Disclosed Chromium Security Bugs

DCHECK failure in source_map->GetInObjectProperties() >= result_map->GetInObjectProperties() in ic

#352402498Reporter: 24...@project.gserviceaccount.com
$0
10/19/2024

V8 Sandbox Bypass: AAR/W via WASM import race condition leading to broken runtime bounds check with memory64

#352446085Reporter: se...@gmail.com
$5,000
10/19/2024

Security: possible heap UaF in ThrottlingURLLoader+HttpsUpgradesInterceptor+MaybeCreateLoaderForResponse

#349342289Reporter: ha...@gmail.com
$8,000
10/18/2024

WebAssembly OOB memory access due to cached memory index confusion

#351327767Reporter: se...@gmail.com
$20,000
10/18/2024

media_pipeline_integration_fuzzer: Heap-buffer-overflow in media::VideoRendererAlgorithm::ReadyFrame::ReadyFrame

#352481077Reporter: 24...@project.gserviceaccount.com
$0
10/18/2024

DCHECK failure in is_activated_ || shared_heap_worklists_.has_value() in marking-barrier.cc

#352402495Reporter: 24...@project.gserviceaccount.com
$0
10/18/2024

Fatal error in ..\..\src\maglev\maglev-ir.cc, line 630

#352352903Reporter: sw...@gmail.com
$0
10/18/2024

V8 Sandbox Bypass: AAR/W via table import signature check bypass

#348793147Reporter: se...@gmail.com
$5,000
10/18/2024

Debug check failed: descriptor_number.as_int() < number_of_descriptors() (0 vs. 0). in v8

#352371710Reporter: ki...@gmail.com
$0
10/18/2024

heap-buffer-overflow write in libaom

#339877165Reporter: em...@gmail.com
$7,000
10/18/2024
Showing 2861-2870 of 10546 bugs
1...286287288...1055