Disclosed Chromium Security Bugs

Requests for script sent even when main document is text/plain

#40054254Reporter: pr...@gmail.com
$500
5/6/2021

use after poison in DOMWebSocket

#40054576Reporter: ne...@gmail.com
$5,000
5/6/2021

tint_spv_reader_hlsl_writer_fuzzer: Heap-use-after-free in tint::fuzzers::CommonFuzzer::Run

#40054594Reporter: cl...@chromium.org
$0
5/6/2021

DCHECK failure in expr->scope()->outer_scope() == current_scope() in bytecode-generator.cc

#40054596Reporter: cl...@chromium.org
$0
5/6/2021

CHECK failure: serialized_prototype_ in js-heap-broker.cc

#40054584Reporter: cl...@chromium.org
$0
5/5/2021

Security: UaF in chrome!payments::PaymentRequestSheetController::UpdateHeaderView

#40054420Reporter: ch...@gmail.com
$15,000
5/4/2021

tint_spv_reader_wgsl_writer_fuzzer: Heap-use-after-free in tint::fuzzers::CommonFuzzer::Run

#40054559Reporter: cl...@chromium.org
$0
5/4/2021

v8_wasm_async_fuzzer.exe: Null-dereference in v8::base::Thread::Start

#40054509Reporter: cl...@chromium.org
$0
5/2/2021

Security: WebGL Shader Stack Exhaustion leading to PC control in llvmpipe

#40054092Reporter: ja...@gmail.com
$1,000
5/1/2021

tint_spv_reader_spv_writer_fuzzer: Segv on unknown address in tint::fuzzers::CommonFuzzer::Run

#40054474Reporter: cl...@chromium.org
$0
4/30/2021
Showing 6381-6390 of 10955 bugs