Disclosed Chromium Security Bugs

Security: use-after-poison animation_frame_timing_monitor.cc:173 in blink::AnimationFrameTimingMonitor::OnMicrotasksCompleted

#40063470Reporter: m....@gmail.com
$0
6/21/2023

Security: Bypass https://chromium-review.googlesource.com/c/chromium/src/+/4294941 using upper-cased file: protocol (Source maps support for file:// URLs gives devtools_page extensions local file access)

#40063505Reporter: ha...@gmail.com
$5,000
6/21/2023

DCHECK failure in input_index == StoreTaggedFieldWithWriteBarrier::kObjectIndex implies phi->value

#40063539Reporter: cl...@chromium.org
$0
6/21/2023

Use-of-uninitialized-value in v8::internal::Sweeper::LocalSweeper::ParallelIteratePromotedPageForRememberedSet

#40063582Reporter: cl...@chromium.org
$0
6/21/2023

Use-of-uninitialized-value in v8::internal::Sweeper::LocalSweeper::ParallelIteratePromotedPageForRememberedSet

#40063583Reporter: cl...@chromium.org
$0
6/21/2023

Crash in Builtins_RecordWriteIgnoreFP

#40063585Reporter: cl...@chromium.org
$0
6/21/2023

DCHECK failure in UsableCapacity() <= TotalCapacity() in new-spaces.cc

#40063598Reporter: cl...@chromium.org
$0
6/21/2023

libraw:libraw_fuzzer: Use-of-uninitialized-value in LibRaw::kodak_ycbcr_load_raw

#42525532Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
6/21/2023

Security: Chrome on Android can self-intent into CCT, allowing sandboxed iframe allow-popups-to-escape-sandbox bypass.

#40063183Reporter: ha...@gmail.com
$1,000
6/19/2023

Security: Lack of validation in mojom traits for media::mojom::VideoFrame.

#40063362Reporter: ma...@google.com
$0
6/19/2023
Showing 4581-4590 of 10808 bugs
1...458459460...1081