Disclosed Chromium Security Bugs

open_type_math_support_fuzzer: Crash in tt_face_get_colr_glyph_paint

#40944705Reporter: cl...@chromium.org
$0
2/29/2024

Security: Extension has access to a custom NTP

#40074269Reporter: fa...@gmail.com
$2,000
2/29/2024

CHECK failure: !heap_->sweeping_in_progress()

#40944840Reporter: cl...@chromium.org
$0
2/29/2024

DCHECK failure in !deopt_exit_offset.IsNone() in runtime-compiler.cc

#40944727Reporter: cl...@chromium.org
$0
2/29/2024

media: mtk-jpeg: use after free bug due to uncanceled work

#40066009Reporter: ha...@gmail.com
$0
2/28/2024

Incorrect handle of url scheme lead to rce+sbx escape

#40061509Reporter: su...@gmail.com
$1,000
2/27/2024

Crash in v8::internal::IsCompiledScope::IsCompiledScope

#40943753Reporter: cl...@chromium.org
$0
2/27/2024

Security: Uninitialization vulnerability leads to stack pointer reference

#40072841Reporter: yq...@gmail.com
$0
2/27/2024

Security: Heap buffer overflow Read due to Integer Overflow

#40070490Reporter: bu...@gmail.com
$0
2/27/2024

Bad-cast to HatsServiceAndroid from HatsServiceDesktop in HatsServiceFactory::GetForProfile

#40943668Reporter: cl...@chromium.org
$0
2/25/2024
Showing 3621-3630 of 10591 bugs
1...362363364...1060