Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/lylemi/dom-vuln-db
A collection of Browser DOM Vulnerabilities with PoCs
https://github.com/lylemi/dom-vuln-db
browser browser-dom-vulnerabilities cve
Last synced: 25 days ago
JSON representation
A collection of Browser DOM Vulnerabilities with PoCs
- Host: GitHub
- URL: https://github.com/lylemi/dom-vuln-db
- Owner: LyleMi
- Created: 2018-09-27T10:27:26.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2018-11-20T04:01:23.000Z (about 6 years ago)
- Last Synced: 2024-08-04T23:11:00.901Z (4 months ago)
- Topics: browser, browser-dom-vulnerabilities, cve
- Homepage:
- Size: 21.5 KB
- Stars: 39
- Watchers: 7
- Forks: 17
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-security-collection - **32**星
README
# Case Study of Browser DOM Vulnerabilities
> Inspired by [js-vuln-db](https://github.com/tunz/js-vuln-db)
## Chrome
CVE Number / ID | Module | Label | Credit
--------------- | ------ | ----- | ------
[CVE-2018-6073](./Chrome/CVE-2018-6073.md) | WebGL | Heap Overflow | [email protected]
[CVE-2018-16082](./Chrome/CVE-2018-16082.md) | sw::Surface | Stack Overflow | [email protected]
[CR-666246](./Chrome/CR-666246.md) | HTMLSelectElement | UAF | ifratric
## Firefox
CVE Number | Module | Label | Credit
---------- | ------ | ----- | ------
[CVE-2016-9079](./Firefox/CVE-2016-9079.md) | nsSMILTimeContainer | UAF | Daniel Veditz
[CVE-2017-5447](./Firefox/CVE-2017-5447.md) | gfxTextRun | OOB Read | ifratric
[CVE-2017-5465](./Firefox/CVE-2017-5465.md) | ConvolvePixel | Memory Disclosure | ifratric
## Edge
CVE Number | Module | Label | Credit
---------- | ------ | ----- | ------
[CVE-2016-0003](./Edge/CVE-2016-0003.md) | CDOMTextNode | Type Confusion | unknown
[CVE-2017-0037](./Edge/CVE-2017-0037.md) | CssParser | Type Confusion | ifratric
[CVE-2017-8496](./Edge/CVE-2017-8496.md) | CssParser | Type Confusion | ifratric
[CVE-2018-1021](./Edge/CVE-2018-1021.md) | CFormElement | OOB Read | akayn
## Webkit
CVE Number | Module | Label | Credit
---------- | ------ | ----- | ------
[CVE-2018-4197](./Webkit/CVE-2018-4197.md) | RenderTreeBuilder | UAF | ifratric
[CVE-2018-4306](./Webkit/CVE-2018-4306.md) | Node | UAF | ifratric
[CVE-2018-4312](./Webkit/CVE-2018-4312.md) | AXObjectCache | UAF | ifratric
[CVE-2018-4315](./Webkit/CVE-2018-4315.md) | SVGTRefElement | UAF, SVG | ifratric
[CVE-2018-4317](./Webkit/CVE-2018-4317.md) | RenderLayer | UAF | ifratric
[CVE-2018-4318](./Webkit/CVE-2018-4318.md) | SVGTextLayoutAttributes | UAF, SVG | ifratric
[CVE-2018-4323](./Webkit/CVE-2018-4323.md) | RenderMultiColumnSet | UAF | ifratric
[CVE-2018-4328](./Webkit/CVE-2018-4328.md) | InlineTextBox | OOB Read | ifratric
## IE
CVE Number | Module | Label | Credit
---------- | ------ | ----- | ------
[CVE-2012-4792](./IE/CVE-2012-4792.md) | CButton | UAF | unknown
[CVE-2015-6152](./IE/CVE-2015-6152.md) | CObjectElement | UAF | unknown
[CVE-2018-8460](./IE/CVE-2018-8460.md) | CStyleAttrArray | Double Free | Simon Zuckerbraun