Disclosed Chromium Security Bugs

jwt-verify-lib:jwt_verify_lib_fuzz_test: Use-of-uninitialized-value in google::jwt_verify::verifyJwtWithoutTimeChecking

#42517907Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
11/8/2022

Security: `chrome.downloads.onDeterminingFilename` can be used to bypass the fix for issue 1310461 and steal environment variables

#40060202Reporter: la...@gmail.com
$7,000
11/7/2022

libraw:libraw_nef_fuzzer: Index-out-of-bounds in DHT::get_hv_rbg

#42517802Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
11/5/2022

Security: heap-use-after-free on IsLacrosWindow ash/drag_drop/tab_drag_drop_delegate.cc (Lacros)

#40059882Reporter: rh...@gmail.com
$3,000
11/4/2022

TypeConfuse in blink::NGLayoutInputNode::IsEmptyTableSection ng_layout_input_node.cc:87

#40060394Reporter: m....@gmail.com
$7,500
11/4/2022

Security: UAF in chromeos::multidevice::MultidevicePhoneHubHandler

#40060039Reporter: et...@gmail.com
$3,000
11/3/2022

Incorrect use of weakptr lead to UAF in NearbyShare

#40060044Reporter: ro...@gmail.com
$3,000
11/3/2022

Security: use after free in DiceWebSigninInterceptor

#40060166Reporter: wx...@gmail.com
$5,000
11/3/2022

sourceMappingURL directive allows use of UNC paths on Windows

#40060207Reporter: zi...@gmail.com
$7,500
11/3/2022

wild read in DrawCall::run

#40060309Reporter: em...@gmail.com
$7,000
11/3/2022
Showing 5291-5300 of 10856 bugs
1...529530531...1086