CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

CVE-2023-53759

In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidrawopen function increments the hidraw device reference counter. The counter has no dedicated synchronization mechanism, resulting in a potential data race when concurrently...

CVE-2025-40302

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...

PT-2025-49489

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the hidraw open function concerning the hidraw device reference counter. This occurs because the reference counter lacks a dedicated synchronization mechanism,...

Linux Distros Unpatched Vulnerability : CVE-2025-40302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some...

SUSE CVE-2025-40222

In the Linux kernel, the following vulnerability has been resolved: tty: serial: sh-sci: fix RSCI FIFO overrun handling The receive error handling code is shared between RSCI and all other SCIF port types, but the RSCI overrunreg is specified as a memory offset, while for other SCIF types it is a...

Microsoft Edge (Chromium) < 143.0.3650.66 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 143.0.3650.66. It is, therefore, affected by multiple vulnerabilities as referenced in the December 4, 2025 advisory. - Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote...

CVE-2025-29843

CVE-2025-29843 describes a vulnerability in Synology FileStation thumb CGI within Synology Router Manager (SRM) that allows remote authenticated users to read and write image files. The affected component is FileStation thumb CGI; root cause details are not provided beyond the CGI exposure. Docum...

CVE-2025-29843

A vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image files...

SUSE CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

EUVD-2025-200312

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

CVE-2025-13639

Summary: CVE-2025-13639 is an issue in the WebRTC implementation of Google Chrome/Chromium. Affected component: WebRTC in Chrome/Chromium prior to version 143.0.7499.41. Impact: Remote attacker could cause arbitrary read/write via a crafted HTML page (confidentiality and integrity impact; availab...

CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

PT-2025-48764

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.41 Description An improper implementation in WebRTC within Google Chrome could allow a remote attacker to perform arbitrary read/write operations through a specially crafted HTML page. The security...

Webinar: The "Agentic" Trojan Horse: Why the New AI Browsers War is a Nightmare for Security Teams

The AI browser wars are coming to a desktop near you, and you need to start worrying about their security challenges. For the last two decades, whether you used Chrome, Edge, or Firefox, the fundamental paradigm remained the same: a passive window through which a human user viewed and interacted...

CVE-2025-55174

CVE-2025-55174 affects KDE Skanpage prior to 25.08.0. The issue is a file-overwrite condition caused by using QIODevice::ReadWrite instead of QODevice::WriteOnly, which can cause the new file’s contents to appear at the start followed by partial old contents at the end. The vulnerability is local...