Disclosed Chromium Security Bugs

Heap-use-after-free in blink::LocalFrameView::PerformPreLayoutTasks

#40054601Reporter: cl...@chromium.org
$0
5/12/2021

wasm3:fuzzer: Index-out-of-bounds in FindReferencedLocalWithinCurrentBlock

#42496881Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
5/12/2021

Security: allow-top-navigation-by-user-activation bypasses via message event listeners on iOS

#40052658Reporter: el...@confiant.com
$5,000
5/11/2021

dawn_wire_server_and_vulkan_backend_fuzzer: Crash in vk::DescriptorSetLayout::DescriptorSetLayout

#40054405Reporter: cl...@chromium.org
$0
5/11/2021

dawn_spirv_cross_glsl_fast_fuzzer: Use-of-uninitialized-value in spirv_cross::Compiler::CombinedImageSamplerUsageHandler::add_dependency

#40054635Reporter: cl...@chromium.org
$0
5/11/2021

wasm3:fuzzer: Index-out-of-bounds in GetStackTypeFromTop

#42496846Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
5/11/2021

wasm3:fuzzer: Index-out-of-bounds in CopyStackTopToRegister

#42496842Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
5/11/2021

v8_multi_return_fuzzer: DCHECK failure in stack_decrement == kSystemPointerSize in code-generator-arm.cc

#40054600Reporter: cl...@chromium.org
$0
5/9/2021

dawn_spirv_cross_glsl_fast_fuzzer: Use-of-uninitialized-value in spirv_cross::Compiler::CombinedImageSamplerUsageHandler::add_dependency

#40054608Reporter: cl...@chromium.org
$0
5/8/2021

gdk-pixbuf:pixbuf_scale_fuzzer: Heap-buffer-overflow in g_base64_encode_step

#42496695Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
5/7/2021
Showing 6371-6380 of 10955 bugs