Disclosed Chromium Security Bugs

DCHECK failure in old_map_->EquivalentToForTransition( *root_map_, ConcurrencyMode::kSynchronous,

#341858978Reporter: 24...@project.gserviceaccount.com
$0
8/28/2024

Memory corruption in ReadableByteStreamController::FillPullIntoDescriptorFromQueue

#339877167Reporter: jt...@gmail.com
$11,000
8/28/2024

GPU process crash via WebGPU shader - UAF in ProcessValue at DxilValueCache.cpp:555

#338071106Reporter: wg...@gmail.com
$10,000
8/28/2024

GPU process crash via WebGPU shader - UAF in SimplifyTerminatorOnSelect at SimplifyCFG.cpp:2637

#338103465Reporter: wg...@gmail.com
$10,000
8/28/2024

UaF triggered by post-commit error page

#340606786Reporter: xi...@chromium.org
$0
8/28/2024

Security: [0-day] V8 Incorrect parsing leads to type confusions

#341663589Reporter: ti...@chromium.org
$0
8/28/2024

Security: Compromised renderer can commit navigations to illegal schemes.

#324934416Reporter: cr...@chromium.org
$0
8/27/2024

Use After Free in PresentationConnectionCallbacks::OnSuccess

#339588211Reporter: ha...@gmail.com
$1,000
8/27/2024

Heap-buffer-overflow in blink::SmallCapsIterator::Consume

#341142174Reporter: 24...@project.gserviceaccount.com
$0
8/27/2024

heap-use-after-free on AudioManagerMac

#340178596Reporter: ha...@gmail.com
$2,000
8/24/2024
Showing 3101-3110 of 10559 bugs
1...310311312...1056