Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

0day.today
0day.todayadded 2019/07/30 12:0 a.m.34 views

macOS / iOS JavaScriptCore - Loop-Invariant Code Motion (LICM) Leaves Object Property Access Unguard

macOS / iOS JavaScriptCore - Loop-Invariant Code Motion LICM Leaves Object Property Access Unguarded While fuzzing JavaScriptCore, I encountered the following modified and commented JavaScript program which crashes jsc from current HEAD and release...

0.5AI score
Exploits0
exploitpack
exploitpackadded 2019/07/30 12:0 a.m.36 views

macOS iOS JavaScriptCore - Loop-Invariant Code Motion (LICM) Leaves Object Property Access Unguarded

macOS iOS JavaScriptCore - Loop-Invariant Code Motion LICM Leaves Object Property Access Unguarded While fuzzing JavaScriptCore, I encountered the following modified and commented JavaScript program which crashes jsc from current HEAD and release...

0.5AI score
Exploits0
Exploit DB
Exploit DBadded 2019/07/30 12:0 a.m.168 views

macOS / iOS JavaScriptCore - Loop-Invariant Code Motion (LICM) Leaves Object Property Access Unguarded

While fuzzing JavaScriptCore, I encountered the following modified and commented JavaScript program which crashes jsc from current HEAD and release /System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc: function v2trigger // Force JIT compilation. for let v7 = 0; v7 1000000; v7++ if...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2019/05/21 12:0 a.m.31 views

Apple macOS 10.14.5 iOS 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized

Apple macOS 10.14.5 iOS 12.3 JavaScriptCore - Loop-Invariant Code Motion LICM in DFG JIT Leaves Stack Variable Uninitialized While fuzzing JavaScriptCore, I encountered the following modified and commented JavaScript program which crashes jsc from current HEAD and release: // Run with...

0.4AI score
Exploits0
0day.today
0day.todayadded 2019/05/21 12:0 a.m.203 views

macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT

macOS 13.37; stackspray = ; for let v15 = 0; v15 100; v15++ function v19v23 // This weird loop form might be required to prevent loop unrolling... for let v30 = 0; v30 3; v30 = v30 + "asdf" // Generates the specific CFG necessary to trigger the bug. const v33 = Error != Error; if v33 else // Forc...

8.8CVSS0.1AI score0.27687EPSS
Exploits1
Exploit DB
Exploit DBadded 2019/05/21 12:0 a.m.123 views

Apple macOS &lt; 10.14.5 / iOS &lt; 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized

While fuzzing JavaScriptCore, I encountered the following modified and commented JavaScript program which crashes jsc from current HEAD and release: // Run with --useConcurrentJIT=false // Fill the stack with the return value of the provided function. function stacksprayf // This function will...

7.4AI score
Exploits0
Rows per page
Query Builder