Security Bug Aggregator
@BugsAggregator
Aggregate disclosed Chromium security bugs.
Web version is online: tracker.ret2happy.com Feel free to leave any comments/suggestions Currently we support time/reward filter, along with the bug search functionality.
tracker.ret2happy.com
Disclosed Chromium Security Bug
Track Chromium security bugs with rewards and reports
[433533359][reward: $70000] Consumers of ReadableStream subject to data race with SharedArrayBuffer, leading to RCE + V8 Sandbox bypass crbug.com/433533359
[432035817][reward: $7000] Crash with three-way self Jitsi Meet call crbug.com/432035817
[433800617][reward: $7000] Security: Compromised renderer can steal cross-site data with minimal user interaction crbug.com/433800617
[432497641][reward: $11000] Security: heap-use-after-free on aura::Window::CleanupGestureState crbug.com/432497641
[361116749][reward: $1000] CSP doesn't block sourceMappingURL crbug.com/361116749
[434513380] Missing Write Barrier via Math.sqrt in Maglev crbug.com/434513380
[433407763][reward: $20000] V8 sandbox bypass due to NativeModule swapping while module instantiation was ongoing crbug.com/433407763
[427367145][reward: $1500] Command injection in "Copy as cURL (cmd)" due to improper sanitization crbug.com/427367145
[430960844][reward: $20000] V8 Sandbox Bypass: InstantiateAsmJs builtin doesn't protect against mid-builtin dispatch handle swaps crbug.com/430960844
[382005099] WebAudio AudioWorklets run V8 with disabled denormalized floats crbug.com/382005099
[40063861][reward: $2000] Security: Heap-use-after-free in views::View::VisibilityChangedImpl crbug.com/40063861
[40057616][reward: $3000] Security: the contents of iframe is placed outside of iframe when CSS "column-width" is defined in main frame. crbug.com/40057616
[40058133][reward: $5000] AddressSanitizer: use-after-poison ng_physical_fragment.h:316 in blink::NGPhysicalFragment::HasSelfPaintingLayer crbug.com/40058133
[432661300] Leaking contents of cross-origin images through canvas crbug.com/432661300
[419939693][reward: $10000] GPU process crash via WebGPU shader - heap-buffer-overflow in Mesa build_interference_graph crbug.com/419939693
[40067401][reward: $1000] Security: PiP window can obscure sensitive UI: External protocol dialog crbug.com/40067401
[431970772] V8 Sandbox Bypass: UB in ValueTypeBase::raw_heap_representation crbug.com/431970772
[40062905] Security: Debug check failed: (value) != nullptr crbug.com/40062905
[430572435][reward: $7000] JIT type confusion via corrupted inlining metadata crbug.com/430572435
[431828026] DCHECK failure in pc_offset() < unresolved_branches_first_limit() in assembler-arm64.cc crbug.com/431828026
United States Trends
- 1. #CARTMANCOIN 1,567 posts
- 2. Broncos 64.4K posts
- 3. yeonjun 187K posts
- 4. Bo Nix 17.8K posts
- 5. Geno 18.1K posts
- 6. $SMILEY N/A
- 7. Sean Payton 4,673 posts
- 8. Kenny Pickett 1,500 posts
- 9. daniela 37.5K posts
- 10. #TNFonPrime 3,969 posts
- 11. #criticalrolespoilers 4,607 posts
- 12. Chip Kelly 1,944 posts
- 13. Bradley Beal 3,374 posts
- 14. Jalen Green 7,106 posts
- 15. Pete Carroll 1,902 posts
- 16. TALK TO YOU OUT NOW 24.9K posts
- 17. byers 28.6K posts
- 18. Jeanty 6,479 posts
- 19. Kehlani 8,919 posts
- 20. #TSTheLifeofaShowgirl 1,691 posts
Something went wrong.
Something went wrong.