Disclosed Chromium Security Bugs

net_quic_session_pool_fuzzer: Heap-use-after-free in quic::QuicSentPacketManager::MarkPacketHandled

#373025985Reporter: 24...@project.gserviceaccount.com
$0
3/5/2025

V8 Sandbox violation during OSR tier-up if code on FeedbackVector is modified

#374812612Reporter: 24...@project.gserviceaccount.com
$0
3/5/2025

pdfium_fuzzer: Crash in fxcodec::JpegDecoder::InitDecode

#379259821Reporter: 24...@project.gserviceaccount.com
$0
3/2/2025

mediasource_MP2T_AVC_pipeline_integration_fuzzer: Crash in ff_put_h264_chroma_mc4_ssse3.next2rows

#379418979Reporter: 24...@project.gserviceaccount.com
$0
3/2/2025

pdf_ink_reader_fuzzer_PdfInkReaderFuzzer_CreateMeshFromPolylineDoesntCrash_fuzzer: Crash in pqHeapDelete

#379574871Reporter: 24...@project.gserviceaccount.com
$0
3/2/2025

GPU process crash via WebGPU shader - UAF in mesa gcm_schedule_early_instr at src/compiler/nir/nir_opt_gcm.c:477

#361027508Reporter: a7...@gmail.com
$10,000
2/28/2025

Object-size in blink::mojom::blink::MediaDevicesDispatcherHost_GetAudioInputCapabilities_Forwar

#380107547Reporter: 24...@project.gserviceaccount.com
$0
2/28/2025

Use-after-free in GestureListenerManager if destroyed before RenderWidgetHost

#378464985Reporter: ol...@opera.com
$0
2/28/2025

V8 sandbox violation in Builtins_ContinueToJavaScriptBuiltinWithResult

#379418918Reporter: sa...@google.com
$0
2/28/2025

heap-use-after-free in v4l2 (AppendVP9SuperFrameIndex)

#379715150Reporter: mp...@google.com
$0
2/27/2025
Showing 2171-2180 of 10209 bugs
1...217218219...1021