Disclosed Chromium Security Bugs

Map deprecation racing with concurrent compilation can break invariant

#40063162Reporter: te...@chromium.org
$0
5/30/2023

v8_wasm_fuzzer: Global-buffer-overflow in v8::internal::wasm::WasmFullDecoder

#40063174Reporter: cl...@chromium.org
$0
5/30/2023

UAF in permissions::PermissionRequest::request_type

#40063055Reporter: ha...@gmail.com
$41,000
5/29/2023

sql_recovery_fuzzer: Use-of-uninitialized-value in sql::recover::LeafPayloadReader::ReadPayload

#40061614Reporter: cl...@chromium.org
$0
5/28/2023

crashpad_process_snapshot_intermediate_dump_fuzzer: Heap-buffer-overflow in crashpad::internal::ExceptionSnapshotIOSIntermediateDump::InitializeFromMachExce

#40063056Reporter: cl...@chromium.org
$0
5/28/2023

Heap-use-after-free in ui::Layer::OnDeviceScaleFactorChanged

#40063108Reporter: cl...@chromium.org
$0
5/28/2023

heap-buffer-overflow in base::PersistentHistogramAllocator::GetHistogram

#40063138Reporter: wf...@chromium.org
$0
5/27/2023

Use-after-poison in v8::internal::maglev::MaxCallDepthProcessor::ConservativeFrameSize

#40063142Reporter: cl...@chromium.org
$0
5/27/2023

DCHECK failure in new_properties.can_eager_deopt() implies properties().can_eager_deopt() in magle

#40063146Reporter: cl...@chromium.org
$0
5/27/2023

Reading local files through an extension that doesn't have the file permission

#40054742Reporter: he...@gmail.com
$2,000
5/26/2023
Showing 4661-4670 of 10808 bugs
1...466467468...1081