Disclosed Chromium Security Bugs

Crash in dawn_native::BufferBase::SetSubData

#40093210Reporter: cl...@chromium.org
$0
3/14/2019

Bad-cast to dawn_native::DeviceBase from invalid vptr in dawn_native::ValidatingDeviceRelease

#40093305Reporter: cl...@chromium.org
$0
3/14/2019

Heap-use-after-free in dawn_native::DeviceBase::Release

#40093144Reporter: cl...@chromium.org
$0
3/13/2019

Use-of-uninitialized-value in dawn_native::DeviceBase::Release

#40093148Reporter: cl...@chromium.org
$0
3/13/2019

Heap-use-after-free in dawn_native::DeviceBase::Release

#40093149Reporter: cl...@chromium.org
$0
3/13/2019

Heap-use-after-free in dawn_native::DeviceBase::Release

#40093289Reporter: cl...@chromium.org
$0
3/13/2019

Security: CSP does not propagate to blob: URIs

#40093065Reporter: pa...@googlemail.com
$1,000
3/12/2019

Raw cookies are disclosed to cross-site renderer (in presence of DevTools and NetworkService)

#40092826Reporter: lu...@google.com
$0
3/9/2019

Bad-cast to blink::StringResource8 from blink::ParkableStringResource8 in blink::V8Element::GetElementsByClassNameMethodCallback

#40093234Reporter: cl...@chromium.org
$0
3/8/2019

Security: heap-use-after-free in __tree_next_iter

#40093192Reporter: zh...@gmail.com
$500
3/5/2019
Showing 6751-6760 of 10955 bugs