Disclosed Chromium Security Bugs

Security: Dangling FixedArray pointer in Promise.any can lead to memory corruption (incomplete fix for CVE-2023-4355)

#40071390Reporter: ti...@chromium.org
$0
12/14/2023

Dangling pointer in FedCmModalDialogView::ClosePopupWindow

#40071548Reporter: cb...@chromium.org
$0
12/14/2023

pcapplusplus:FuzzTarget: Heap-use-after-free in pcpp::TLVRecordReader::getTLVRecord

#42531135Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
12/14/2023

libbpf:bpf-object-fuzzer: Crash in init_struct_ops_maps

#42531130Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
12/13/2023

h265_bitstream_parser_fuzzer: Trap in rtc::webrtc_checks_impl::WriteFatalLog

#40070576Reporter: cl...@chromium.org
$0
12/13/2023

Heap-buffer-overflow in Pass::blur

#40071122Reporter: cl...@chromium.org
$0
12/13/2023

Security: UAF in UnblockPendingSubframeNavigationRequestsIfNeeded

#40070041Reporter: yq...@gmail.com
$1,000
12/12/2023

Security: heap-use-after-free in mojo::StringDataSource::Read

#40070513Reporter: st...@gmail.com
$2,000
12/9/2023

ax_tree_fuzzer: Trap in ui::AXTree::Unserialize

#40070665Reporter: cl...@chromium.org
$0
12/8/2023

Security: WebRTC PacketRouter Dangling Entry via Cross-Track SIM Group SSRC Collision

#40070891Reporter: ne...@google.com
$0
12/8/2023
Showing 3991-4000 of 10721 bugs
1...399400401...1073