Disclosed Chromium Security Bugs

DCHECK failure in descriptor_number.as_int() < number_of_descriptors() in descriptor-array-inl.h

#40067787Reporter: cl...@chromium.org
$0
10/27/2023

DCHECK failure in details.kind() == PropertyKind::kData in ic.cc

#40067838Reporter: cl...@chromium.org
$0
10/27/2023

matio:matio_fuzzer: Heap-buffer-overflow in H5D__scatter_mem

#42529534Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
10/26/2023

Security: [ANGLE] opengl : Out-of-bounds memory can be accessed using offsets in vertexAttribPointer

#40066076Reporter: ne...@nesk.kr
$10,000
10/25/2023

I'm reporting an incomplete fix for a prior report (1451211) and (1427865).

#40067239Reporter: au...@gmail.com
$15,000
10/25/2023

Security: Type confusion in VisitFindNonDefaultConstructorOrConstruct of Maglev

#40067530Reporter: m-...@github.com
$21,000
10/25/2023

Security: stack-buffer-overflow WRITE of size 169 while parsing a file in espeak-ng (ChromeOS relevant)

#40056072Reporter: na...@gmail.com
$0
10/24/2023

Security: heap-use-after-free READ of size 4 while parsing a file in espeak-ng (ChromeOS relevant)

#40056073Reporter: na...@gmail.com
$0
10/24/2023

Security: stack-buffer-overflow READ of size 1 while parsing a file in espeak-ng (ChromeOS relevant)

#40056074Reporter: na...@gmail.com
$0
10/24/2023

Security: stack-buffer-overflow WRITE of size 494 while parsing a file in espeak-ng (ChromeOS relevant)

#40056075Reporter: na...@gmail.com
$0
10/24/2023
Showing 4111-4120 of 10725 bugs
1...411412413...1073