Disclosed Chromium Security Bugs

video_capture_host_mojolpm_fuzzer: Heap-use-after-free in base::RepeatingCallback

#382135228Reporter: 24...@project.gserviceaccount.com
$0
3/23/2025

Incorrect implementation of the fast path in Object.assign() lead to memory corruption.

#383647255Reporter: hu...@gmail.com
$20,000
3/23/2025

webnn_graph_mojolpm_fuzzer: Crash in tflite::impl::InterpreterBuilder::ParseTensors

#383373317Reporter: 24...@project.gserviceaccount.com
$0
3/23/2025

DCHECK failure in TranslatedValue::kAllocated == child_slot->materialization_state() in translated

#383397477Reporter: 24...@project.gserviceaccount.com
$0
3/22/2025

DedicatedOrSharedWorkerFetchContextImpl::accept_languages_watcher_ is a raw_ptr... to a GarbageCollected class

#379869752Reporter: cd...@chromium.org
$0
3/21/2025

DCHECK failure in mutable_heap_number->IsHeapNumber() in maglev-graph-builder.cc

#382547590Reporter: 24...@project.gserviceaccount.com
$0
3/21/2025

audio_decoder_fuzzer: Heap-buffer-overflow in mov_read_trun

#383454674Reporter: 24...@project.gserviceaccount.com
$0
3/21/2025

Security: Browser history sniffing

#40086812Reporter: ch...@gmail.com
$1,000
3/21/2025

Security: Private Network Access (PNA) Bypass Allows Access to localhost on macOS & Linux using 0.0.0.0

#40058874Reporter: sa...@gmail.com
$1,000
3/21/2025

heap-use-after-free cc\tiles\gpu_image_decode_cache.cc:2469 in cc::GpuImageDecodeCache::DecodeImageIfNecessary

#368222741Reporter: m....@gmail.com
$4,000
3/20/2025
Showing 2421-2430 of 10541 bugs
1...242243244...1055