Disclosed Chromium Security Bugs

Security: HeapOverflow in PluralStringHandler::HandleGetPluralString

#40059988Reporter: ya...@gmail.com
$3,000
10/15/2022

Security: Use After Free of GPUExternalTexture object in renderer process.

#40060179Reporter: lo...@gmail.com
$7,500
10/15/2022

Heap-use-after-free in ash::DeskPreviewView::MaybeActivateHighlightedView

#40060194Reporter: cl...@chromium.org
$0
10/15/2022

Security: heap-use-after-free on third_party/abseil-cpp/absl/types/internal/optional.h:208:13 in optional_data (chromeOS)

#40058643Reporter: rh...@gmail.com
$2,000
10/14/2022

Typeconfuse in blink::LayoutTableRow::AddChild layout_table_row.cc:193

#40060157Reporter: m....@gmail.com
$5,000
10/14/2022

chrome.debugger 'Page.navigate' can navigate iframes to file:// when not enabled.

#40060173Reporter: nd...@protonmail.com
$3,000
10/14/2022

freetype_cff_ftengine_fuzzer: Heap-buffer-overflow in tt_face_load_colr

#40060175Reporter: cl...@chromium.org
$0
10/14/2022

Security: [iOS] Heap-use-afer-free in BrowsingHistoryService::QueryComplete

#40060185Reporter: aj...@google.com
$0
10/14/2022

Security: UAF in SyncConfirmation

#40059164Reporter: le...@gmail.com
$10,000
10/13/2022

sqlite3_fts3_lpm_fuzzer: Crash in sqlite3Fts3Incrmerge

#40059816Reporter: cl...@chromium.org
$0
10/13/2022
Showing 5341-5350 of 10856 bugs
1...534535536...1086