Disclosed Chromium Security Bugs

v8_wasm_compile_fuzzer: Crash in Builtins_JSToWasmWrapperAsm

#378701682Reporter: cl...@chromium.org
$0
2/25/2025

Crash in Builtins_JSEntryTrampoline

#379159146Reporter: sa...@google.com
$0
2/25/2025

CHECK failure: constant.has_value()

#379159143Reporter: 24...@project.gserviceaccount.com
$0
2/25/2025

MSL threadgroup allocations can be coerced to be too small

#378725734Reporter: jr...@google.com
$0
2/25/2025

shaderc:shaderc_fdp_fuzzer: Container-overflow in glslang::HlslParseContext::decomposeIntrinsic

#380569852Reporter: 87...@developer.gserviceaccount.com
$0
2/24/2025

rdkit:mol_data_stream_to_mol_fuzzer: Use-of-uninitialized-value in void RDKit::ParseV3000AtomProps

#380569842Reporter: 87...@developer.gserviceaccount.com
$0
2/24/2025

DCHECK failure in v8::internal::ValueHelper::IsEmpty(that) || IsJSReceiver(v8::internal::Tagged

#378014601Reporter: 24...@project.gserviceaccount.com
$0
2/23/2025

MiraclePtr bypass by abusing ref_count double fetch

#377803496Reporter: vu...@darknavy.com
$0
2/22/2025

Security: WebGL ANGLE MTLCompilerService OOB Write

#40075394Reporter: pw...@gmail.com
$0
2/22/2025

v8_multi_return_fuzzer: Crash in objects-inl.h

#378836894Reporter: 24...@project.gserviceaccount.com
$0
2/22/2025
Showing 2501-2510 of 10541 bugs
1...250251252...1055