Disclosed Chromium Security Bugs
←Back to DashboardExtensions can run JS on any priveledged origin by using chrome.devtools.inspectedWindow.reload and crashing the page
$0
9/25/2024
GPU process crash via WebGPU shader - UAF in combineInstructionsOverFunction at InstructionCombining.cpp:3008
$10,000
9/25/2024
DCHECK failure in ArrayBufferExtension::Age::kYoung == extension->age() in js-array-buffer.cc
$0
9/25/2024
GPU process crash via WebGPU shader - UAF in RecursivelyDeleteTriviallyDeadInstructions at Transforms\Utils\Local.cpp:368
$10,000
9/25/2024
DCHECK failure in old_details.representation().IsCompatibleForLoad( root_details.representation())
$0
9/25/2024
CHECK failure: representation_.Equals(owner->instance_descriptors(isolate) ->GetDetails(descrip
$0
9/25/2024
CHECK failure: function->closure_feedback_cell_array()->length() == function->shared()->feedbac
$0
9/25/2024
MemorySanitizer: use-of-uninitialized-value in v8::internal::maglev::Phi::RecordUseReprHint()
$0
9/24/2024
DCHECK failure in HasFeedbackMetadata() in shared-function-info-inl.h
$0
9/22/2024
browser_accessibility_fuzzer: Heap-use-after-free in content::BrowserAccessibilityStateImpl::UpdateAccessibilityActivityTask
$0
9/21/2024