Writeups collection for v8 js engine
CVE-2024-2625 Non-allowed main thread handle deref during off-thread parsing in v8
Analyzing the Google Chrome V8 CVE-2024-0517 Out-of-Bounds Code Execution Vulnerability
Issue 1473631 (Type Confusion in Harmony Set Methods)
Google Chrome V8 CVE-2024-0517 Out-of-Bounds Write Code Execution
The Holy Hole - Analysis of CVE-2023-2033
Abusing Liftoff assembly and efficiently escaping from sbx
CVE-2023-4427 PoC : Out of bounds memory access in V8
Getting RCE in Chrome with incomplete object initialization in the Maglev compiler
Getting RCE in Chrome with incorrect side effect in the JIT compiler
CVE-2023-3079 (Bug in the handling of the arguments object)
Google Chrome V8 ArrayShift Race Condition Remote Code Execution
Deconstructing and Exploiting CVE-2020-6418
TWO BIRDS WITH ONE STONE: AN INTRODUCTION TO V8 AND JIT EXPLOITATION
UNDERSTANDING THE ROOT CAUSE OF CVE-2021-21220 – A CHROME BUG FROM PWN2OWN 2021
EXPLOITATION OF CVE-2021-21220 – FROM INCORRECT JIT BEHAVIOR TO RCE
Exploring Chrome’s CVE-2020-6418 – Part1
The Chromium super (inline cache) type confusion
Chromium v8 js engine issue 1303458 — Use After Free
Zero Day Vulnerability: Chromium v8 js engine issue 1303458
Exploiting CVE-2021-21225 and disabling W^X