Disclosed Chromium Security Bugs

client_side_phishing_fuzzer: Global-buffer-overflow in safe_browsing::Scorer::ComputeRuleScore

#326513539Reporter: 24...@project.gserviceaccount.com
$0
5/2/2025

Eliminate raw pointers to traceable disallow_new types in css/

#389707046Reporter: om...@chromium.org
$0
5/1/2025

stack-use-after-scope in SetColorFromScheme(FPDF_COLORSCHEME_ const*, CPDF_RenderOptions*) fpdfsdk/cpdfsdk_helpers.cpp: 498:42

#390887851Reporter: ss...@snu.ac.kr
$0
5/1/2025

DCHECK failure in current_block_->HasBackedge(graph_) in wasm-gc-typed-optimization-reducer.cc

#383814042Reporter: 24...@project.gserviceaccount.com
$0
5/1/2025

Heap use-after-free in DirectSocket API

#390590778Reporter: tk...@paloaltonetworks.com
$4,000
4/30/2025

libGLES_mali memory safety violation via WebGPU shaders at llvm::Value::setNameImpl

#379551588Reporter: a7...@gmail.com
$35,000
4/30/2025

V8 Sandbox Bypass: UB in WebAssemblyMemoryGrow because AddressType is constructed from on-heap data

#390453039Reporter: v8...@gmail.com
$5,000
4/29/2025

V8 Sandbox Bypass: UB in MessageHandler::GetMessage because of invalid MessageTemplate variant

#390568183Reporter: v8...@gmail.com
$5,000
4/29/2025

GPU process crash via WebGPU shader - unknown-crash at fs_nir_emit_alu in brw_fs_nir.cpp

#377321465Reporter: wg...@gmail.com
$10,000
4/27/2025

V8 Sandbox Bypass: StringToBigIntHelper stack-buffer-overflow

#389970331Reporter: v8...@gmail.com
$5,000
4/26/2025
Showing 381-390 of 8283 bugs
1...383940...829