Disclosed Chromium Security Bugs

JSPI type confusion with re-exported JS import

#340102752Reporter: th...@chromium.org
$0
8/24/2024

CHECK failure: trampoline_pc >= 0

#339065337Reporter: 24...@project.gserviceaccount.com
$0
8/24/2024

Security: FedCM prompt bubble renders outside of opening window, causing various issues

#338233148Reporter: al...@alesandroortiz.com
$2,000
8/23/2024

UAF in SetPreludeText

#339877158Reporter: ha...@gmail.com
$500
8/23/2024

MiraclePtr bypass due to PtrCount overflow

#340122160Reporter: ha...@gmail.com
$100,115
8/23/2024

Security: iOS file picker dialog can be shown over a different tab

#40945804Reporter: ho...@gmail.com
$2,000
8/23/2024

Heap-buffer-overflow in blink::CSSPropertyParser::ParseValueStart

#340919085Reporter: 24...@project.gserviceaccount.com
$0
8/23/2024

Security: Stack-buffer-overflows in GLES2Implementation commands

#340822365Reporter: ti...@chromium.org
$0
8/22/2024

Payment Request API permitted in CSP/iframe sandbox

#40090857Reporter: s....@gmail.com
$1,000
8/22/2024

heap-use-after-free at browser.cc:869 in Browser::TryToCloseWindow (browser process)

#40062622Reporter: xp...@gmail.com
$1,000
8/22/2024
Showing 3111-3120 of 10559 bugs
1...311312313...1056