Disclosed Chromium Security Bugs

Debug check failed in wasm-objects.cc

#379052295Reporter: li...@gmail.com
$0
2/27/2025

V8 sandbox violation in v8::internal::SlotSet* v8::internal::MutablePageMetadata::slot_set<

#379768241Reporter: sa...@google.com
$0
2/27/2025

DCHECK failure in Handle v8::internal::Cast(Handle, const v8::SourceLocation &) [To = v8

#374627491Reporter: dd...@gmail.com
$7,000
2/26/2025

Potential type confusion in wasm and js interaction

#379009132Reporter: li...@gmail.com
$8,000
2/26/2025

DCHECK failure in 0 <= prev_pc_offset && prev_pc_offset <= code->instruction_size() in code-stats.

#373025978Reporter: 24...@project.gserviceaccount.com
$0
2/26/2025

V8 sandbox violation in v8::internal::TranslatedValue::kind

#376496315Reporter: 24...@project.gserviceaccount.com
$0
2/26/2025

v8_wasm_compile_fuzzer: Crash in Builtins_JSToWasmWrapperAsm

#378701682Reporter: cl...@chromium.org
$0
2/25/2025

Crash in Builtins_JSEntryTrampoline

#379159146Reporter: sa...@google.com
$0
2/25/2025

CHECK failure: constant.has_value()

#379159143Reporter: 24...@project.gserviceaccount.com
$0
2/25/2025

MSL threadgroup allocations can be coerced to be too small

#378725734Reporter: jr...@google.com
$0
2/25/2025
Showing 2181-2190 of 10209 bugs
1...218219220...1021