├── .gitignore ├── 2015-02-19 MSIE 9 html.iec PxchFindXch OOB read └── target.xhtml ├── 2016-04-25 - AVR.NULL 8fe.8f2 @ iexplore.exe!mshtml.dll!CThreadDialogProcParam..CThreadDialog ├── A.xhtml └── repro.html ├── 2016-02-26 MSIE 9 USER32 SmartStretchDIBits OOB read ├── repro.html ├── repro.ico ├── test.ico ├── pGenerateICO.cmd └── 24EE AVR.OOB+ODD iexplore.exe!USER32.dll!SmartStretchDIBits.html ├── 2016-05-17#2 AVR.NULL 1d5.5c3 microsoftedgecp.exe!edgehtml.dll!CSelectionManager..InitEditContext ├── x.svg ├── repro.html └── EdgeHTML issue - AVR.NULL 1d5.5c3 microsoftedgecp.exe!edgehtml.dll!CSelectionManager..Init.URL ├── 2016-08-12 AOO Writer AVR։NULL+0x4E f32.921 @ soffice.exe!tl.dll!SvStream։։Write ├── repro.rtf ├── AVR։NULL+0x4E f32.921 @ soffice.exe!tl.dll!SvStream։։Write.html └── AVR։NULL+0x4E f32.921 @ soffice.exe!tl.dll!SvStream։։Write.png ├── 2016-09-15 Assert c99.119 @ microsoftedgecp.exe!edgehtml.dll!Edit։։Selection։։SetBoundaryPositions ├── g.svg └── repro.html ├── 2016-08-17 AOO Writer AVW։NULL+0x69 8f0.3ff @ soffice.exe!msword.dll+0xA709 ├── repro.rtf ├── AVW։NULL+0x69 8f0.3ff @ soffice.exe!msword.dll+0xA709.html └── AVW։NULL+0x69 8f0.3ff @ soffice.exe!msword.dll+0xA709.png ├── 2016-08-31 Assert c46.b93 @ microsoftedgecp.exe!edgehtml.dll!CDocument։։item ├── repro.html ├── repro.xhtml ├── Microsoft Edge issue 8731652.URL └── Assert c46.b93 @ microsoftedgecp.exe!edgehtml.dll!CDocument։։item.png ├── 2014-07-09 MSIE 9 MSHTML CPtsTextParaclient..CountApes OOB read ├── repro1.html ├── repro2.html └── repro2-helper.html ├── 2015-08-03 Chrome blink..XMLDocumentParser..startElementNs NULL ptr ├── repro │ └── repro.html └── Chromium issue 516290.url ├── 2015-08-30#9 1501M - MSIE 11 AVR;NULL+0xC iexplore.exe!MSHTML.dll!COmWindowProxy;;Markup 87E44D ├── repro2 │ ├── target.html │ └── repro.html ├── repro │ ├── blank.html │ └── repro.html ├── repro.html ├── 1502C - MSIE 11 - MSHTML COmWindowProxy..Markup NULL ptr Microsoft Connect.URL ├── repro3 │ └── repro.html ├── 87E4 AVR.NULL+X iexplore.exe!MSHTML.dll!COmWindowProxy..Markup.html └── AVR;NULL+0x10 iexplore.exe!MSHTML.dll!CDoc;;UpdateDesignMode E44D.html ├── 2016-05-05 CPU usage progress style=border-top-width=21474836 ├── repro.html └── 1269351 – High CPU usage makes browser unresponsive with progress style=border-top-width21474836.URL ├── 2016-05-09 Assert 90d.90d ├── repro.html ├── EdgeHTML issue - Assert 90d.90d @ microsoftedgecp.exe!edgehtml.dll!`TextInputTextInputLoggingInstance'`2'`dynamic atexit des.URL ├── Assert 90d.90d @ microsoftedgecp.exe!edgehtml.dll!`TextInput..TextInputLogging..Instance'..`2'..`dynamic atexit destructor for 'wrapper''.png └── Assert 90d.90d @ microsoftedgecp.exe!edgehtml.dll!`TextInput..TextInputLogging..Instance'..`2'..`dynamic atexit destructor for 'wrapper''.html ├── 2016-05-19#2 AVR.NULL+4.N 5e3.eca @ firefox.exe!xul.dll!mozilla..dom..SVGSVGElement..GetIntrinsicHeight ├── image.svg ├── Bug 1267272.URL └── repro.svg ├── 2016-06-13 AVR.NULL+4.N 0b9.86a @ microsoftedgecp.exe!edgehtml.dll!COpenElements..Push ├── repro.html ├── notes.txt ├── Free 0b9.86a @ microsoftedgecp.exe!edgehtml.dll!COpenElementsPush - Microsoft Edge Development.URL ├── AVR.Free 0b9.86a microsoftedgecp.exe!edgehtml.dll!COpenElements..Push.html ├── AVR.Free 0b9.86a microsoftedgecp.exe!edgehtml.dll!COpenElements..Push.png ├── AVR.NULL+4#N 0b9.86a microsoftedgecp.exe!edgehtml.dll!COpenElements..Push.png └── AVR.NULL+4#N 0b9.86a microsoftedgecp.exe!edgehtml.dll!COpenElements..Push.html ├── 2016-05-24 Assert #.56c microsoftedgecp.exe!edgehtml.dll!CDoc..TagIdFromETag ├── repro.html ├── EdgeHTML issue - Assert #.56c microsoftedgecp.exe!edgehtml.dll!CDoc..TagIdFromETag.URL ├── Assert #.56c microsoftedgecp.exe!edgehtml.dll!CDoc..TagIdFromETag.png └── Assert ..56c microsoftedgecp.exe!edgehtml.dll!CDoc..TagIdFromETag.html ├── 2016-08-15 AOO Writer AVR։NULL+0x38 3f0.x @ soffice.exe!msword.dll+0xCE0F ├── repro 3f0.3ff.rtf ├── repro 3f0.601.rtf ├── AVR։NULL+0x38 3f0.3ff @ soffice.exe!msword.dll+0xCE0F.html ├── AVR։NULL+0x38 3f0.3ff @ soffice.exe!msword.dll+0xCE0F.png ├── AVR։NULL+0x38 3f0.601 @ soffice.exe!msword.dll+0xCE0F.html └── AVR։NULL+0x38 3f0.601 @ soffice.exe!msword.dll+0xCE0F.png ├── 2016-08-16 AVR.OOB+4.N 900.c14 @ microsoftedgecp.exe!ieapfltr.dll!Canon..UnescapeChar ├── repro.html ├── OOBR[0x18] 900.c14 @ microsoftedgecp.exe!ieapfltr.dll!Canon։։UnescapeChar〈...〉.html ├── OOBR[0x18] 900.c14 @ microsoftedgecp.exe!ieapfltr.dll!Canon։։UnescapeChar〈...〉.png └── OOBR[4.N] 900.c14 @ microsoftedgecp.exe!ieapfltr.dll!Canon..UnescapeChar......html ├── 2015-08-30#8 AVR։NULL e4d.73c @ microsoftedgecp.exe!edgehtml.dll!GetParentElement ├── repro2 │ ├── blank.svg │ └── repro.html ├── repro3 │ ├── blank.svg │ └── repro.html ├── repro - frameset.html ├── repro - unlink.html ├── repro - formatBlock.svg ├── repro - frameset.xhtml ├── AVR։NULL e4d.73c @ microsoftedgecp.exe!edgehtml.dll!GetParentElement - Microsoft Edge Development.URL ├── Internet Explorer 11 MSHTML GetParentElement NULL ptr Microsoft Connect.URL ├── AVR։NULL e4d.2f3 @ iexplore.exe!mshtml.dll!GetParentElement.html ├── AVR։NULL e4d.2f3 @ iexplore.exe!mshtml.dll!GetParentElement.png ├── AVR։NULL e4d.73c @ microsoftedgecp.exe!edgehtml.dll!GetParentElement.png └── AVR։NULL e4d.73c @ microsoftedgecp.exe!edgehtml.dll!GetParentElement.html ├── 2016-05-24 Assert #.773 microsoftedgecp.exe!edgehtml.dll!CssInitialValue..GetAttrValue ├── repro.html ├── EdgeHTML issue - Assert .773 microsoftedgecp.exe!edgehtml.dll!CssInitialValue..GetAttrValue.URL ├── Assert #.773 microsoftedgecp.exe!edgehtml.dll!CssInitialValue..GetAttrValue.html └── Assert #.773 microsoftedgecp.exe!edgehtml.dll!CssInitialValue..GetAttrValue.png ├── 2016-06-17#1 Assert 56c.5df @ microsoftedgecp.exe!edgehtml.dll!CDoc..TagIdFromETag ├── repro.html ├── Assert 56c.5df @ microsoftedgecp.exe!edgehtml.dll!CDoc..TagIdFromETag - Microsoft Edge Development.URL ├── Assert 56c.5df @ microsoftedgecp.exe!edgehtml.dll!CDoc..TagIdFromETag.html └── Assert 56c.5df @ microsoftedgecp.exe!edgehtml.dll!CDoc..TagIdFromETag.png ├── 2016-09-09 Assert 115.214 @ microsoftedgecp.exe!edgehtml.dll!Css3Calc։։GetIntoUnitValue ├── repro.html ├── Microsoft Edge bug 8862383.URL ├── Assert 596.115 @ microsoftedgecp.exe!edgehtml.dll!CFormatInfo։։CacheCalc.png └── Assert 115.214 @ microsoftedgecp.exe!edgehtml.dll!Css3Calc։։GetIntoUnitValue.png ├── 2014-03-02 MSIE 11 MSHTML BaseCSSParser..RecordProperty OOBR └── repro.html ├── 2014-05-02 MSIE 11 MSHTML CView..CalculateImageImmunity UAF ├── hasChildNodes.html └── repro.html ├── 2016-08-11 AOO Writer AVR։NULL+0x5C f15.f2b @ soffice.exe!tl.dll!String։։Equals ├── repro.rtf ├── AVR։NULL+0x5C f15.f2b @ soffice.exe!tl.dll!String։։Equals.html └── AVR։NULL+0x5C f15.f2b @ soffice.exe!tl.dll!String։։Equals.png ├── 2015-09-29 1217x - Firefox IntOverflow firefox.exe!xul.dll!nthChildGenericMatches 8775 ├── repro.html ├── 1206105 – nth-child integer overflow.URL └── IntOverflow firefox.exe!xul.dll!nthChildGenericMatches EF75.html ├── 2016-02-11 1257n - MSIE 8-11 3806 AVW.Arbitrary iexplore.exe!MSHTML.dll!CBase..VersionedGetDispID ├── 1.html ├── target.html ├── 2.html ├── MSIE 8 │ ├── repro.html │ ├── 4A52 AVR.Arbitrary iexplore.exe!mshtml.dll!ReleaseInterface.html │ └── 4A52 AVR.OOB+EVEN iexplore.exe!mshtml.dll!ReleaseInterface.html ├── repro.svg ├── MSIE9 │ ├── 2F6C AVR.NULL+EVEN iexplore.exe!ole32.dll!CopyToMQI.html │ ├── 1A69 AVR.NULL iexplore.exe!msls31.dll!LsGetHihLsimethods.html │ ├── 7F69 AVE.NULL iexplore.exe!MSHTML.dll!CBase..ContextInvokeEx.html │ ├── 0A69 AVR.OOB iexplore.exe!d2d1.dll!DrawingContext..FlushBatch.html │ ├── 34E3 AVR.NULL+EVEN iexplore.exe!MSHTML.dll!CDXFont..Initialize.html │ ├── 4A10 AVW.OOB iexplore.exe!MSHTML.dll!CFancyFormat..CFancyFormat.html │ ├── 7F69 AVR.OOB+ODD iexplore.exe!MSHTML.dll!CBase..ContextInvokeEx.html │ ├── __7F69 AVE.Free iexplore.exe!MSHTML.dll!CBase..ContextInvokeEx.html │ └── __7F69 AVE.OOB iexplore.exe!MSHTML.dll!CBase..ContextInvokeEx.html └── 3806 AVW.Arbitrary iexplore.exe!MSHTML.dll!CBase..VersionedGetDispID.html ├── 2016-04-15#2 - Firefox - Iterator 100% CPU Usage ├── repro.html └── 1124835 – Iterator Freezes Firefox completely.URL ├── 2015-10-27 1223p - MSIE 10 6359 AVR.NULL iexplore.exe!MSHTML.dll!HtmlLayout..Node..ContentParent ├── notes.txt ├── repro.html └── 6359 AVR.NULL iexplore.exe!MSHTML.dll!HtmlLayout..Node..ContentParent.html ├── 2016-10-28 AVR։NULL+0x28 935.267 @ microsoftedgecp.exe!edgehtml.dll!Layout։։ContainerBox։։UpdateDisplayNode ├── repro.html └── Microsoft Edge issue 9573413.URL ├── 2015-10-13#1 AVR.NULL 561.34e @ iexplore.exe!mshtml.dll!HashStringWordCi ├── repro.html └── 3F14 AVR.NULL iexplore.exe!mshtml.dll!HashStringWordCi.html ├── 2015-11-19 1173n - MSIE 8 AVR;NULL iexplore.exe!mshtml.dll!CStorage;;setItem 163352 ├── repro.html └── MSIE 8 AVR;NULL iexplore.exe!mshtml.dll!CStorage;;setItem 163352.html ├── 2015-11-20 AVR։NULL+4⁎N 75d.c39 @ microsoftedgecp.exe!edgehtml.dll!CAutoRange։։IsOrphaned ├── repro.html └── AVR։NULL+4⁎N 75d.c39 @ microsoftedgecp.exe!edgehtml.dll!CAutoRange։։IsOrphaned.png ├── 2015-09-15 microsoftedgecp.exe!edgehtml.dll!C(Generated)Element։։ComputeFormatsVirtual ├── RecursiveCall 653.b28 │ └── repro.html ├── RecursiveCall 653.be6 │ └── repro.html ├── AVR։NULL+4⁎N e77.3bc │ └── repro.html ├── RecursiveCall dcb.801 │ └── repro.html ├── RecursiveCall 653.64e │ └── repro.html └── EdgeHTML issue - RecursiveCall dcb.5d7.9cf.25e.51e.fb7.7b4.c8e.f9f.020.URL ├── 2015-09-28 MSIE 11 AVR;NULL+0x10 MSHTML bla bla bla 0FCD ├── repro.html └── 6CCD AVR.NULL+X iexplore.exe!MSHTML.dll!CLSRenderer..RenderLine.html ├── 2015-10-14 1246r - MSIE 10 F3F5 AVR.NULL+EVEN iexplore.exe!MSHTML.dll!CCssCalcHolder..CacheCalc ├── repro.html └── F3F5 AVR.NULL+EVEN iexplore.exe!MSHTML.dll!CCssCalcHolder..CacheCalc.html ├── 2015-12-10 1302t - Edge - 8A2F AVR.NULL+EVEN microsoftedgecp.exe!EDGEHTML.dll!CPDFHelper..SetReplacedSize └── repro.html ├── 2016-05-02 AVR.NULL+4.N 670.b00 @ microsoftedgecp.exe!edgehtml.dll!CTreePos..GetBranch ├── repro.xhtml ├── EdgeHTML issue - NULL+4N 670.b00 @ microsoftedgecp.exe!edgehtml.dll!CTreePosGetBranch.URL ├── AVR։NULL+4⁎N 670.b00 @ microsoftedgecp.exe!edgehtml.dll!CTreePos։։GetBranch.html └── AVR։NULL+4⁎N 670.b00 @ microsoftedgecp.exe!edgehtml.dll!CTreePos։։GetBranch.png ├── 2016-09-12 Assert 00d.bba @ microsoftedgecp.exe!edgehtml.dll!Tree։։TextBlockBuilder։։AddAtomRun ├── repro.html └── Microsoft Edge bug 8862388.URL ├── 2015-08-30#11 1207x - MSIE 10 AVR.NULL iexplore.exe!MSHTML.dll!CCollectionCache..CompareName 8C1AB7 ├── repro.html ├── AVR;NULL iexplore.exe!MSHTML.dll!CCollectionCache;;CompareName C81A.html └── AVR.NULL iexplore.exe!MSHTML.dll!CCollectionCache..CompareName 8C1AB7.html ├── 2015-08-30#13 1207z - MSIE 8 AVR;NULL iexplore.exe!mshtml.dll!CStringTable;;Find B8534E ├── repro.html └── MSIE 8 AVR;NULL iexplore.exe!mshtml.dll!CStringTable;;Find B8534E.html ├── 2015-10-16#2 1208b - Firefox Canvas 2d content arc method 100% CPU usage ├── repro.html └── OOM firefox.exe!xul.dll!SkPathRef..makeSpace 3B8857.html ├── 2015-10-23#1 1225l - MSIE 8 CA13A784631F84BE RecursiveCall iexplore.exe!jscript.dll!ConvertToString └── repro.html ├── 2016-03-15 1247v - Edge - FAB7 AVR.Free microsoftedgecp.exe!EDGEHTML.dll!Tree..ANode..IsInTree ├── repro.html ├── original repro │ └── repro.html ├── 53CB OOM MicrosoftEdgeCP.exe!EDGEHTML.dll!CStr.._Alloc.html └── FAB7 AVR.Free microsoftedgecp.exe!EDGEHTML.dll!Tree..ANode..IsInTree.html ├── 2016-05-10 AVR.NULL+4.N e2d.0f3 @ microsoftedgecp.exe!edgehtml.dll!CBaseScriptable..PrivateQueryInterface ├── repro.html ├── repro2.html └── EdgeHTML issue - NULL+4N e2d.0f3 @ microsoftedgecp.exe!edgehtml.dll!CBaseScriptablePrivateQueryInterface.URL ├── 2016-09-06 AVR։NULL de7.553 @ chrome.exe!chrome_child.dll!blink։։DOMDataStore։։setWrapper ├── repro.html ├── Issue 644237 - chromium - AVR։NULL de7.553 @ chrome.exe!chrome_child.dll!blink։։DOMDataStore։։setWrapper - Monorail.URL └── AVR։NULL de7.f91 @ chrome.exe!chrome_child.dll!blink։։DOMDataStore։։setWrapper.png ├── 2016-09-07 AVR։NULL+0xC 91a.06f @ chrome.exe!chrome_child.dll!v8_inspector։։V8StackTraceImpl։։topLineNumber ├── repro.html └── Issue 644629 - chromium - AVR։NULL+0xC 91a.06f @ chrome.exe!chrome_child.dll!v8_inspector։։V8StackTraceImpl։։topLineNumber -.URL ├── 2015-09-21 1228t - Chrome 753F Breakpoint chrome.exe!chrome_child.dll!base..saturated_cast └── repro.html ├── 2016-04-18 - Edge - Assert cac.075 microsoftedgecp.exe!edgehtml.dll!Tree..SvgDeepCloneBuilder..EnsureDeepCloneForUse ├── repro.html └── EdgeHTML issue.url ├── 2016-05-17#1 CPUUsage b38.085 firefox.exe!xul.dll!nsCSSBorderRenderer..DrawBorderSidesCompositeColors ├── repro.html └── Mozilla bug.url ├── 2016-05-18#2 CPUUsage 290.742 microsoftedgecp.exe!edgehtml.dll!CDotFitter..FillShapesAlongPath ├── repro.html ├── EdgeHTML issue - CPUUsage 290.742 microsoftedgecp.exe!edgehtml.dll!CDotFitter..FillShapesAlongPath.URL ├── CPUUsage 283.303 iexplore.exe!mshtml.dll!CDispSurface..DrawComplexBorder.html └── CPUUsage 283.303 iexplore.exe!mshtml.dll!CDispSurface..DrawComplexBorder.png ├── 2015-09-17 AVR.NULL+4.N f3e.b45 @ iexplore.exe!mshtml.dll!CTreePos..GetCpAndMarkup ├── repro.html ├── repro 009.2c6.html ├── repro f3e.d42.html ├── AVR։NULL+0x28 f3e.b45 @ iexplore.exe!mshtml.dll!CTreePos։։GetCpAndMarkup.png ├── AVR։NULL+0x44 f3e.d42 @ iexplore.exe!mshtml.dll!CTreePos։։GetCpAndMarkup.png ├── AVR։NULL+8 009.2c6 @ iexplore.exe!mshtml.dll!Tree։։TextBlock։։SourceNodeOfBeginPos.png └── AVR։NULL+0x10 009.2c6 @ iexplore.exe!mshtml.dll!Tree։։TextBlock։։SourceNodeOfBeginPos.png ├── 2015-10-09#1 1228u - Edge 9B1F AVR.NULL+X microsoftedgecp.exe!EDGEHTML.dll!CssCalcExpressionHelpers..GetCalcCtxFromNode └── repro.html ├── 2016-04-20 - Edge - AVR.NULL+4.N 077.fd8 microsoftedgecp.exe!edgehtml.dll!Tree..TreeWriter..CloneNodeInternal ├── repro.html └── EdgeHTML issue - NULL+4N 077.fd8 @ microsoftedgecp.exe!edgehtml.dll!TreeTreeWriterCloneNodeInternal.URL ├── 2016-04-29 AVR.NULL aae @ firefox.exe!xul.dll!mozilla..layers..BasicLayerManager..PopGroupForLayer ├── repro.html └── 1268699 – AVRNULL aae @ firefox.exe!xul.dll!mozillalayersBasicLayerManagerPopGroupForLayer.URL ├── 2016-07-27 AVR։NULL+4⁎N e7b.8e3 @ microsoftedgecp.exe!edgehtml.dll!CImplAry։։AppendIndirect〈...〉 ├── repro.html └── Microsoft Edge issue 8297088.URL ├── 2015-08-30#10 1207w - MSIE 10 AVR.NULL+0xA iexplore.exe!MSHTML.dll!HtmlLayout..Element..LastContentChild D7D8A4 └── repro.html ├── 2015-10-23#2 1224q - MSIE 10,11 AVR.NULL+0x4 iexplore.exe!dcomp.dll!DirectComposition..CDevice..RemoveDirtyRebuildableObject 52F8 ├── notes.txt └── repro.html ├── 2015-11-23 1280q - Edge C0BF Breakpoint microsoftedgecp.exe!EDGEHTML.dll!ConvertUnitValuesToSameType └── repro.html ├── 2015-12-04 1295o - MSIE 11 - 3036 IntegerOverflow iexplore.exe!DWrite.dll!SafeIntExceptionHandler.......SafeIntOnOverflow ├── repro.html └── repro2.html ├── 2016-05-09 AVR.Arbitrary b89.c4b @ iexplore.exe!mshtml.dll!CAnimatablePropertyListElement..GetCurrentValues ├── repro.html └── EdgeHTML issue - CSS Animations NULL pointers.URL ├── 2016-07-28 CPUUsage 163.0b9 @ iexplore.exe!mshtml.dll!SBidiAnalysis։։CheckIfBidiAnalysisIsNeeded └── repro.xhtml ├── 2016-09-16 AVR։NULL 9e2.015 @ microsoftedgecp.exe!edgehtml.dll!Layout։։LineBoxBuilder։։CreateLineForFlow ├── repro.html └── Microsoft Edge issue 8989831.URL ├── 2016-10-06 Assert c99.5a8 @ microsoftedgecp.exe!edgehtml.dll!Edit։։Selection։։SetBoundaryPositions ├── repro.html └── Edge issue 9227503.URL ├── 2016-10-19 AVR։NULL+0x10 1fa.bfa @ iexplore.exe!mshtml.dll!CDoc։։UpdateDesignMode ├── repro.html ├── x86 AVR։NULL+0xC 21f.1fa @ iexplore.exe!mshtml.dll!COmWindowProxy։։Markup.png └── x64 AVR։NULL+0x10 1fa.bfa @ iexplore.exe!mshtml.dll!CDoc։։UpdateDesignMode.png ├── 2015-10-02 1223r - Edge AVR.NULL+0x24 microsoftedgecp.exe!EDGEHTML.dll!Tree..TreeWriter..CloneNodeInternal C39F9C └── repro.html ├── 2015-10-06#1 1238q - MSIE 10 49FE AVW.NULL+ODD iexplore.exe!MSHTML.dll!CGeneratedContent..WrapContent └── repro.html ├── 2015-11-16 1257t - Firefox BD24 AVR.NULL firefox.exe!xul.dll!mozilla..layers..ContentClientDoubleBuffered..FinalizeFrame ├── repro.html └── Issue 1216909.url ├── 2016-04-05 - Edge - AVR.NULL+4.N e77.3bc @ microsoftedgecp.exe!edgehtml.dll!CssCalcExpressionHelpers..GetCalcCtxFromNode └── repro.html ├── 2016-05-11 Edge nested dir element with CSS columns excessive CPU usage ├── repro.html └── EdgeHTML issue - Nested dir elements with CSS columns excessive CPU usage.URL ├── 2016-05-25 AVR.NULL+4#N 109.983 microsoftedgecp.exe!edgehtml.dll!CComputeFormatState..GetComputingFirstLine ├── repro.html └── EdgeHTML issue - AVR.NULL+4N 109.983 microsoftedgecp.exe!edgehtml.dll!CComputeFormatState..GetComputingFirstLine.URL ├── 2016-10-11 OOM 164.313 @ chrome.exe!chrome_child.dll!cc։։PaintedScrollbarLayer։։RasterizeScrollbarPart └── repro.html ├── 2015-09-24 AVR.NULL 4df.0e2 @ iexplore.exe!mshtml.dll!CInclusionWalker..NextBranch └── repro.html ├── 2015-09-30 1223q - Edge AVR.NULL microsoftedgecp.exe!EDGEHTML.dll!CDocument..getElementsByTagNameNSInternal E39B4D └── repro.html ├── 2015-10-05 1238k - Firefox EFD8 AVR.NULL+EVEN firefox.exe!xul.dll!InlineBackgroundData..GetContinuousRect └── repro.html ├── 2016-04-22 - AVR.NULL b02.0f5 microsoftedgecp.exe!edgehtml.dll!CDocument..getElementsByTagNameNSInternal ├── repro.html └── EdgeHTML issue - NULL b02.0f5 @ microsoftedgecp.exe!edgehtml.dll!CDocumentgetElementsByTagNameNSInternal.URL ├── 2016-06-21 Magic value mitigations ├── SkyLined - Magic values in 32-bit processes and 64-bit OS-es.URL ├── 1177r - verifier.dll AVrfDebugPageHeapAllocate incorrect memory initialization │ └── 2015-08-27 Chromium 525288 │ │ └── Chromium Issue 525288.URL └── repro.html ├── 2016-09-14 Assert 732.b0f @ microsoftedgecp.exe!edgehtml.dll!CScriptCollection։։GetHolderForLanguageHelper └── repro.html ├── 2016-10-05 Assert 943.e56 @ microsoftedgecp.exe!edgehtml.dll!Collections։։SCircularBuffer〈...〉։։GetAt ├── Edge issue 9227510.URL └── repro.html ├── 2016-10-21#3 AVR։NULL+N 983.653 @ microsoftedgecp.exe!edgehtml.dll!CElement։։ApplyInnerOuterFormats ├── repro.html └── Microsoft Edge issue 9457946.URL ├── 2014-05-14 MSIE 9 MSHTML CMarkup..ReloadInCompatView UAF └── repro.html ├── 2015-11-17 AVR.NULL+N 43f.355 microsoftedgecp.exe!edgehtml.dll!CColorValue..IsDefined ├── repro.html ├── EdgeHTML issue - AVR.NULL+0x7 microsoftedgecp.exe!EDGEHTML.dll!CColorValue..IsDefined B410.URL └── AVR.NULL+N 43f.355 microsoftedgecp.exe!edgehtml.dll!CColorValue..IsDefined.html ├── 2016-04-19 - AVR.NULL+4.N 9c5.305 microsoftedgecp.exe!edgehtml.dll!Tree..TreeReader..GetNextPreorderNode ├── repro3.html ├── repro.html ├── repro.svg └── EdgeHTML issue - NULL+4N 9c5.305 @ microsoftedgecp.exe!edgehtml.dll!TreeTreeReaderGetNextPreorderNode.URL ├── 2016-04-26 Assert 95d.1d3 @ microsoftedgecp.exe!edgehtml.dll!CCounterManager..UpdateCounter ├── repro.html └── EdgeHTML issue - Assert 95d.1d3 microsoftedgecp.exe!edgehtml.dll!CCounterManagerUpdateCounters.URL ├── 2016-07-06#1 RecursiveCall 4b8.bc1 @ iexplore.exe!mshtml.dll!CDispContainer..FinalizeChildren └── repro.html ├── 2015-08-30#14 1173m - MSIE 8 AVR;NULL+0x84 iexplore.exe!mshtml.dll!CMarkup;;EmbedPointers 9BE518 └── repro.html ├── 2015-09-23 1223u - Edge AVR.NULL+0x4 microsoftedgecp.exe!chakra.dll!Js..JavascriptError..Is E748 ├── repro.html └── AVR.NULL+0x4 microsoftedgecp.exe!chakra.dll!Js..JavascriptError..Is E748.html ├── 2015-11-05 1257s - Chrome A9F0 AVR.NULL+EVEN chrome.exe!chrome_child.dll!blink..WebVector.......{ctor} ├── repro.html └── Issue 545855.url ├── 2015-12-09 1302s - Edge - A469 AVR.NULL microsoftedgecp.exe!EDGEHTML.dll!CJScript9Holder..FastVarToDispatch └── repro.html ├── 2016-05-06 AVR.NULL+4.N bc8.8e7 @ microsoftedgecp.exe!edgehtml.dll!Tree..TreeWriter..SpliceOut ├── repro.html └── EdgeHTML issue - NULL+4N bc8.8e7 @ microsoftedgecp.exe!edgehtml.dll!TreeTreeWriterSpliceOut.URL ├── 2016-10-20 Assert 0d9.96b @ firefox.exe!xul.dll!gfxFontGroup։։GetDefaultFont ├── Mozilla Firefox bug 1311612.URL ├── repro.svg ├── Source։ gfx ⁄ thebes ⁄ gfxTextRun.cpp line 1847.URL └── x86 Assert 0d9.96b @ firefox.exe!xul.dll!gfxFontGroup։։GetDefaultFont.png ├── 2015-08-30#1 AVR.NULL 1ff.228 @ iexplore.exe!mshtml.dll!CTsfTextStore..Initialize ├── repro.html ├── repro2.html ├── AVR.NULL+4#N 868.1ff iexplore.exe!mshtml.dll!Tree..ElementNode..GetCElement.html ├── AVR.NULL+4#N 868.1ff iexplore.exe!mshtml.dll!Tree..ElementNode..GetCElement.png └── AVR;NULL+0x10 iexplore.exe!MSHTML.dll!Tree;;ElementNode;;GetCElement AF0F.html ├── 2015-09-25 1226r - MSIE 8 03FC AVR.NULL+X iexplore.exe!mshtml.dll!CTableRowGroupBlock..RowCount ├── repro.html └── 03FC AVR.NULL+X iexplore.exe!mshtml.dll!CTableRowGroupBlock..RowCount.html ├── 2015-10-29 1257r - Chrome 5BEF AVR.NULL+EVEN chrome.exe!chrome_child.dll!blink..Node..isShadowRoot ├── repro.html └── Issue 545852.url ├── 2016-04-13 - Edge - Assert 0c3.485 @ microsoftedgecp.exe!edgehtml.dll!Tree..TreeWriter..MoveNodeLegacy ├── repro.html └── EdgeHTML issue - Assert 0c3.485 @ microsoftedgecp.exe!edgehtml.dll!TreeTreeWriterMoveNodeLegacy.URL ├── 2016-06-22#2 1312A - Chrome on x64 - createImageData arbitrary read&write ├── CVE-2014-1736.URL └── Chromium 359802.URL ├── 2016-09-13 Assert c99.5c0 @ microsoftedgecp.exe!edgehtml.dll!Edit։։Selection։։SetBoundaryPositions ├── repro c99.5c0.html └── repro c99.3af.html ├── 2016-09-19 AVR։NULL+0x10 ea0.a69 @ firefox.exe!xul.dll!mozilla։։EditorBase։։IsTextNode ├── Bug 1301663.URL ├── repro.html └── AVR։NULL+0x10 edc.f54 @ firefox.exe!xul.dll!nsEditor։։IsTextNode.png ├── 2015-08-30#6 AVR.NULL 4df.0e2 @ iexplore.exe!mshtml.dll!CInclusionWalker..NextBranch ├── repro.html ├── Microsoft Edge issue 1599878.URL └── AVR.NULL 4df.0e2 @ iexplore.exe!mshtml.dll!CInclusionWalker..NextBranch.html ├── 2015-08-30#7 1173q - MSIE 11 CSS animation keyframes font NULL ptrs ├── repro.xhtml └── AVR;Arbitrary iexplore.exe!ntdll.dll!LdrpValidateUserCallTarget 0BC8.html ├── 2015-09-22 1228v - Chrome 11F6 AVR.NULL+X chrome.exe!chrome_child.dll!blink..ComputedStyle..hasExplicitlyInheritedProperties └── repro.html ├── 2015-11-03 1256u - MSIE 8 79F4 AVR.NULL+EVEN iexplore.exe!mshtml.dll!CGeneratedContent..IsBeginNode └── repro.html ├── 2015-11-30 1294m - MSIE 8 EC17 AVR.NULL+EVEN iexplore.exe!mshtml.dll!CTableRowBlock..ColumnCount ├── repro.html └── EC17 AVR.NULL+EVEN iexplore.exe!mshtml.dll!CTableRowBlock..ColumnCount.html ├── 2016-04-15#1 - Edge - RecursiveCall dcb.5d7.9cf.25e.51e.fb7.7b4.c8e.f9f.020 @ microsoftedgecp.exe!edgehtml.dll!CGeneratedElement..ComputeForma ├── repro.html └── EdgeHTML issue - RecursiveCall dcb.5d7.9cf.25e.51e.fb7.7b4.c8e.f9f.020.URL ├── 2016-04-21#2 Assert b42.46d microsoftedgecp.exe!edgehtml.dll!CGeneratedContentInfo..AddFixupNodeAsDependentFromDescendantOwner ├── repro Assert b42.46d.html └── Edge issue 7290988.URL ├── 2016-07-06#2 Assert efc.2c0 @ microsoftedgecp.exe!edgehtml.dll!CJScript9Holder..GetPrototype └── repro.html ├── 2016-07-07#1 AVR.NULL+2.N 41b.16f @ microsoftedgecp.exe!edgehtml.dll!Tree..ANode..IsInTree ├── repro.html ├── IsInTree NULL pointer - Microsoft Edge Development.URL ├── AVR.NULL+2#N 41b.16f microsoftedgecp.exe!edgehtml.dll!Tree..ANode..IsInTree.html └── AVR.NULL+2#N 41b.16f microsoftedgecp.exe!edgehtml.dll!Tree..ANode..IsInTree.png ├── 2016-09-20 AVR։NULL+0x4C 05a.40a @ microsoftedgecp.exe!edgehtml.dll!Tree։։ANode։։LayoutPlacement ├── repro.html └── Microsoft Edge issue 9007925.URL ├── 2016-10-27 Assert c99.d84 @ microsoftedgecp.exe!edgehtml.dll!Edit։։Selection։։SetBoundaryPositions ├── repro.html └── Microsoft Edge issue 9564413.URL ├── 2015-11-18 1223w - Edge AVR.NULL+0x8 iexplore.exe!MSHTML.dll!Tree..ElementNode..GetCEle ├── repro.html ├── AB0F AVR.NULL+X iexplore.exe!MSHTML.dll!Tree..ElementNode..GetCElement.html ├── AVR.NULL+0x10 iexplore.exe!MSHTML.dll!Tree..ElementNode..GetCElement ABA2.html ├── AVR.NULL+0x8 iexplore.exe!MSHTML.dll!Tree..ElementNode..GetCElement AB0F.html └── AVR.NULL+0x8 iexplore.exe!MSHTML.dll!Tree..ElementNode..GetCElement C00F.html ├── 2015-11-24 1280q - Edge B260 AVR.NULL microsoftedgecp.exe!EDGEHTML.dll!Layout..ContainerBox..GetParentDisplayNodeForPositionedBox └── repro.html ├── 2015-12-11#2 1302v - Edge - D473 AVR.NULL microsoftedgecp.exe!EDGEHTML.dll!Tree..STextPosition..CalculateCP └── repro.html ├── 2016-05-16 AVR.NULL+4#N fe6.a29 microsoftedgecp.exe!edgehtml.dll!Tree..ANode..GetFirstNodeLocation ├── repro.html └── EdgeHTML issue - NULL+4N fe6.a29 microsoftedgecp.exe!edgehtml.dll!TreeANodeGetFirstNodeLocation.URL ├── 2016-06-14 AVR.NULL+4.N c33.013 @ microsoftedgecp.exe!edgehtml.dll!CTreePos..TestFlag ├── repro.html ├── AVR.NULL+4N c33.013 @ microsoftedgecp.exe!edgehtml.dll!CTreePosTestFlag - Microsoft Edge Development.URL └── x86 - AVR.NULL+4.N c33.013 @ microsoftedgecp.exe!edgehtml.dll!CTreePos..TestFlag.html ├── 2016-07-05 FailFast dbd.285 iexplore.exe!mshtml.dll!CTitleElement..Notify ├── 2.html ├── repro.html ├── FailFast dbd.285 iexplore.exe!mshtml.dll!CTitleElement..Notify.html └── FailFast dbd.285 iexplore.exe!mshtml.dll!CTitleElement..Notify.png ├── 2016-07-26 AVR։NULL+4⁎N b00.e6c @ microsoftedgecp.exe!edgehtml.dll!Tree։։ANode։։Parent ├── repro.html ├── Another NULL pointer in microsoftedgecp.exe!edgehtml.dll!Tree։։ANode։։Parent - Microsoft Edge Development.URL ├── AVR։NULL+4⁎N b00.e6c @ microsoftedgecp.exe!edgehtml.dll!Tree։։ANode։։Parent.html └── AVR։NULL+4⁎N b00.e6c @ microsoftedgecp.exe!edgehtml.dll!Tree։։ANode։։Parent.png ├── 2016-09-29 RecursiveCall a54.e7e @ microsoftedgecp.exe!edgehtml.dll!CElement։։ApplyDefaultFormat ├── repro.xhtml └── Microsoft Edge bug 9132521.URL ├── 2016-10-07 Assert c99.227 @ microsoftedgecp.exe!edgehtml.dll!Edit։։Selection։։SetBoundaryPositions └── repro.html ├── 2016-10-14 Assert 1da.c56 @ microsoftedgecp.exe!edgehtml.dll!SBidiAnalysis։։GetCharProperties ├── repro.html └── Microsoft Edge issue 9370061.URL ├── 2015-08-30#4 1207o - MSIE 8,9,10,11 AVR;NULL iexplore.exe!MSHTML.dll!HDLDESC;;FindPropDescForName 1E4E03 ├── repro.html └── AVR;NULL iexplore.exe!MSHTML.dll!CBase;;FindPropDescForName 4E03.html ├── 2015-09-16 1174j - MSIE 8,9,10,11 RecursiveCall iexplore.exe!vbscript.dll!RegExpCompAssignRemLen 84 ├── repro.html └── RecursiveCall iexplore.exe!vbscript.dll!RegExpComp;;AssignRemLen 84.html ├── 2015-10-08 1238s - Edge A43E AVR.NULL microsoftedgecp.exe!EDGEHTML.dll!CJScript9Holder..FastVarToDispatch ├── repro.html └── Various NULL pointers @ microsoftedgecp.exe!EDGEHTML.dll!CJScript9Holder..FastVarToDispatch.html - Microsoft Edge Developmen.URL ├── 2015-11-27 1294k - MSIE 8 1D21 AVR.NULL+EVEN iexplore.exe!mshtml.dll!CDisplayBox..NonConstBlock ├── repro.html └── 1D21 AVR.NULL+EVEN iexplore.exe!mshtml.dll!CDisplayBox..NonConstBlock.html ├── 2015-12-08 1302q - MSIE 8 - E6E6 AVR.NULL+ODD iexplore.exe!mshtml.dll!CView..HitTestPoint ├── repro.html └── E6E6 AVR.NULL+ODD iexplore.exe!mshtml.dll!CView..HitTestPoint.html ├── 2016-04-12 - Edge - AVR.NULL+4.N 92f.464 @ microsoftedgecp.exe!chakra.dll!Js..JavascriptError..Is └── repro.html ├── 2016-04-28 AVR.NULL c09.270 @ firefox.exe!xul.dll!nsEditor..DeleteSelectionAndPrepareToCreateNode ├── Bug 1268482.URL └── repro.html ├── 2016-05-03 AVR.NULL 1d5.5c3 @ microsoftedgecp.exe!edgehtml.dll!CSelectionManager..InitEditContext ├── repro.svg └── EdgeHTML issue - NULL 1d5.5c3 @ microsoftedgecp.exe!edgehtml.dll!CSelectionManagerInitEditContext.URL ├── 2016-05-19#4 AVR.NULL+4.N edc.f54 @ firefox.exe!xul.dll!nsEditor..IsTextNode ├── repro.html ├── 1254975 – NULL pointer crash in nsEditorIsTextNode.URL ├── repro.xhtml ├── AVR.NULL+4#N edc.f54 firefox.exe!xul.dll!nsEditor..IsTextNode.png └── AVR.NULL+4#N edc.f54 firefox.exe!xul.dll!nsEditor..IsTextNode.html ├── 2016-06-23 AVR.NULL+4.N a05.7ab @ microsoftedgecp.exe!edgehtml.dll!CMarkup..GetStylesheetMarkupContext ├── repro.html └── NULL+4N a05.7ab @ microsoftedgecp.exe!edgehtml.dll!CMarkupGetStylesheetMarkupContext - Microsoft Edge Development.URL ├── 2016-08-10 AVR։NULL+0x10 edc.f54 @ firefox.exe!xul.dll!nsEditor։։IsTextNode ├── repro.html ├── 1254975 – NULL pointer crash in nsEditorIsTextNode.URL ├── AVR։NULL+0x10 edc.f54 @ firefox.exe!xul.dll!nsEditor։։IsTextNode.png └── AVR։NULL+0x10 edc.f54 @ firefox.exe!xul.dll!nsEditor։։IsTextNode.html ├── 2015-10-22 1211x - Chrome AVR.NULL+0x8 chrome.exe!chrome_child.dll!WTF..HashTable.......lookup B67A7A ├── repro.html └── Issue 544116 - chromium - B67A AVRNULL+EVEN chrome.exe!chrome_child.dll!WTFHashTable...lookup - An open-source project to he.URL ├── 2015-10-26 1252q - MSIE 8 0F5C AVR.NULL+EVEN iexplore.exe!mshtml.dll!CExposedAttrIterator..NextSpecial └── repro.html ├── 2015-11-09 1259l - MSIE 8 C6C61D1CAB8CD8E931C0C0D264B3D770 RecursiveCall iexplore.exe!mshtml.dll!Ptls5..FsAdjustPageVertical └── repro.html ├── 2015-11-10 1259q - Edge 8605EF RecursiveCall microsoftedgecp.exe!EDGEHTML.dll!CDispContainer..FinalizeChildren └── repro.html ├── 2015-11-18 1226s - MSIE 9 405F AVR.NULL iexplore.exe!MSHTML.dll!CDomRange..surroundContents ├── repro.html └── 405F AVR.NULL iexplore.exe!MSHTML.dll!CDomRange..surroundContents.html ├── 2015-12-01 1294q - Edge A3CA Assert microsoftedgecp.exe!EDGEHTML.dll!CCounterManager..UpdateCounters └── repro.html ├── 2015-12-07 1595m - MSIE 10 0C0D AVE.NULL iexplore.exe!MSHTML.dll!TransitionUpdateMsTransformValues └── repro.html ├── 2015-12-11#1 AVR։NULL+0x10 2c6.581 @ microsoftedgecp.exe!edgehtml.dll!Layout։։LayoutBox։։GetRangeRectsForChildBox └── repro.html ├── 2016-05-18#1 AVR.NULL 527.202 @ iexplore.exe!mshtml.dll!CCaret..SetHeightAndReflow ├── repro.svg ├── AVR.NULL 527.202 iexplore.exe!mshtml.dll!CCaret..SetHeightAndReflow.png └── AVR.NULL 527.202 iexplore.exe!mshtml.dll!CCaret..SetHeightAndReflow.html ├── 2016-06-24 AVR.NULL+4#N fdc.7e7 microsoftedgecp.exe!edgehtml.dll!Tree..NodeLocation..AttachToNode ├── repro.html └── NULL ptr in microsoftedgecp.exe!edgehtml.dll!TreeNodeLocationAttachToNode - Microsoft Edge Development.URL ├── 2016-07-04 AVR.NULL+4.N a93.16f @ iexplore.exe!mshtml.dll!CTransitionPropertyDefinition..ParsePropertyToken ├── repro AVR։NULL+N a93.058.xhtml └── repro AVR։NULL+N a93.16f.svg ├── 2016-07-12#4 Edge CPUUsage & MSIE 11 NULL ptr with removeFormat ├── repro - removeFormat.svg ├── AVR։NULL e4d.2f3 @ iexplore.exe!mshtml.dll!GetParentElement.png ├── AVR։NULL e4d.2f3 @ iexplore.exe!mshtml.dll!GetParentElement.html └── CPUUsage 91b.a85 @ microsoftedgecp.exe!emodel.dll!CTabWindow։։_TabWindowThreadProc.html ├── 2016-07-25 AVR։NULL+4⁎N 733.4f3 @ microsoftedgecp.exe!edgehtml.dll!CDispNode։։GetDispClient ├── repro.html └── AVR։NULL+4⁎N 733.4f3 @ microsoftedgecp.exe!edgehtml.dll!CDispNode։։GetDispClient - Microsoft Edge Development.URL ├── 2016-10-10 AVR։NULL+0x7C d87.353 @ firefox.exe!xul.dll!mozilla։։dom։։HTMLTrackElement։։HTMLTrackElement ├── Bugzilla@Mozilla 1308862.URL └── repro.svg ├── 2015-08-30#5 AVR.NULL+4.N f0b.7d7 @ iexplore.exe!mshtml.dll!CGeneratedContent..ValidateCounterValue ├── repro.html └── 1175n - MSIE 11 MSHTML MSHTML!CGeneratedContent..ValidateCounterValue NULL+0x4 AVR Microsoft Connect.URL ├── 2015-10-09#2 1244u - Edge 762C AVR.NULL+EVEN microsoftedgecp.exe!EDGEHTML.dll!Tree..TreeReader..GetNextPreorderNode └── repro.html ├── 2015-10-20 1246u - MSIE 11 0CB4 AVR.NULL+EVEN iexplore.exe!MSHTML.dll!CDispRoot..FindRootScroller └── repro.html ├── 2015-11-02 AVR։NULL 670.d75 @ iexplore.exe!mshtml.dll!CTreePos։։GetBranch ├── repro.html └── AVR։NULL 670.d75 @ iexplore.exe!mshtml.dll!CTreePos։։GetBranch.html ├── 2015-11-06 1259k - MSIE 8 9477CF4F77 RecursiveCall iexplore.exe!mshtml.dll!CBlockContainerBlock..BuildBlockContainer └── repro.html ├── 2015-11-26 1280u - MSIE 10 2327 AVR.NULL iexplore.exe!MSHTML.dll!CTreePos..TestFlag ├── repro.html └── 2327 AVR.NULL iexplore.exe!MSHTML.dll!CTreePos..TestFlag.html ├── 2015-12-02 1280s - Edge C65A AVR.NULL+EVEN microsoftedgecp.exe!EDGEHTML.dll!CJScript9Holder..CBaseToVar └── repro.xhtml ├── 2016-08-31 AVR։NULL+0x4C 067.c2a @ microsoftedgecp.exe!edgehtml.dll!CTreeNode։։Element ├── repro.xhtml ├── repro CPUUsage.xhtml ├── repro AVR։NULL+0x4C 067.c2a.xhtml ├── edgehtml.dll!CTreeNode։։Element - Microsoft Edge issue 8720750.URL └── AVR։NULL+0x4C 067.c2a @ microsoftedgecp.exe!edgehtml.dll!CTreeNode։։Element.png ├── 2015-08-30#2 1173o - MSIE 9-11 MSHTML CCanvasCompositor..~CCanvasCompositor NULL AVR ├── repro.html ├── repro2.html ├── repro1.html ├── AVR;NULL+0x80 iexplore.exe!MSHTML.dll!CDispSurface;;DiscardAllLayers 20BA.html ├── AVR;NULL+0x88 iexplore.exe!MSHTML.dll!CCanvasCompositor;;~CCanvasCompositor BA0C.html ├── AVR;NULL+0x88 iexplore.exe!MSHTML.dll!CCanvasCompositor;;~CCanvasCompositor BA2B.html ├── AVR;NULL+0x9C iexplore.exe!MSHTML.dll!CCanvasCompositor;;~CCanvasCompositor BA0C.html └── AVR;NULL+0x9C iexplore.exe!MSHTML.dll!CCanvasCompositor;;~CCanvasCompositor BAA5.html ├── 2016-04-14#3 - MSIE 10 - 47E2 AVR.NULL+EVEN iexplore.exe!MSHTML.dll!CTreeNode..ComputeFormats ├── repro.html └── 47E2 AVR.NULL+EVEN iexplore.exe!MSHTML.dll!CTreeNode..ComputeFormats.html ├── 2016-05-19#1 Assert #.0c6 microsoftedgecp.exe!edgehtml.dll!BASICPROPPARAMS..GetColor ├── repro.html ├── EdgeHTML issue - Assert #.0c6 microsoftedgecp.exe!edgehtml.dll!BASICPROPPARAMS..GetColor.URL ├── Assert #.0c6 microsoftedgecp.exe!edgehtml.dll!BASICPROPPARAMS..GetColor.png └── Assert ..0c6 microsoftedgecp.exe!edgehtml.dll!BASICPROPPARAMS..GetColor.html ├── 2016-06-22#1 AVR.NULL+4.N 3eb.d47 @ iexplore.exe!mshtml.dll!CDispNode..NodeReader ├── repro.html ├── AVR.NULL+4.N 3eb.d47 @ iexplore.exe!mshtml.dll!CDispNode..NodeReader.png └── AVR.NULL+4.N 3eb.d47 @ iexplore.exe!mshtml.dll!CDispNode..NodeReader.html ├── 2016-07-13#2 AVR.NULL+4.N b00.bf9 @ microsoftedgecp.exe!edgehtml.dll!Tree..ANode..Parent ├── repro.html ├── NULL pointer in microsoftedgecp.exe!edgehtml.dll!TreeANodeParent - Microsoft Edge Development.URL ├── AVR.NULL+4#N b00.bf9 microsoftedgecp.exe!edgehtml.dll!Tree..ANode..Parent.html └── AVR.NULL+4#N b00.bf9 microsoftedgecp.exe!edgehtml.dll!Tree..ANode..Parent.png ├── 2016-07-14 AVR։NULL+4⁎N 013.2aa @ microsoftedgecp.exe!edgehtml.dll!Tree։։TextNode։։IsGeneratedReplacement ├── repro.html └── NULL pointer in microsoftedgecp.exe!edgehtml.dll!Tree։։TextNode։։IsGeneratedReplacement - Microsoft Edge Development.URL ├── 2016-07-29 RecursiveCall 984.c3f @ microsoftedgecp.exe!edgehtml.dll!BuildTransition ├── repro.svg ├── Microsoft Edge issue 8327054.URL ├── RecursiveCall 984.4e8 @ microsoftedgecp.exe!edgehtml.dll!BuildTransition.html ├── RecursiveCall 984.4e8 @ microsoftedgecp.exe!edgehtml.dll!BuildTransition.png └── RecursiveCall 984.c3f @ microsoftedgecp.exe!edgehtml.dll!BuildTransition.png ├── 2016-08-01 CPUUsage 5f5.c02 @ iexplore.exe!d2d1.dll!CDasher։։Flush ├── repro.svg ├── CPUUsage 176.c8f @ iexplore.exe!user32.dll!_fnDWORD.html ├── CPUUsage 4cf.0b1 @ iexplore.exe!d2d1.dll!CShape։։Reset.html ├── CPUUsage 5f5.c02 @ iexplore.exe!d2d1.dll!CDasher։։Flush.html ├── CPUUsage 5f5.c02 @ iexplore.exe!d2d1.dll!CDasher։։Flush.png └── CPUUsage c8c.cdf @ iexplore.exe!d2d1.dll!CHwSurfaceRenderTarget։։ProcessBatch.html ├── 2016-10-21#2 RecursiveCall a3f.efa @ microsoftedgecp.exe!edgehtml.dll!AnimationPostProcessUnitValue └── repro.svg ├── 2015-10-15 1246t - MSIE 11 A2CF AVR.NULL iexplore.exe!MSHTML.dll!CTsfTextStore..Initialize (same as 2015-08-30#1 1207l) └── repro.html ├── 2015-10-16#1 AVR.NULL+4.N cc4.c76 @ iexplore.exe!jscript9.dll!Js..ScriptContext..RethrowRecordedException ├── repro.html └── NULL+4N cc4.c76 @ microsoftedgecp.exe!chakra.dll!JsScriptContextRethrowRecordedException - Microsoft Edge Development.URL ├── 2015-11-04 1216v - MSIE 9,10 9D RecursiveCall iexplore.exe!MSHTML.dll!CListCommand..ChangeListsChildListsTypes └── repro.html ├── 2016-05-20#3 AVR.NULL 696.61b iexplore.exe!mshtml.dll!CJScript9Holder..FastVarToDispatch ├── repro.xhtml ├── Various NULL pointers @ microsoftedgecp.exe!EDGEHTML.dll!CJScript9Holder..FastVarToDispatch.html - Microsoft Edge Developmen.URL ├── AVR.NULL 696.61b iexplore.exe!mshtml.dll!CJScript9Holder..FastVarToDispatch.html ├── AVR.NULL 696.61b iexplore.exe!mshtml.dll!CJScript9Holder..FastVarToDispatch.png └── AVR.NULL+4.N a0b.be9 @ iexplore.exe!mshtml.dll!CJScript9Holder..CBaseToVar.html ├── 2016-10-12 AVR։NULL+8 825.0b4 @ microsoftedgecp.exe!edgehtml.dll!Layout։։Patchable〈...〉։։Readable ├── repro.svg └── Microsoft Edge issue 9319292.URL ├── 2016-10-31 AVR։NULL+4 e09.0b4 @ microsoftedgecp.exe!edgehtml.dll!Layout։։Patchable〈...〉։։Readable └── repro.svg ├── 2015-08-31 1502B - MSIE 8 AVR;NULL+0x2A iexplore.exe!mshtml.dll!SRunPointer;;IsRelativeSpanEdge FFBFD1 ├── repro2.html ├── repro.html └── MSIE 8 Unknown function NULL ptr Microsoft Connect.URL ├── 2015-10-06#2 1244r - Chrome AE7E13F067118BAA48AD RecursiveCall chrome.exe!chrome_child.dll!`anonymous namespace'..call_new_handler ├── repro.html └── Chromoium 539907.url ├── 2015-10-21#2 1211r - Edge D71E AVR.Free microsoftedgecp.exe!EDGEHTML.dll!CAttrArray..Destroy ├── D744 AVR.Free microsoftedgecp.exe!EDGEHTML.dll!CAttrArray..Destroy │ └── repro.html └── D71E AVR.Free microsoftedgecp.exe!EDGEHTML.dll!CAttrArray..Destroy │ └── repro.html ├── 2016-02-11 1217r - MSIE 11 - AVR.Arbitrary iexplore.exe!jscript9.dll!HostDispatch..CallInvoke FC65 └── repro.html ├── 2016-05-04#1 Assert afc.68f @ microsoftedgecp.exe!edgehtml.dll!CAngleValue..FormatBuffer ├── repro.html ├── EdgeHTML issue - Assert afc.68f @ microsoftedgecp.exe!edgehtml.dll!CAngleValueFormatBuffer.URL ├── Assert afc.68f microsoftedgecp.exe!edgehtml.dll!CAngleValue..FormatBuffer.html └── Assert afc.68f microsoftedgecp.exe!edgehtml.dll!CAngleValue..FormatBuffer.png ├── 2016-07-08 AVR։NULL+4⁎N ddf.47b @ iexplore.exe!mshtml.dll!CHtPvPvBaseT〈...〉։։FindEntry ├── repro.xhtml ├── AVR։NULL+4⁎N ddf.47b @ iexplore.exe!mshtml.dll!CHtPvPvBaseT〈...〉։։FindEntry.html └── AVR։NULL+4⁎N ddf.47b @ iexplore.exe!mshtml.dll!CHtPvPvBaseT〈...〉։։FindEntry.png ├── 2016-08-03 CPUUsage cc5.3b0 @ iexplore.exe!mshtml.dll!Layout։։FlowBoxBuilder։։BuildBoxItem └── repro.xhtml ├── 2016-10-04 Assert 257.336 @ microsoftedgecp.exe!edgehtml.dll!CAryWindowTbl։։ReinitializeProxyVarIterationHandle ├── repro.html └── Microsft Edge issue 9201989.URL ├── 2015-10-21#1 1215j - Chrome Breakpoint chrome.exe!chrome_child.dll!ui;;AXTreeSerializer[...];;SerializeChangedNodes 0D0D ├── repro.html └── Chromium 528872.url ├── 2015-11-11 1278w - MSIE 8 ECFC AVR.NULL+EVEN iexplore.exe!mshtml.dll!CTableRowBlock..ColumnCount └── repro.html ├── 2015-12-03 1294l - MSIE 8,9 33BB AVR.NULL iexplore.exe!mshtml.dll!CLayout..GetClientRect ├── repro.html └── 33BB AVR.NULL iexplore.exe!mshtml.dll!CLayout..GetClientRect.html ├── 2016-03-17 1295u - Edge - 17DE AVR.Free microsoftedgecp.exe!EDGEHTML.dll!CTreePosGap..PartitionPointers ├── mini.html └── repro.html ├── 2016-04-13 AVR.NULL 7f2.7dd @ microsoftedgecp.exe!edgehtml.dll!Tree..TreeReader..GetParentWithFilter ├── repro AVR.NULL 7f2.7dd.xhtml └── EdgeHTML issue - NULL+4N ad3.653 @ microsoftedgecp.exe!edgehtml.dll!CFormatInfoFindFormattingParent.URL ├── 2016-04-21#1 AVR.NULL bd8.55c iexplore.exe!mshtml.dll!CTreeNode..EnsureNoDependentLayoutFixup ├── repro AVW.NULL+4#N 97b.404 .html ├── repro AVR.NULL bd8.55c.html └── EdgeHTML issue - NULL bd8.55c @ iexplore.exe!mshtml.dll!CTreeNodeEnsureNoDependentLayoutFixup.URL ├── 2016-10-21#1 RecursiveCall 984.8ae @ microsoftedgecp.exe!edgehtml.dll!BuildTransition ├── repro.html ├── RecursiveCall 984.8ae @ microsoftedgecp.exe!edgehtml.dll!BuildTransition.png └── RecursiveCall 3b5.4ca @ microsoftedgecp.exe!edgehtml.dll!DllEnumClassObjects.png ├── 2015-08-30#12 1207y - MSIE 10 AVR;NULL+0x29 iexplore.exe!MSHTML.dll!CMarkup;;ReparentDirectChildren FEDB53 └── repro.html ├── 2015-10-12 1247u - MSIE 10&11 A43C AVR.NULL+EVEN iexplore.exe!MSHTML.dll!Tree..TextBlock..HasChange ├── repro.html └── A43C AVR.NULL+EVEN iexplore.exe!MSHTML.dll!Tree..TextBlock..HasChange.html ├── 2015-11-12 1226u - MSIE 9 37B5 AVR.NULL iexplore.exe!MSHTML.dll!CTreePosGap..PartitionPointers ├── repro.svg └── 37B5 AVR.NULL iexplore.exe!MSHTML.dll!CTreePosGap..PartitionPointers.html ├── 2015-12-11#2 AVR.NULL b45.796 @ microsoftedgecp.exe!edgehtml.dll!Tree..STextPosition..CalculateCP ├── repro.html ├── EdgeHTML issue - NULL b45.796 @ microsoftedgecp.exe!edgehtml.dll!TreeSTextPositionCalculateCP.URL └── repro2.html ├── 2016-10-25 Assert 314.33f @ microsoftedgecp.exe!edgehtml.dll!Tree։։STextPosition։։CompareCrossDocument ├── Microsoft Edge issue 9515683.URL └── repro.html ├── 2015-07-01 1143b - Firefox - xul mozilla..MediaStream use-after-free ├── repro.html ├── 2015-09-04 jemalloc 272 │ └── Jemalloc issue 272.url └── 2015-07-01 Bugzilla 1179484 │ └── repro.html ├── 2015-10-28#2 1224o - MSIE 11 3274 AVR.NULL+EVEN iexplore.exe!MSHTML.dll!CHtPvPvBaseT[...]..Insert ├── repro.xhtml ├── repro2.html └── 3274 AVR.NULL+EVEN iexplore.exe!MSHTML.dll!CHtPvPvBaseT[...]..Insert.html ├── 2015-11-13#1 1238o - MSIE 9 B683 AVR.NULL iexplore.exe!MSHTML.dll!CSpliceTreeEngine..RemoveSplice ├── repro.svg └── B683 AVR.NULL iexplore.exe!MSHTML.dll!CSpliceTreeEngine..RemoveSplice.html ├── 2015-11-13#2 1244v - Edge B27A AVR.NULL+EVEN microsoftedgecp.exe!EDGEHTML.dll!Layout..InlineLayout..IsInlineRelative └── repro.html ├── 2016-10-24 Assert 9c8.c88 @ microsoftedgecp.exe!edgehtml.dll!Tree։։TreeWriter։։Notify_BeforeRemoveNode_Safe ├── Microsoft Edge issue 9515677.URL └── repro.svg ├── 2015-09-18 1215l - MSIE 8 7C89 AVR.NULL+X iexplore.exe!mshtml.dll!SLayoutRun..GetInnerNodeCrossingBlockBoundary └── repro.html ├── 2015-10-28#1 AVR։NULL+4⁎N 9e4.640 @ iexplore.exe!mshtml.dll!Ptls6։։FindNextForceBreakOppInsideNonTextChunk ├── repro.xhtml └── Edge Bug.url ├── 2015-10-30 AVR.NULL+4.N f0b.7d7 @ iexplore.exe!mshtml.dll!CGeneratedContent..ValidateCounterValue ├── repro AVR։NULL+N f0b.7d7.html └── repro AVR։NULL+N f0b.e04.svg ├── 2016-05-04#2 AVR.NULL 652.661 @ firefox.exe!xul.dll!nsContentIterator..NextNode ├── 1264932 – AVR.NULL 652.661 @ firefox.exe!xul.dll!nsContentIterator..NextNode.URL ├── AVR.NULL 652.661 firefox.exe!xul.dll!nsContentIterator..NextNode.html ├── AVR.NULL 652.661 firefox.exe!xul.dll!nsContentIterator..NextNode.png └── repro.html ├── 2016-04-14#2 - MSIE 9 - DF79 AVR.NULL+EVEN iexplore.exe!MSHTML.dll!HtmlLayout..FlowBoxBuilder..CompleteBoxSizing └── repro.xhtml ├── 2016-06-16 MSIE 11 - AVR.NULL+4.N ff9.da4 @ iexplore.exe!mshtml.dll!CSVGSwitchElement..FindAndSetVisibleChildNode └── repro.svg ├── 2016-07-12#2 AVR.NULL d6a.a07 microsoftedgecp.exe!edgehtml.dll!EdUtil..GetCommonAncestorElement ├── repro.html └── EdgeHTML issue - NULL d6a.a07 @ microsoftedgecp.exe!edgehtml.dll!EdUtilGetCommonAncestorElement.URL ├── 2015-11-25 1257m - MSIE 11 4BF5 AVR.NULL iexplore.exe!MSHTML.dll!CGeneratedContent..RemoveGeneratedContentInRangeInternal └── repro.html ├── 2016-05-12 Assert efc.a0b microsoftedgecp.exe!edgehtml.dll!CJScript9Holder..GetPrototype ├── repro.html ├── EdgeHTML issue - Assert efc.a0b @ microsoftedgecp.exe!edgehtml.dll!CJScript9HolderGetPrototype.URL ├── Assert efc.a0b microsoftedgecp.exe!edgehtml.dll!CJScript9Holder..GetPrototype.html └── Assert efc.a0b microsoftedgecp.exe!edgehtml.dll!CJScript9Holder..GetPrototype.png ├── 2015-08-30#3 1207n - MSIE 11 AVR.NULL+0x38 iexplore.exe!MSHTML.dll!CSVGSwitchElement..FindAndSetVisibleChildNode FA7BE5 └── repro.html ├── 2015-10-01 1238r - MSIE 11 D20C AVR.NULL+EVEN iexplore.exe!MSHTML.dll!SDispNodeReadCursor.......SDispNodeReadCursor └── repro.html ├── 2015-10-19 1183k - Chrome AVW;NULL chrome.exe!chrome_child.dll!blink;;`anonymous namespace';;rethrowExceptionInPrivateScript EBE1 ├── repro.html └── Chromium 528882.url ├── 2016-05-13 AVR.NULL f54.7f7 @ firefox.exe!xul.dll!nsHTMLEditRules..GetNodesForOperation ├── 1267757 – AVRNULL f54.7f7 @ firefox.exe!xul.dll!nsHTMLEditRulesGetNodesForOperation.URL ├── AVR.NULL f54.7f7 firefox.exe!xul.dll!nsHTMLEditRules..GetNodesForOperation.html └── AVR.NULL f54.7f7 firefox.exe!xul.dll!nsHTMLEditRules..GetNodesForOperation.png ├── 2015-08-30#15 1501N - MSIE 9,10,11 AVR;NULL iexplore.exe!MSHTML.dll!CDoc;;GetComputedStyle 82F0CA ├── repro.html ├── 1501N - MSIE 10 - MSHTML CDoc..GetComputedStyle NULL ptr Microsoft Connect.URL └── AVR;NULL iexplore.exe!MSHTML.dll!CDoc;;GetComputedStyle 82F0.html ├── 2016-04-14#1 - Edge - AVR.NULL+4.N 1e9.328 @ microsoftedgecp.exe!edgehtml.dll!ParentNodeHelper ├── repro AVR.NULL+4#N 1e9.328.xhtml ├── EdgeHTML issue - NULL+4N ad3.653 @ microsoftedgecp.exe!edgehtml.dll!CFormatInfoFindFormattingParent.URL └── AVR.NULL+4#N 1e9.328 microsoftedgecp.exe!edgehtml.dll!ParentNodeHelper.html ├── 2016-05-20#2 RecursiveCall cf5.c76.ef5.ef5.7f7.2eb.255.2d6.2eb firefox.exe!xul.dll!PrepareEditorEvent..Run ├── Firefox bug.url └── repro.html ├── 2016-04-13 AVR.NULL+4.N ad3.653 @ microsoftedgecp.exe!edgehtml.dll!CFormatInfo..FindFormattingParent ├── repro AVR.NULL+4#N ad3.653.xhtml └── EdgeHTML issue - NULL+4N ad3.653 @ microsoftedgecp.exe!edgehtml.dll!CFormatInfoFindFormattingParent.URL ├── 2016-06-17#2 1350n - MSIE 11 CFBB AVR.Arbitrary iexplore.exe!jscript9.dll!JavascriptThreadService..EnumerateTrackingClient └── SkyLined - CVE-2016-0199 MS16-063 MSIE 11 garbage collector attribute type confusion.URL ├── 2016-07-12#1 AVR.NULL+4#N cc0.fda microsoftedgecp.exe!edgehtml.dll!Tree..TreeWriter..InsertSingleElement ├── repro.html └── EdgeHTML issue - NULL+4N cc0.fda @ microsoftedgecp.exe!edgehtml.dll!TreeTreeWriterInsertSingleElement.URL ├── 2015-11-26 1BF6 AVR.Free microsoftedgecp.exe!EDGEHTML.dll!CMarkup..EnsureTitle ├── repro.svg └── 1BF6 AVR.Free microsoftedgecp.exe!EDGEHTML.dll!CMarkup..EnsureTitle.html ├── 2016-05-26 CPUUsage 91b.a85 microsoftedgecp.exe!emodel.dll!CTabWindow.._TabWindowThreadProc ├── EdgeHTML issue - CPUUsage 91b.a85 microsoftedgecp.exe!emodel.dll!CTabWindow_TabWindowThreadProc.URL ├── repro.svg ├── FailFast b72.fca iexplore.exe!mshtml.dll!CView..EnsureView.png └── FailFast b72.fca iexplore.exe!mshtml.dll!CView..EnsureView.html ├── 2016-07-13#1 Assert a56.92c @ microsoftedgecp.exe!edgehtml.dll!CElement..EnterMarkup ├── Assert a56.92c @ microsoftedgecp.exe!edgehtml.dll!CElement։։EnterMarkup - Microsoft Edge Development.URL ├── Assert a56.92c @ microsoftedgecp.exe!edgehtml.dll!CElement։։EnterMarkup.html └── Assert a56.92c @ microsoftedgecp.exe!edgehtml.dll!CElement։։EnterMarkup.png ├── 2016-01-08 EF0F AVR.Free iexplore.exe!MSHTML.dll!CDataset..RemoveItem └── EF0F AVR.Free iexplore.exe!MSHTML.dll!CDataset..RemoveItem.html ├── 2016-07-07#2 AVR.NULL 484.a53 @ microsoftedgecp.exe!edgehtml.dll!CTreePosGap..PartitionPointers ├── EdgeHTML issue - NULL 484.a53 @ microsoftedgecp.exe!edgehtml.dll!CTreePosGapPartitionPointers.URL └── repro.html ├── 2016-07-12#3 AVR.NULL 273.c63 @ iexplore.exe!mshtml.dll!Tree..ElementNode..GetNearestCElement └── repro.xhtml ├── 2016-07-11 FailFast b72.fca @ iexplore.exe!mshtml.dll!CView։։EnsureView ├── FailFast b72.fca @ iexplore.exe!mshtml.dll!CView։։EnsureView.html ├── FailFast b72.fca @ iexplore.exe!mshtml.dll!CView։։EnsureView.png └── repro.svg ├── 2016-03-12 1301q - Edge - B00B AVR.OOB+EVEN microsoftedgecp.exe!msvcrt.dll!memcpy_s ├── B00B AV..OOB microsoftedgecp.exe!msvcrt.dll!memcpy_s.html ├── B00B AVR.Free microsoftedgecp.exe!msvcrt.dll!memcpy_s.html ├── B00B AVR.Arbitrary microsoftedgecp.exe!msvcrt.dll!memcpy_s.html ├── B00B AVR.OOB+EVEN microsoftedgecp.exe!msvcrt.dll!memcpy_s.html ├── 3D86 AVR.Arbitrary microsoftedgecp.exe!EDGEHTML.dll!CTreePos..RotateUp.html ├── 09EE AVR.NULL+EVEN microsoftedgecp.exe!EDGEHTML.dll!CTreePos..GetMarkup.html └── F141 AVR.NULL microsoftedgecp.exe!EDGEHTML.dll!Dom..TreeReader..GetNextPreorderNode.html ├── 2016-05-19#3 AVR.NULL 43c.6ea iexplore.exe!mshtml.dll!CBlockPointer..MoveToParent ├── repro.xhtml ├── AVR.NULL 43c.6ea iexplore.exe!mshtml.dll!CBlockPointer..MoveToParent.png └── AVR.NULL 43c.6ea iexplore.exe!mshtml.dll!CBlockPointer..MoveToParent.html ├── 2016-05-20#1 Assert #.19c microsoftedgecp.exe!edgehtml.dll!Tree..SvgDeepCloneBuilder..CopySubTreeForUse └── EdgeHTML issue - Assert #.19c microsoftedgecp.exe!edgehtml.dll!Tree..SvgDeepCloneBuilder..CopySubTreeForUse.URL ├── 2014-04-01 MSIE 9 MSHTML CAttrArray UAF └── repro.html ├── 2016-09-05 RecursiveCall 25e.cb0 @ microsoftedgecp.exe!edgehtml.dll!CTreeNode։։ComputeFormatsHelper └── repro.xhtml ├── 2015-11-26 6CDE AVR.Free microsoftedgecp.exe!EDGEHTML.dll!CTreePosGap..MoveImpl └── 6CDE AVR.Free microsoftedgecp.exe!EDGEHTML.dll!CTreePosGap..MoveImpl.html ├── 2016-08-02 AVR։NULL+4 7dd.12d @ microsoftedgecp.exe!edgehtml.dll!Tree։։TreeWriter։։RemoveGeneratedContentInSubtree └── AVR։NULL+4 7dd.12d @ microsoftedgecp.exe!edgehtml.dll!Tree։։TreeWriter։։RemoveGeneratedContentInSubtree - Microsoft Edge Dev.URL ├── 2016-08-09 AVR։OOB[0x21A]+6 922.cc0 @ FoxitReader_Lib_Full.exe!msvcr100.dll!wcsstr ├── AVR։OOB[0x21A]+6 922.cc0 @ FoxitReader_Lib_Full.exe!msvcr100.dll!wcsstr.html └── AVR։OOB[0x21A]+6 922.cc0 @ FoxitReader_Lib_Full.exe!msvcr100.dll!wcsstr.png └── 2015-12-01 66F6 AVR.Free microsoftedgecp.exe!EDGEHTML.dll!CCollectionCache..GetDisp └── 66F6 AVR.Free microsoftedgecp.exe!EDGEHTML.dll!CCollectionCache..GetDisp.html /.gitignore: -------------------------------------------------------------------------------- 1 | \#* 2 | *.lnk 3 | #*.URL 4 | *.zip 5 | details.txt 6 | -------------------------------------------------------------------------------- /2015-02-19 MSIE 9 html.iec PxchFindXch OOB read/target.xhtml: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /2016-04-25 - AVR.NULL 8fe.8f2 @ iexplore.exe!mshtml.dll!CThreadDialogProcParam..CThreadDialog/A.xhtml: -------------------------------------------------------------------------------- 1 | A -------------------------------------------------------------------------------- /2016-02-26 MSIE 9 USER32 SmartStretchDIBits OOB read/repro.html: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /2016-05-17#2 AVR.NULL 1d5.5c3 microsoftedgecp.exe!edgehtml.dll!CSelectionManager..InitEditContext/x.svg: -------------------------------------------------------------------------------- 1 | x -------------------------------------------------------------------------------- /2016-08-12 AOO Writer AVR։NULL+0x4E f32.921 @ soffice.exe!tl.dll!SvStream։։Write/repro.rtf: -------------------------------------------------------------------------------- 1 | {\rtf\pict\bin -------------------------------------------------------------------------------- /2016-09-15 Assert c99.119 @ microsoftedgecp.exe!edgehtml.dll!Edit։։Selection։։SetBoundaryPositions/g.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /2016-08-17 AOO Writer AVW։NULL+0x69 8f0.3ff @ soffice.exe!msword.dll+0xA709/repro.rtf: -------------------------------------------------------------------------------- 1 | {\rtf\listtable\listsimple -------------------------------------------------------------------------------- /2016-08-31 Assert c46.b93 @ microsoftedgecp.exe!edgehtml.dll!CDocument։։item/repro.html: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /2014-07-09 MSIE 9 MSHTML CPtsTextParaclient..CountApes OOB read/repro1.html: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /2015-08-03 Chrome blink..XMLDocumentParser..startElementNs NULL ptr/repro/repro.html: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /2015-08-30#9 1501M - MSIE 11 AVR;NULL+0xC iexplore.exe!MSHTML.dll!COmWindowProxy;;Markup 87E44D/repro2/target.html: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /2016-05-05 CPU usage progress style=border-top-width=21474836/repro.html: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /2016-05-09 Assert 90d.90d/repro.html: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /2016-05-19#2 AVR.NULL+4.N 5e3.eca @ firefox.exe!xul.dll!mozilla..dom..SVGSVGElement..GetIntrinsicHeight/image.svg: -------------------------------------------------------------------------------- 1 | x -------------------------------------------------------------------------------- /2016-06-13 AVR.NULL+4.N 0b9.86a @ microsoftedgecp.exe!edgehtml.dll!COpenElements..Push/repro.html: -------------------------------------------------------------------------------- 1 |