22 matches found
GHSA-HPCV-96WG-7VJ8 DOMPurify: Cross-realm IN_PLACE sanitization leaves executable markup intact via realm-bound `instanceof` checks
Cross-realm INPLACE sanitization leaves executable markup intact via realm-bound instanceof checks CWE: CWE-79 XSS — Improper Neutralization of Input During Web Page Generation via CWE-693 Protection Mechanism Failure — realm-bound instanceof checks fail-open on foreign-realm DOM nodes and CWE-50...
PT-2026-49557
Cross-realm IN PLACE sanitization leaves executable markup intact via realm-bound instanceof checks CWE: CWE-79 XSS — Improper Neutralization of Input During Web Page Generation via CWE-693 Protection Mechanism Failure — realm-bound instanceof checks fail-open on foreign-realm DOM nodes and CWE-5...
CVE-2025-65570
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
EUVD-2025-205581
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
CVE-2025-65570
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
CVE-2025-65570
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
CVE-2025-65570
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
PT-2025-53725
A type confusion in jsish 2.0 allows incorrect control flow during execution of the OP NEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...
CVE-2025-65570
CVE-2025-65570 describes a type confusion in jsish 2.0 where, inside a for-in loop, an array element access used as the left-hand operand in an instanceof expression leaves an extra array reference on the stack. When OP_NEXT runs, it may treat the array as an iterator object and read an invalid f...
SUSE CVE-2012-3989
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perform a cast of an unspecified variable during use of the instanceof operator on a JavaScript object, which allows remote attackers to execute arbitrary code or cause a denial of service assertion...
SUSE CVE-2017-7820
The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects...
The vulnerability of the "instanceof" operator in Mozilla Firefox allows attackers to influence data integrity.
The vulnerability of the “instanceof” operator in Mozilla Firefox is related to the mechanism for handling X-rays. Exploiting this vulnerability allows a remote attacker to influence the integrity of data...
CVE-2017-7820
The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects...
Design/Logic Flaw
The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects...
CVE-2017-7820
The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects...
UBUNTU-CVE-2017-7820
The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects...
The vulnerabilities of Adobe Integrated Runtime and Flash Player software allow a perpetrator to execute arbitrary code.
The vulnerability of the instanceof function in Adobe Integrated Runtime and Flash Player is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by taking advantage of the processing of link handling...
flash-plugin: multiple code execution issues fixed in APSB16-04
Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260...
CVE-2016-0975
Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260...
PT-2016-1204 · Adobe +3 · Integrated Runtime +4
Name of the Vulnerable Software and Affected Versions: Adobe Integrated Runtime and Flash Player affected versions not specified Description: The issue is related to a use-after-free vulnerability in the instanceof function of Adobe Integrated Runtime and Flash Player, which is associated with th...