriate implementation | ||
wasm | CVE-2024-3832 | Type confusion | Need more time | ||
O | wasm | CVE-2023-4070 | Type confusion | ||
O | wasm | CVE-2024-2887 | Type confusion | ||
▵ | wasm | CVE-2024-4761 | Out of bound write | ||
▵ | wasm | issue-339736513 | Type confusion, OOB read | ||
wasm | CVE-2024-6100 | Type confusion | Variant CVE-2024-2887 | ||
wasm | CVE-2024-5158 | Type confusion | |||
wasm | Turboshaft | issue-352720899 | Type confusion | Regress | |
O | TurboFan | Concurrent compilation | CVE-2023-3420 | Type confusion | |
O | TurboFan | Side effect | CVE-2018-17463 | Type confusion | |
O | TurboFan | Property access | CVE-2021-30632 | Type confusion | |
O | TurboFan | CVE-2025-0612 | Out of bounds | ||
O | Maglev | MaglevGraphBuilder | CVE-2024-4947 | Type confusion | |
O | Maglev | MaglevGraphBuilder | CVE-2023-4069 | Type confusion | Man Yue Mo |
Map transition | Value serializer | CVE-2023-1214 | Type confusion | Man Yue Mo | |
Map transition | TryFastAddDataProperty | CVE-2024-5830 | Type confusion | Man Yue Mo | |
O | CVE-2017-5030 | Out of bound read | |||
O | 18-issue-880207 | Type confusion | |||
O | CVE-2019-5825 | Type confusion | |||
O | CVE-2020-6383 | Type confusion | |||
O | CVE-2021-21225 | Out of bound read | |||
O | CVE-2021-38003 | Type confusion | Leak Hole | ||
O | CVE-2022-1310 | Use after free | |||
O | CVE-2022-1364 | Type confusion | Leak Hole | ||
O | CVE-2022-4174 | Type confusion | Leak Hole | ||
O | CVE-2023-2033 | Type confusion | Leak Hole | ||
O | CVE-2023-3079 | Type confusion | Leak Hole | ||
CVE-2023-3420 | Type confusion | Man Yue Mo | |||
CVE-2024-4761 | Out of bound write | ||||
O | CVE-2023-4762 | Type confusion | Leak Hole | ||
CVE-2024-4947 | Type confusion | ||||
O | enum cache | CVE-2023-4427 | Out of bound read | ||
enum cache | CVE-2024-3159 | Out of bound read | |||
CVE-2024-0517 | Out of Bounds | ||||
CVE-2024-0519 | Out of bounds | ||||
O | Parser | Incorrect parsing | CVE-2024-5274 | Type confusion |
Pwn | Target | Feature | CVE/issue | Vulnerability | Comment |
---|---|---|---|---|---|
N/A | N/A | N/A | Utils | N/A | |
O | N/A | Cage_escape | 2024.6.6 | ||
wasm | issue-349529650 | function import signature check race | |||
wasm | issue-336009921 | function signature confusion | |||
wasm | issue-354408144 | function signature confusion | |||
O | wasm | CVE-2024-7024 | function signature confusion | ||
O | wasm | CVE-2024-8904 | Type confusion | ||
wasm | CVE-2024-6779 | Out of Bounds | |||
O | wasm | CVE-2024-8194 | Type confusion | incomplete CVE-2024-6100 | |
▵ | wasm | issue-348084786 | Type confusion | ||
wasm | issue-373703277 | Type confusion |
Pwn | Target | Feature | CVE/issue | Vulnerability | Comment |
---|---|---|---|---|---|
N/A | N/A | N/A | Utils | N/A | |
O | CVE-2021-30551 | Type confusion | Leak Hole | ||
O | 2022-issue-1352549 | Type confusion | Leak Hole | ||
CVE-2024-1669 | Out of bound read | reward-7000 | |||
O | CVE-2024-1283 | Heap buf overflow | |||
Compositing | CVE-2024-3157 | Out of bound write |
Pwn | Target | Feature | CVE/issue | Vulnerability | OS | Comment |
---|---|---|---|---|---|---|
N/A | N/A | N/A | Utils | N/A | N/A | |
Mojo | (19)75.0.3770.89 | Use after free | All | Refactoring | ||
O | Mojo | CVE-2019-13768 | Use after free | Windows | Mark Brand | |
O | Mojo | 20-issue-1062091 | Use after free | All | ||
Mojo | CVE-2020-16045 | Use after free | Android | |||
O | Mojo | CVE-2021-30633 | Use after free | |||
O | Mojo | CVE-2022-3075 | Insufficient data validation | All | ||
Mojo | CVE-2022-4178 | Use after free | All | |||
Mojo | CVE-2023-6347 | Use after free | ||||
X | Mojo | CVE-2023-0941 | Use after free | |||
Mojo | CVE-2023-5218 | Use after free | ||||
Mojo | CVE-2023-2934 | TOCTOU | All | |||
▵ | Mojo | C++ | CVE-2021-21146 | Use after free | All | |
X | Mojo | C++ | CVE-2021-30528 | Use after free | Android | |
Mojo | RFH | 20-issue-1068395 | Use after free | Android | ||
Mojo | IPCZ | 22-issue-40062130 | Use after free | All | ||
Mojo | 22-issue-40061915 | Use after free | All | |||
Mojo | MojoPipe | CVE-2023-6347 | Use after free | All | ||
X | Mojo | Prompts | CVE-2023-0941 | Use after free | All | |
X | Mojo | Site Isolation | CVE-2023-5218 | Use after free | All | |
Mojo | Visuals | CVE-2024-3157 | Out of bounds | All | ||
▵ | Mojo | Visuals | CVE-2024-4671 | Use after free | All | |
O | ANGLE | SwiftShader | CVE-2023-1818 | Use after free | All | |
ANGLE | SwiftShader | CVE-2018-16069 | Heap buf overflow | |||
ANGLE | SwiftShader | CVE-2022-4135 | Heap buf overflow | |||
ANGLE | SwiftShader | CVE-2023-2929 | Out of bound write | |||
O | ANGLE | SwiftShader | CVE-2023-4072 | Out of bounds | All | |
ANGLE | SwiftShader | 23-issue-40063963 | Integer overflow | All | ||
X | ANGLE | Translator | CVE-2024-3516 | Heap buffer overflow | ||
ANGLE | Vulkan | CVE-2024-2883 | Use after free | |||
ANGLE | CVE-2023-1534 | Out of bound read | All | |||
X | ANGLE | SwiftShader | CVE-2024-4058 | Type confusion | All | |
ANGLE | CVE-2016-1649 | Heap buf overflow | ||||
Skia | CVE-2023-2136 | Integer overflow | Android | ITW | ||
Skia | CVE-2023-4354 | Heap buf overflow | ||||
Skia | CVE-2023-6345 | Integer overflow | ITW | |||
Skia | Tag | CVE-2018-6126 | Heap buf overflow | All | ||
Skia | CVE-2021-37981 | Heap buf overflow | ||||
Skia | CVE-2023-4354 | Heap buf overflow | All | |||
Skia | CVE-2023-6345 | Integer overflow | ITW | |||
appcache | 2018-Hack2Win | Use after free | Windows | |||
WebRTC | CVE-2023-7024 | Heap buf overflow | ITW | |||
COM | CVE-2023-36719 | Use after free | Windows | |||
Kernel | NTOS | CVE-2023–21674 | Use after free | Windows | ||
Driver | Binder | CVE-2020-0041 | Use after free | Android | ||
Model | CVE-2021-21201 | Use after free | All | |||
23-issue-40063125 | Use after free | All | ||||
Site Isolation | CVE-2020-16017 | Use after free | ||||
Site Isolation | CVE-2022-0290 | Use after free | ||||
Navigation | CVE-2023-2721 | Use after free | All | |||
Extension | DevTools | CVE-2024-5836 | Race condition | All |
Pwn | Target | Feature | CVE/issue | Vulnerability | Comment |
---|---|---|---|---|---|
N/A | N/A | N/A | Utils | N/A | |
O | Array.slice | Side effect | CVE-2016-4622 | Out of bounds | Phrack70 |
O | Array.reverse | CVE-2018-4192 | Use after free | pwn2own-2018 |
Pwn | Target | Feature | CVE/issue | Vulnerability | OS | Comment |
---|---|---|---|---|---|---|
N/A | N/A | N/A | Utils | N/A | ||
O | WindowServer | CVE-2018-4193 | Out of bounds | Mac | pwn2own-2018 | |
SharedFileList | CVE-2024-54498 | A path handling issue | Mac | |||
WebGPU | CVE-2023-28205 | Use after free | iOS | Project zero |
Pwn | Target | Feature | CVE/issue | Vulnerability | Comment |
---|---|---|---|---|---|
N/A | N/A | N/A | Utils | N/A | |
O | SpiderMonkey | Side effect | CVE-2024-8381 | Type confusion |
Pwn | Target | Feature | CVE/issue | Vulnerability | Comment |
---|---|---|---|---|---|
N/A | N/A | N/A | Utils | N/A | |
CVE-2022-1802 | Out of bounds | pwn2own-2022 |