Disclosed Chromium Security Bugs

CHECK failure: length == previously_materialized_objects->length()

#328680228Reporter: 24...@project.gserviceaccount.com
$0
6/19/2024

Security: Local cards can be retrieved in chrome://settings/payments when Payments Mandatory Re-auth is turned on through DevTools.

#40073089Reporter: vi...@google.com
$0
6/19/2024

heap-use-after-free heap-use-after-free media\audio\audio_renderer_mixer_manager.cc:228 in blink::AudioRendererMixerManager::ReturnMixer

#328918906Reporter: m....@gmail.com
$8,000
6/19/2024

chrome://whats-new/ CSP allows loading any HTTPS page

#328690293Reporter: je...@gmail.com
$1,000
6/18/2024

Security: `Android` Top-level redirect from cross-origin iframe by setting `Content-Security-Policy: sandbox allow-top-navigation` Bypass of Issue 1251790

#41493458Reporter: el...@gmail.com
$3,000
6/18/2024

CHECK failure: !translated_values->IsMaterializedObject() in frames.cc

#328676392Reporter: 24...@project.gserviceaccount.com
$0
6/18/2024

embed element allows to access camera and Pan-Tilt-Zoom on legitimate webcam site with no ua

#40945830Reporter: pr...@gmail.com
$1,000
6/18/2024

TabOrganizationSession UAF on destruction if a StartRequest is still active

#328736351Reporter: pb...@chromium.org
$0
6/18/2024

CHECK failure: Ref construction failed in heap-refs.cc

#328689565Reporter: de...@googlemail.com
$0
6/16/2024

Check failed: !v8::internal::v8_flags.enable_slow_asserts.value() || (IsDereferenceAllowed()).

#327740539Reporter: wh...@gmail.com
$15,000
6/15/2024
Showing 3281-3290 of 10559 bugs
1...328329330...1056