Disclosed Chromium Security Bugs

V8 Sandbox Bypass: stack corruption due to parameter count mismatch

#338381304Reporter: pa...@gmail.com
$0
1/1/1970

V8 Sandbox Bypass: Interpreted Function Argument Mismatch

#341129593Reporter: ma...@gmail.com
$0
1/1/1970

V8 sandbox violation if SFI::formal_parameter_count doesn't match the parameter count of a function's code

#342297062Reporter: 24...@project.gserviceaccount.com
$0
1/1/1970

V8 Sandbox Bypass: control-flow hijacking via WASM Table Indirect call

#343407073Reporter: ed...@gmail.com
$5,000
1/1/1970

V8 Sandbox Bypass: Code Pointer Table Index Confusion leading to Stack Corruption

#344343031Reporter: ki...@sec.in.tum.de
$0
1/1/1970

V8 Sandbox Bypass: AAR/W via generic JSToWasmWrapper type sbxcheck() bypass

#354355045Reporter: se...@gmail.com
$5,000
1/1/1970

chrome://blob-internals has a loose CSP

#367494611Reporter: aj...@google.com
$0
1/1/1970

unrar:unrar_fuzzer: Use-of-uninitialized-value in DataHash::Cmp

#368060016Reporter: 87...@developer.gserviceaccount.com
$0
1/1/1970

mruby:mruby_fuzzer: Segv on unknown address in udiv

#368076871Reporter: 87...@developer.gserviceaccount.com
$0
1/1/1970

cpython3:fuzz_ast_literal_eval: Heap-use-after-free in dictkeys_decref

#368076875Reporter: 87...@developer.gserviceaccount.com
$0
1/1/1970
Showing 7671-7680 of 8254 bugs
1...767768769...826