Disclosed Chromium Security Bugs

Renderer inject extension script after renavigation to site previously granted one-time tab permission

#324455951Reporter: em...@chromium.org
$0
7/3/2024

[Pwn2Own 2024] PinArrayBufferContent is insufficient to keep the backing store itself pinned

#330575496Reporter: se...@gmail.com
$0
6/30/2024

[Pwn2Own 2024] WebCodecs VideoFrame Race Condition UAF Write to RCE (umbrella bug)

#330563095Reporter: se...@gmail.com
$0
6/30/2024

GPU process crash via WebGPU shader

#328958020Reporter: wg...@gmail.com
$10,000
6/29/2024

Security: Fatal error in ../../src/ast/ast.h, line 1477

#40072287Reporter: be...@gmail.com
$7,000
6/29/2024

Security: HTML injection in chrome://browser-switch/

#330376742Reporter: ol...@gmail.com
$1,000
6/29/2024

V8 sandbox violation in v8::internal::Scavenger::IterateAndScavengePromotedObject

#329781445Reporter: 24...@project.gserviceaccount.com
$0
6/29/2024

CHECK failure: (location_) != nullptr in maybe-handles.h

#329699609Reporter: 24...@project.gserviceaccount.com
$0
6/28/2024

use-after-poison on blink::MIDIDispatcher::SessionStarted

#329130361Reporter: ki...@gmail.com
$3,000
6/28/2024

[Pwn2Own 2024] wasm type confusion from insufficient type section validation

#330588502Reporter: ma...@gmail.com
$0
6/28/2024
Showing 3241-3250 of 10559 bugs
1...324325326...1056