Disclosed Chromium Security Bugs

SubresourceSignedExchangeURLLoaderFactory hands out raw_ptrs to self-owned receivers, which is unsafe.

#345261068Reporter: mm...@chromium.org
$0
9/27/2024

AddressSanitizer: heap-use-after-free on media::SCKAudioInputStream::Start

#346692546Reporter: li...@gmail.com
$4,000
9/27/2024

openscreen_cast_auth_util_fuzzer: Container-overflow in cbb_buffer_reserve

#347071480Reporter: 24...@project.gserviceaccount.com
$0
9/27/2024

CHECK failure: untyped_->count(slot.address()) > 0 in heap-verifier.cc

#347804259Reporter: 24...@project.gserviceaccount.com
$0
9/27/2024

sql_recovery_lpm_fuzzer: Container-overflow in sqlite3Reprepare

#347785590Reporter: 24...@project.gserviceaccount.com
$0
9/27/2024

ad_auction_service_mojolpm_fuzzer: Container-overflow in google::protobuf::internal::UnknownFieldParse

#347741617Reporter: 24...@project.gserviceaccount.com
$0
9/27/2024

source_registration_fuzzer: Container-overflow in source_registration_fuzzer

#347899137Reporter: 24...@project.gserviceaccount.com
$0
9/27/2024

net_dns_host_resolver_cache_fuzzer: Container-overflow in base::time_internal::TimeBase::operator+

#347867190Reporter: 24...@project.gserviceaccount.com
$0
9/27/2024

page_load_in_process_fuzzer: Container-overflow in url_formatter::SegmentURLInternal

#347835677Reporter: 24...@project.gserviceaccount.com
$0
9/27/2024

create_trial_from_study_fuzzer: Container-overflow in variations::CreateTrialFromStudyFuzzer

#347045473Reporter: 24...@project.gserviceaccount.com
$0
9/27/2024
Showing 2941-2950 of 10546 bugs
1...294295296...1055