Disclosed Chromium Security Bugs

Object-size in blink::mojom::blink::MediaDevicesDispatcherHost_GetAudioInputCapabilities_Forwar

#380107547Reporter: 24...@project.gserviceaccount.com
$0
2/28/2025

Use-after-free in GestureListenerManager if destroyed before RenderWidgetHost

#378464985Reporter: ol...@opera.com
$0
2/28/2025

V8 sandbox violation in Builtins_ContinueToJavaScriptBuiltinWithResult

#379418918Reporter: sa...@google.com
$0
2/28/2025

heap-use-after-free in v4l2 (AppendVP9SuperFrameIndex)

#379715150Reporter: mp...@google.com
$0
2/27/2025

Debug check failed in wasm-objects.cc

#379052295Reporter: li...@gmail.com
$0
2/27/2025

V8 sandbox violation in v8::internal::SlotSet* v8::internal::MutablePageMetadata::slot_set<

#379768241Reporter: sa...@google.com
$0
2/27/2025

DCHECK failure in Handle v8::internal::Cast(Handle, const v8::SourceLocation &) [To = v8

#374627491Reporter: dd...@gmail.com
$7,000
2/26/2025

Potential type confusion in wasm and js interaction

#379009132Reporter: li...@gmail.com
$8,000
2/26/2025

DCHECK failure in 0 <= prev_pc_offset && prev_pc_offset <= code->instruction_size() in code-stats.

#373025978Reporter: 24...@project.gserviceaccount.com
$0
2/26/2025

V8 sandbox violation in v8::internal::TranslatedValue::kind

#376496315Reporter: 24...@project.gserviceaccount.com
$0
2/26/2025
Showing 2491-2500 of 10541 bugs
1...249250251...1055