Disclosed Chromium Security Bugs

[Security] V8 Debug check failed: OFFSET_OF(Isolate, string_stream_current_security_token_) == strin

#40063148Reporter: vi...@gmail.com
$7,000
5/31/2023

Security: Type confusion in v8 value serializer

#40062884Reporter: m-...@github.com
$10,000
5/30/2023

Heap-use-after-free in ui::Layer::OnDeviceScaleFactorChanged

#40062933Reporter: cl...@chromium.org
$0
5/30/2023

heap-use-after-free : TemplateURLService::CreateSyncDataFromTemplateURL

#40062978Reporter: cr...@system.gserviceaccount.com
$0
5/30/2023

Security: heap-buffer-overflow in base::debug::ActivityUserData::ActivityUserData

#40063050Reporter: gl...@google.com
$0
5/30/2023

base_activity_analyzer_fuzzer: Heap-buffer-overflow in base::debug::ThreadActivityTracker::IsValid

#40063103Reporter: cl...@chromium.org
$0
5/30/2023

base_activity_analyzer_fuzzer: Use-of-uninitialized-value in base::debug::GlobalActivityAnalyzer::PrepareAllAnalyzers

#40063116Reporter: cl...@chromium.org
$0
5/30/2023

DCHECK failure in CpuFeatures::IsSupported(*feature) in macro-assembler-shared-ia32-x64.h

#40063144Reporter: cl...@chromium.org
$0
5/30/2023

DCHECK failure in 0 != new_nodes_.count(value) in maglev-graph-builder.h

#40063150Reporter: cl...@chromium.org
$0
5/30/2023

DCHECK failure in ValidOpInputRep(graph, left(), input_rep) in operations.h

#40063154Reporter: cl...@chromium.org
$0
5/30/2023
Showing 4651-4660 of 10808 bugs
1...465466467...1081