Skip to content
/ dom-vuln-db Public
forked from LyleMi/dom-vuln-db

A collection of Browser DOM Vulnerabilities with PoCs

0 stars 17 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

adrian-rt/dom-vuln-db

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits

Chrome

Chrome

 
 

Edge

Edge

 
 

Firefox

Firefox

 
 

IE

IE

 
 

Webkit

Webkit

 
 

README.md

README.md

 
 

Repository files navigation

Case Study of Browser DOM Vulnerabilities

Inspired by js-vuln-db

Chrome

CVE Number / ID Module Label Credit
CVE-2018-6073 WebGL Heap Overflow om...@krash.in
CVE-2018-16082 sw::Surface Stack Overflow om...@krash.in
CR-666246 HTMLSelectElement UAF ifratric

Firefox

CVE Number Module Label Credit
CVE-2016-9079 nsSMILTimeContainer UAF Daniel Veditz
CVE-2017-5447 gfxTextRun OOB Read ifratric
CVE-2017-5465 ConvolvePixel Memory Disclosure ifratric

Edge

CVE Number Module Label Credit
CVE-2016-0003 CDOMTextNode Type Confusion unknown
CVE-2017-0037 CssParser Type Confusion ifratric
CVE-2017-8496 CssParser Type Confusion ifratric
CVE-2018-1021 CFormElement OOB Read akayn

Webkit

CVE Number Module Label Credit
CVE-2018-4197 RenderTreeBuilder UAF ifratric
CVE-2018-4306 Node UAF ifratric
CVE-2018-4312 AXObjectCache UAF ifratric
CVE-2018-4315 SVGTRefElement UAF, SVG ifratric
CVE-2018-4317 RenderLayer UAF ifratric
CVE-2018-4318 SVGTextLayoutAttributes UAF, SVG ifratric
CVE-2018-4323 RenderMultiColumnSet UAF ifratric
CVE-2018-4328 InlineTextBox OOB Read ifratric

IE

CVE Number Module Label Credit
CVE-2012-4792 CButton UAF unknown
CVE-2015-6152 CObjectElement UAF unknown
CVE-2018-8460 CStyleAttrArray Double Free Simon Zuckerbraun

About

A collection of Browser DOM Vulnerabilities with PoCs

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published