In what ways can we abuse Javascript?

Javascript has certain limitations to prevent abuse, such as preventing reading and writing to disk and not allowing access to other windows or browser domains. But does this prevent all malicious code from running? Javscript is quite powerful and it seems that there are always ways to cause problems.