Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
javascriptcore vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1590
JavaScriptCore in WebKit on Apple iPhone prior to 2.0 and iPod touch prior to 2.0 does not properly perform runtime garbage collection, which allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trig...
Webkit Javascriptcore
8.8
CVSSv3
CVE-2019-8765
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.
Apple Watchos
1 EDB exploit
5.5
CVSSv3
CVE-2016-4655
The kernel in Apple iOS prior to 9.3.5 allows malicious users to obtain sensitive information from memory via a crafted app.
Apple Iphone Os
Apple Iphone Os 10.0
1 EDB exploit
14 Github repositories
8.8
CVSSv3
CVE-2017-2491
Use after free vulnerability in the String.replace method JavaScriptCore in Apple Safari in iOS prior to 10.3 allows remote malicious users to execute arbitrary code via a crafted web page, or a crafted file.
Apple Iphone Os
1 EDB exploit
1 Github repository
5.5
CVSSv3
CVE-2016-9642
JavaScriptCore in WebKit allows malicious users to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file.
Webkit Webkit -
7.5
CVSSv3
CVE-2016-10222
runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote malicious users to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a "type confusion&q...
Apple Safari 18
NA
CVE-2008-1026
Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in Apple WebKit, as used in Safari prior to 3.1.1, allows remote malicious users to execute arbitrary code via a regular expression with large, nested repetition counts, which triggers...
Apple Safari 3
Apple Safari 3.1
6.1
CVSSv3
CVE-2017-2492
An issue exists in certain Apple products. iOS prior to 10.3 is affected. Safari prior to 10.1 is affected. tvOS prior to 10.2 is affected. The issue involves the "JavaScriptCore" component. It allows remote malicious users to conduct Universal XSS (UXSS) attacks via a ...
Apple Iphone Os
Apple Safari
Apple Tvos
7.5
CVSSv3
CVE-2016-10226
JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote malicious users to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related ...
Apple Safari 18
NA
CVE-2015-5814
WebKit, as used in JavaScriptCore in Apple iOS prior to 9 and iTunes prior to 12.3, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit C...
Apple Iphone Os
Apple Safari
Apple Itunes
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »