Disclosed Chromium Security Bugs

blink_crabbyavif_decoder_fuzzer: Heap-use-after-free in _free_base

#418486364Reporter: 24...@project.gserviceaccount.com
$0
8/28/2025

blink_crabbyavif_decoder_fuzzer: Heap-use-after-free in dav1d_msac_init

#418520142Reporter: 24...@project.gserviceaccount.com
$0
8/28/2025

DCHECK failure in !Is(get(index, kRelaxedLoad)) in contexts-inl.h

#419081101Reporter: 24...@project.gserviceaccount.com
$0
8/28/2025

heap-use-after-free in cc::TileDisplayLayerImpl::Tiling::SetTileContents in GPU process

#415631307Reporter: 0x...@gmail.com
$0
8/28/2025

glslang:compile_fuzzer: Crash in glslang::TInfoSinkBase::location

#441210574Reporter: 87...@developer.gserviceaccount.com
$0
8/27/2025

tmux:input-fuzzer: Heap-buffer-overflow in input_c0_dispatch

#440602507Reporter: 87...@developer.gserviceaccount.com
$0
8/27/2025

openexr:openexr_exrcheck_fuzzer: Heap-buffer-overflow in internal_exr_undo_ht

#439237843Reporter: 87...@developer.gserviceaccount.com
$0
8/27/2025

wireshark:fuzzshark_ip_proto-udp: Global-buffer-overflow in proto_item_add_bitmask_tree

#441314745Reporter: 87...@developer.gserviceaccount.com
$0
8/27/2025

Speculation rules conflict with BFCache, causing potentially sensitive pages to be cached when they shouldn't

#417215501Reporter: je...@gmail.com
$2,000
8/27/2025

v8_json_parse_valid_json_p_fuzztest: CHECK failure: CheckTag(content, tag_range)

#416913840Reporter: 24...@project.gserviceaccount.com
$0
8/27/2025
Showing 801-810 of 9394 bugs
1...808182...940