Exploiting type confusion bugs in latest JSC and escaping the sandbox

A bug in VecDeque::reserve() of Rust's standard library allowed out-of-bound write in heap region.

Exploiting TurboFan Through Bounds Check Elimination

An analysis of an interesting vulnerability in Microsoft Edge

Exploiting four integer overflow vulnerabilities in Python and PHP

A few tricks to produce relocatable, reassemblable disassembly

Nullify dangling pointers to stop use-after-free.

Security issues caused by permission mismatch and inter-"component" interaction in ARC