Disclosed Chromium Security Bugs

v8_wasm_deopt_fuzzer: Crash in v8::internal::WasmFrame::Iterate

#381128261Reporter: 24...@project.gserviceaccount.com
$0
3/8/2025

atspi_in_process_fuzzer: Heap-use-after-free in ui::AXPlatformNodeAuraLinux::FromAtkObject

#359992017Reporter: ad...@google.com
$0
3/7/2025

Debug check failed: input_count <= std::numeric_limitsinput_count)>::max() (65554 vs. 65535). in v8

#380487911Reporter: je...@gmail.com
$8,000
3/7/2025

V8 Sandbox Bypass: AAR/W

#381216369Reporter: bi...@icloud.com
$2,000
3/7/2025

Crash in blink::ScrollMarkerGroupPseudoElement::DetachLayoutTree

#381122656Reporter: 24...@project.gserviceaccount.com
$0
3/7/2025

DCHECK failure in !chunk->InWritableSharedSpace() in isolate-utils-inl.h

#380930692Reporter: 24...@project.gserviceaccount.com
$0
3/7/2025

Use-After-Free in blink::ClipboardItem::ClipboardItem

#380487912Reporter: em...@gmail.com
$11,000
3/6/2025

V8 sandbox violation in v8::internal::compiler::JSContextSpecialization::ReduceJSLoadScriptContext

#381127888Reporter: sa...@google.com
$0
3/6/2025

Type Confusion in AsyncIteratorPrototypeAsyncDispose() Leads to RCE

#380677637Reporter: hu...@gmail.com
$50,000
3/6/2025

mips64el: Debug check failed: src->rm() != at. in codegen/mips64/assembler-mips64.cc

#380604249Reporter: li...@gmail.com
$0
3/6/2025
Showing 491-500 of 8283 bugs
1...495051...829