Disclosed Chromium Security Bugs

Debug check failed: kCanBeWeak || (!IsSmi() == HAS_STRONG_HEAP_OBJECT_TAG(ptr_)).

#377384894Reporter: jo...@gmail.com
$8,000
2/17/2025

Wasm type confusion due to DefaultReferenceValue() JS null for noexn type

#377620832Reporter: se...@gmail.com
$55,000
2/17/2025

Crash in Builtins_InterpreterEntryTrampoline

#377352368Reporter: sa...@google.com
$0
2/17/2025

CHECK failure: IsFeedbackCell()

#377642311Reporter: 24...@project.gserviceaccount.com
$0
2/17/2025

UAF in echo_ai_manager_impl

#376667975Reporter: li...@gmail.com
$0
2/17/2025

CHECK failure: data->type_tag() == RegExpData::Type::IRREGEXP

#376726593Reporter: 24...@project.gserviceaccount.com
$0
2/17/2025

Debug check failed: IsOptimizationRequested(GetIsolate()) && !shared()->HasBreakInfo(GetIsolate())

#377749386Reporter: bj...@gmail.com
$0
2/17/2025

V8 correctness failure in sources: aa

#377574375Reporter: 24...@project.gserviceaccount.com
$0
2/17/2025

Potential V8 Sandbox Violation due to DeleteMemoryChunk calling different destructor based on in sandbox data

#332855890Reporter: sr...@google.com
$0
2/17/2025

shaderc:glslc_fuzzer: Bad parameters to --sanitizer-annotate-contiguous-container in glslang::TPpContext::scanToken

#379254074Reporter: 87...@developer.gserviceaccount.com
$0
2/14/2025
Showing 2221-2230 of 10209 bugs
1...222223224...1021