Disclosed Chromium Security Bugs

V8 Sandbox Bypass: AAR/W via WASM signature confusion in Wasm-to-JS wrapper through PodArrayOfWasmValueType overwrite

#354408144Reporter: se...@gmail.com
$5,000
1/12/2025

rtp_video_frame_assembler_fuzzer: Negative-size-param in webrtc::VideoRtpDepacketizerH264::Parse

#371043024Reporter: 24...@project.gserviceaccount.com
$0
1/11/2025

h264_depacketizer_fuzzer: Negative-size-param in webrtc::VideoRtpDepacketizerH264::Parse

#371054866Reporter: 24...@project.gserviceaccount.com
$0
1/11/2025

Heap-use-after-free in · content::CacheStorageScheduler::CompleteOperationAndRunNext

#370069678Reporter: m....@gmail.com
$6,000
1/10/2025

DCHECK failure in base_.kind() == JAVA_SCRIPT in frames.h

#367734947Reporter: 24...@project.gserviceaccount.com
$0
1/9/2025

invariant of cve-2024-7550

#367818758Reporter: in...@starlabs.sg
$7,000
1/9/2025

UAF in AIContextBoundObjectSet::GetFromContext

#367755363Reporter: vu...@darknavy.com
$36,000
1/9/2025

mediasource_MP2T_AVC_pipeline_integration_fuzzer: Heap-buffer-overflow in h264_frame_start

#369956909Reporter: 24...@project.gserviceaccount.com
$0
1/9/2025

V8 correctness failure in sources: d3

#369685641Reporter: 24...@project.gserviceaccount.com
$0
1/8/2025

V8 correctness failure in sources: ec

#369630648Reporter: 24...@project.gserviceaccount.com
$0
1/7/2025
Showing 2631-2640 of 10545 bugs
1...263264265...1055