Disclosed Chromium Security Bugs

V8 sandbox violation in v8::internal::maglev::CapturedObject::set

#336648007Reporter: 24...@project.gserviceaccount.com
$0
8/13/2024

Crash with empty stacktrace

#338122900Reporter: cf...@google.com
$0
8/11/2024

pyz and pyzw file not in block list

#333940412Reporter: ho...@gmail.com
$500
8/10/2024

heap-buffer-overflow in SpirvTransformerBase::copyInstruction

#335613092Reporter: da...@gmail.com
$5,000
8/10/2024

DCHECK failure in outer->offset() == Context::OffsetOfElementAt(Context::PREVIOUS_INDEX) in maglev

#338457100Reporter: 24...@project.gserviceaccount.com
$0
8/10/2024

DCHECK failure in context->Is() || context->Is() in maglev-graph.h

#338437453Reporter: 24...@project.gserviceaccount.com
$0
8/10/2024

mjsunit/wasm/exnref-api starts failing (flag fuzzer)

#336214779Reporter: ma...@google.com
$0
8/9/2024

DCHECK failure in old_index >= start_of_evacuation_area in external-pointer-table.cc

#338099157Reporter: 24...@project.gserviceaccount.com
$0
8/9/2024

Security: Inappropriate implementation in Fullscreen API

#40074483Reporter: ch...@gmail.com
$500
8/9/2024

Heap-Buffer-Overflow in glgCopyRowsWithMemCopy

#337766133Reporter: de...@gmail.com
$11,000
8/9/2024
Showing 3151-3160 of 10559 bugs
1...315316317...1056