Disclosed Chromium Security Bugs

Security: Page can cause autofill prompt to render near cursor in order to bypass intentional mouse movement input requirements for autofill (Bypass of issue 1240472 fix)

#40058217Reporter: al...@alesandroortiz.com
$3,000
1/13/2023

Security: heap-use-after-free in blink::LocalFrameView::PerformLayout (incomplete fix for CVE-2022-3199)

#40061044Reporter: gl...@google.com
$0
1/12/2023

UAF in AccessibilityManager

#40061076Reporter: ha...@gmail.com
$2,000
1/12/2023

Security: Race condition in JSCreateLowering, leading to RCE

#40061184Reporter: ss...@gmail.com
$20,000
1/12/2023

Security: use-after-poison interface_endpoint_client.cc:900 in mojo::InterfaceEndpointClient::HandleValidatedMessage

#40061186Reporter: m....@gmail.com
$10,000
1/12/2023

UAF in SelectFileDialogLinuxKde::CallKDialogOutput

#40061212Reporter: ro...@gmail.com
$7,000
1/12/2023

Crash in blink::NGBlockNode::StoreResultInLayoutBox

#40061223Reporter: cl...@chromium.org
$0
1/12/2023

Security: clang-analyzer-core.uninitialized.Assign in third_party/ffmpeg/libavformat/riffdec.c

#40060724Reporter: Di...@microsoft.com
$0
1/11/2023

Security: UAF in in safe_browsing::IncidentReportingService::AddIncident(browser process)

#40061003Reporter: 0x...@gmail.com
$7,000
1/11/2023

DCHECK failure in offsets.size() != 0 in maglev-graph-builder.cc

#40061132Reporter: cl...@chromium.org
$0
1/11/2023
Showing 5081-5090 of 10831 bugs
1...508509510...1084