Disclosed Chromium Security Bugs

Security: Type Confusion in V8 WebAssembly, leading to RCE

#40067050Reporter: je...@gmail.com
$20,000
10/16/2023

pdfium_xfa_fuzzer: Container-overflow in CFDE_TextOut::RetrievePieces

#40067061Reporter: cl...@chromium.org
$0
10/16/2023

DCHECK failure in old_map->owns_descriptors() in js-objects.cc

#40067049Reporter: cl...@chromium.org
$0
10/14/2023

CHECK failure: IsEmpty()

#40067085Reporter: cl...@chromium.org
$0
10/14/2023

DCHECK failure in !space->IsInlineAllocationEnabled() implies space->limit() == space->top() in ru

#40063590Reporter: cl...@chromium.org
$0
10/13/2023

Security: heap-use-after-free on AudioManagerWin

#40065022Reporter: ki...@gmail.com
$5,000
10/12/2023

Security: heap-use-after-free on chrome/browser/ui/views/tabs/tab_strip.cc:220:5

#40065546Reporter: rh...@gmail.com
$2,000
10/12/2023

Security: Interactionfull Devtools UXSS

#40066301Reporter: te...@google.com
$0
10/12/2023

Security: [ANGLE] metal : Out-of-bounds memory can be accessed on DrawCmd

#40066392Reporter: ne...@nesk.kr
$10,000
10/12/2023

Heap-use-after-free in ui::AXTreeSerializer::AnyDescendantWasReparented

#40066582Reporter: cl...@chromium.org
$0
10/12/2023
Showing 4221-4230 of 10765 bugs
1...422423424...1077