Disclosed Chromium Security Bugs

Security: TOCTOU Bug in Windows Sandbox Handle Duplication Service

#40078785Reporter: ty...@gmail.com
$0
10/1/2016

Cross-origin request credentials are not removed properly in WebCore::DocumentThreadableLoader::loadRequest

#40079213Reporter: rh...@partner.samsung.com
$0
10/1/2016

Use-after-free in WebCore::GraphicsLayer::updateContentsRect

#40079216Reporter: cl...@chromium.org
$0
10/1/2016

Heap-use-after-free in WebCore::RenderTreeBuilder::createRendererForElementIfNeeded

#40079222Reporter: cl...@chromium.org
$0
10/1/2016

Heap-use-after-free in WebCore::CompositedLayerMapping::~CompositedLayerMapping

#40079379Reporter: cl...@chromium.org
$2,000
10/1/2016

ThreadSanitizer reports a use-after-free in DomSerializerTests.SerializeHTMLDOMWithEmptyHead

#40079577Reporter: gl...@chromium.org
$0
10/1/2016

Security: http basic authentication dialog from background tab is displayed over the active tab

#40079736Reporter: ni...@gmail.com
$0
10/1/2016

Use-of-uninitialized-value in _JpegScanSOI

#40079880Reporter: cl...@chromium.org
$0
10/1/2016

UNKNOWN in base::Time::LocalMidnight

#40079951Reporter: cl...@chromium.org
$0
10/1/2016

ASSERTION FAILED: node->isMediaControlElement(), UNKNOWN in blink::mediaControlElementType

#40080455Reporter: cl...@chromium.org
$0
10/1/2016
Showing 6991-7000 of 10940 bugs