Disclosed Chromium Security Bugs

Out-of-bounds read in memcpy() upon one line CSS - sometimes OOM too

#40078057Reporter: ro...@gmail.com
$0
10/1/2016

[MD audit] [RPC] More errors deserializing SkBitmaps!!

#40078311Reporter: sc...@gmail.com
$0
10/1/2016

[MD audit] DOM tree node reference errors when manipulating DOM tree inside certain callbacks

#40079148Reporter: sc...@gmail.com
$0
10/1/2016

[MD audit] Command Buffer Service Integer Overflow

#40079259Reporter: hb...@google.com
$0
10/1/2016

Omnibox visual spoofing with Japanese Maru

#40079525Reporter: ch...@casaba.com
$0
10/1/2016

libpng < (1.4.1|1.2.43) suffer DoS issues (CVE-2010-0205)

#40079754Reporter: ag...@chromium.org
$0
10/1/2016

sessionStorage is shared on iframe@sandbox

#40080692Reporter: ev...@google.com
$0
10/1/2016

Sandboxed iframes should not autocomplete/autofill unless allow-same-origin set

#40080783Reporter: ev...@google.com
$0
10/1/2016

[MD audit] Linux sandbox escape

#40080844Reporter: sc...@gmail.com
$0
10/1/2016

[MD audit] Possible memory corruption with bad bitmap shared memory object in clipboard IPC

#40080846Reporter: sc...@gmail.com
$0
10/1/2016
Showing 6941-6950 of 10940 bugs