Disclosed Chromium Security Bugs

Primitive type confusion in ia32 AssembleCodePhase

#40057438Reporter: fz...@gmail.com
$7,500
2/14/2022

Use after free in getSamplerTexture

#40057804Reporter: sj...@gmail.com
$5,000
2/14/2022

v8_regexp_parser_fuzzer: DCHECK failure in index < length() / kUInt16Size in fixed-array-inl.h

#40057847Reporter: cl...@chromium.org
$0
2/14/2022

Security: Heap-use-after-free in sharing_hub::SharingHubBubbleController::~SharingHubBubbleController

#40057760Reporter: ch...@gmail.com
$5,000
2/11/2022

v8_regexp_parser_fuzzer: DCHECK failure in r.to() < kMaxUInt16 in regexp-macro-assembler.cc

#40057752Reporter: cl...@chromium.org
$0
2/9/2022

Use after free in gl::VertexArray::setDependentDirtyBit

#40057631Reporter: sj...@gmail.com
$5,000
2/8/2022

rdkit:mol_data_stream_to_mol_fuzzer: Use-of-uninitialized-value in RDKit::SGroupParsing::ParseV3000CStateLabel

#42508315Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
2/8/2022

rdkit:mol_data_stream_to_mol_fuzzer: Bad-cast to RDKit::Atom from invalid vptr in RDKit::ROMol::initFromOther

#42508305Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
2/8/2022

Google Chrome MediaStreamTrackGenerator use after free vulnerability (TALOS-2021-1398)

#40057716Reporter: ma...@gmail.com
$7,500
2/5/2022

heap-use-after-free : crosapi::DriveIntegrationServiceAsh::~DriveIntegrationServiceAsh

#40057435Reporter: cr...@system.gserviceaccount.com
$0
2/3/2022
Showing 5951-5960 of 10930 bugs