Disclosed Chromium Security Bugs

pdf_cfgas_stringformatter_fuzzer: Trap in CFGAS_StringFormatter::GetNumericFormat

#344009076Reporter: 24...@project.gserviceaccount.com
$0
9/11/2024

Security: Debug check failed: offset == var.offset() (128 vs. 112).

#343748812Reporter: rh...@gmail.com
$7,000
9/11/2024

CHECK failure: !FieldType::NowStable(field_type) || FieldType::NowContains(field_type, value) i

#344638604Reporter: 24...@project.gserviceaccount.com
$0
9/11/2024

DCHECK failure in IsHeapNumber(*value, isolate) in js-objects.cc

#344669837Reporter: 24...@project.gserviceaccount.com
$0
9/11/2024

CHECK failure: NumberOfOwnDescriptors() == instance_descriptors(isolate)->number_of_descriptors

#344654897Reporter: 24...@project.gserviceaccount.com
$0
9/11/2024

V8 sandbox violation in Builtins_SuspendGeneratorHandler

#337547182Reporter: sa...@google.com
$0
9/10/2024

Security: Segv in Builtins_JSToWasmWrapperAsm

#343035068Reporter: je...@gmail.com
$11,000
9/10/2024

DCHECK failure in IsSortedNoDuplicates() in objects.cc

#343886936Reporter: 24...@project.gserviceaccount.com
$0
9/10/2024

Type confusion in TryFastAddDataProperty

#342456991Reporter: m-...@github.com
$25,000
9/7/2024

Security: Debug check failed: !type.is_uninhabited()

#342602616Reporter: rh...@gmail.com
$7,000
9/7/2024
Showing 3041-3050 of 10559 bugs
1...304305306...1056