Disclosed Chromium Security Bugs

UAF in libglesv2!gl::Texture::onUnbindAsSamplerTexture

#40051860Reporter: pa...@blackowlsec.com
$5,000
7/10/2020

Security: Copy & paste XSS via noscript

#40051878Reporter: mi...@bentkowski.info
$5,000
7/10/2020

Security: Security: CSP does not propagate to blob: URIs

#40095900Reporter: ti...@gmail.com
$500
7/2/2020

UAF In ProcessManager

#40050562Reporter: le...@gmail.com
$7,500
7/1/2020

dawn_wire_server_and_vulkan_backend_fuzzer: Heap-use-after-free in vk::CommandPool::destroy

#40051775Reporter: cl...@chromium.org
$0
6/24/2020

Security: usersctp: out-of-bounds reads in sctp_load_addresses_from_init

#40051711Reporter: na...@google.com
$0
6/16/2020

Not only "devools://" but also "chrome-devtools://" should be registered as display-isolated

#40051607Reporter: de...@gmail.com
$0
6/15/2020

Security: Possible to open chrome-native:// pages on Android and the new tab page on desktop using window.open

#40095115Reporter: de...@gmail.com
$1,000
6/3/2020

Security: WebContentsViewAura::EndDrag may dereference a pointer to deleted RenderWidgetHost

#40050996Reporter: ig...@vivaldi.com
$0
6/3/2020

gpu_angle_passthrough_fuzzer: Null-dereference READ in gpu::gles2::GLES2DecoderPassthroughImpl::DoDrawArraysIndirect

#40051557Reporter: cl...@chromium.org
$0
5/30/2020
Showing 6561-6570 of 10978 bugs