Disclosed Chromium Security Bugs

Security: UAF in hci_add_adv_monitor

#40066849Reporter: lm...@gmail.com
$0
1/19/2024

Security: UAF in drm_gem_object_release_handle

#40068315Reporter: da...@gmail.com
$0
1/19/2024

Security: Race Condition Double Free in i915_gem_set_tiling_ioctl

#40068575Reporter: yq...@gmail.com
$0
1/19/2024

Security: heap after free at `RenderFrameHostManager::GetFrameHostForNavigation`

#40073755Reporter: 18...@gmail.com
$1,000
1/19/2024

Security: UAF in blink::CanvasResourceDispatcher::OnBeginFrame

#40074673Reporter: ki...@gmail.com
$0
1/19/2024

tint_wgsl_fuzzer: Heap-buffer-overflow in tint::SymbolTable::RegisterInternal

#40074699Reporter: cl...@chromium.org
$0
1/19/2024

Security: heap-buffer-overflow vrend_write_to_iovec

#40071209Reporter: ph...@gmail.com
$250
1/18/2024

Security: SOP bypass: Portal activation bypasses same-page drag and drop source check

#40072334Reporter: st...@gmail.com
$3,000
1/18/2024

UAF in vk::Buffer::getOffsetPointer

#40073792Reporter: em...@gmail.com
$11,000
1/18/2024

Crash in blink::AXObjectCacheImpl::RemoveSubtreeWithFlatTraversal

#40074380Reporter: cl...@chromium.org
$0
1/18/2024
Showing 3751-3760 of 10591 bugs
1...375376377...1060