Disclosed Chromium Security Bugs

Heap use-after-free in DirectSocket API

#390590778Reporter: tk...@paloaltonetworks.com
$4,000
4/30/2025

libGLES_mali memory safety violation via WebGPU shaders at llvm::Value::setNameImpl

#379551588Reporter: a7...@gmail.com
$35,000
4/30/2025

libical:libical_extended_fuzzer: Heap-use-after-free in icalreqstattype_as_string_r

#392948871Reporter: 87...@developer.gserviceaccount.com
$0
4/29/2025

V8 Sandbox Bypass: UB in WebAssemblyMemoryGrow because AddressType is constructed from on-heap data

#390453039Reporter: v8...@gmail.com
$5,000
4/29/2025

V8 Sandbox Bypass: UB in MessageHandler::GetMessage because of invalid MessageTemplate variant

#390568183Reporter: v8...@gmail.com
$5,000
4/29/2025

rdkit:mol_data_stream_to_mol_fuzzer: Crash in RDKit::Dict::reset

#391962480Reporter: 87...@developer.gserviceaccount.com
$0
4/28/2025

GPU process crash via WebGPU shader - unknown-crash at fs_nir_emit_alu in brw_fs_nir.cpp

#377321465Reporter: wg...@gmail.com
$10,000
4/27/2025

V8 Sandbox Bypass: StringToBigIntHelper stack-buffer-overflow

#389970331Reporter: v8...@gmail.com
$5,000
4/26/2025

iOS: URL spoofing due to pages that commit but take a long time to paint

#40052164Reporter: ra...@gmail.com
$1,000
4/26/2025

ffmpeg:ffmpeg_dem_MXF_fuzzer: Use-of-uninitialized-value in mxf_read_header

#391916474Reporter: 87...@developer.gserviceaccount.com
$0
4/25/2025
Showing 2331-2340 of 10526 bugs
1...233234235...1053