Microsoft Edge Chakra suffers from an incorrect usage of PushPopFrameHelper in InterpreterStackFrame::ProcessLinkFailedAsmJsModule.
53077803d9044bae974a778111a9fcaf6c3e820a11cbd47102da400e9b90b579
InterpreterStackFrame::ProcessLinkFailedAsmJsModule in Microsoft Edge Chakra incorrectly re-parses.
c53cd289f467e1de7349832a952c443f0911075c2b4e8105c672275feffcbb42
Microsoft Edge Chakra does not call SetIsCatch for all cases in PreVisitCatch.
fb550f7db174597f5dc9611f3e8ca799750409d21d7b6218303131f8b1c4cc78
WebKit JSC suffers from incorrect LoadVarargs handling in ArgumentsEliminationPhase::transform.
edbf79d7990323abaf4336e6c20ceed747d95e780f4b02cba2012766bb547326
WebKit JSC JSObject::putInlineSlow and JSValue::putToPrimitive suffer from a universal cross site scripting vulnerability.
f095b5aaa821ebc8b2b079ea176435f7ceb10452b75dab356e18e864136cf744
WebKit JSC suffers from an ObjectPatternNode::appendEntry stack use-after-free.
33b5aee90d54dea0a033cb5bc2360e1678605183705f19824210b8a033b4dff6
WebKit suffers from a JSC JSArray::appendMemcpy uninitialized memory copy vulnerability.
8d22ca5e10db1797b729dcfc5c2d6c3e3fe279ed1337004c773ea5f826eaebf4
WebKit suffers from a JSC incorrect scope register handling in DFG::ByteCodeParser::flush(InlineStackEntry* inlineStackEntry).
d3dc861b45ee21a79280a28a3f48b4c0af5d9e2ccf5aa78da8711387b3faf038
WebKit JSC suffers from an uninitialized memory reference in arrayProtoFuncSplice.
ce1c4741e5611858900581d7df034b8e7542529547943c3348da1dbda9904227
WebKit JSC suffers from a heap buffer overflow vulnerability in Intl.getCanonicalLocales.
3ce6984b8d5f3496724b9fd295322f1da9540728a002a8b0b7dee8bd77113aed
WebKit JSC arrayProtoFuncSplice fails to initialize all indices.
13dd72fa2af4303dbad93e7d94dcc56e573f5e78bf2f2a216b2508deb6db452e
WebKit JSC suffers from a JSGlobalObject::haveABadTime type confusion vulnerability.
1f481998f2bb5916dc1ba80de838274187ae1882f6a50f6e4569df9b5d0d75ba
WebKit JSC suffers from a JIT optimization check failure in IntegerCheckCombiningPhase::handleBlock.
5f12e99ad1584896ed16974eedb9cb9acb232c0a88d9e26de9c971d18be09ec8
WebKit suffers from a universal cross site scripting vulnerability in CachedFrameBase::restore.
7f962f27a8f242a3d914b7613c99b2a54149f667a258300f52a5997142ca5a32
WebKit suffers from a use-after-free vulnerability in Element::setAttributeNodeNS.
0af5bc9b464b348d07ec52a7a2be51db444e7e536f58a4b521760fee90ad844b
WebKit CachedFrame does not detach openers allowing for a universal cross site scripting vulnerability.
abb2eb80430b0760916c4951be5f62aa477b51f99147ec39961aa69d26c3fb0a
WebKit JSC suffers from an incorrect check in emitPutDerivedConstructorToArrowFunctionContextScope.
a896a4670ad6e45a86257f2de8b28d8691ca919a2a4457017498eeb0b85ae85e
WebKit JSC JSObject::ensureLength does not check if ensureLengthSlow fails.
83eb99cf5dfbcea5f2d251c4c9514c69e190833a6e6c129179d72e63ff84a076
WebKit suffers from a universal cross site scripting vulnerability via Document::prepareForDestruction and CachedFrame.
76f58739c3089ac68ae118c90504fca22a2e35012d6af4a2916f8843bee8a89b
Microsoft Windows MsMpEng suffers from a saved caller use-after-free vulnerability.
eb08a025f45ed24c82f64c6675c1bb35662e65430180b83f4bb679101ca6fdab
WebKit suffers from a universal cross site scripting vulnerability via Editor::Command::execute.
b403bbb69d0b3e963bb638919bb8560364e34988c717b45ebc3717df3f1fae75
WebKit enqueuePageshowEvent and enqueuePopstateEvent suffer from a universal cross site scripting vulnerability.
af070e1fb01da40b85a05e4da984fc2dfe9f6be669db41ba609b0417423c3c48
WebKit suffers from a variable theft issue in FrameLoader::clear via page navigation.
b2f1425e0cc7f6da7a5294cfe11ef3cbea388ebea94dcf08b5676216e6615267
WebKit suffers from a cross site scripting vulnerability in HTMLObjectElement::updateWidget.
5e1a9a4c59df034aade4206f4dcb044b4ce264d6f3524ad57ed2b3849dbbf858
WebKit suffers from a use-after-free vulnerability in WebCore::FrameView::scheduleRelayout.
2d5a02001638af79822a62eb31b6aeafa5e4f683b79a12b2a326a9028975b890