PT-2025-27697

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential out-of-bounds read/write access issue has been identified in the Linux kernel. The issue occurs when using tools like 'mdio-tools' to read/write data from/to network...

CVE-2025-27021

The misconfiguration in the sudoers configuration of the operating system in Infinera G42 version R6.1.3 allows low privileged OS users to read/write physical memory via devmem command line tool. This could allow sensitive information disclosure, denial of service, and privilege escalation by...

Google Chromium V8 Type Confusion Vulnerability

Google Chromium V8 contains a type confusion vulnerability that could allow a remote attacker to perform arbitrary read/write via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Ope...

SUSE CVE-2025-6554

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

Vulnerability fixed in Google Chrome

Google has fixed a vulnerability in Google Chrome Specifically for versions prior to 138.0.7204.96. The vulnerability is located in Google Chrome's V8 engine and is classified as a high severity confusion type vulnerability. This allows attackers to perform arbitrary read/write operations through...

CVE-2025-6554

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2025-6554

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

AZL-76320 CVE-2025-6554 affecting package nodejs24 24.13.0-3

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

CVE-2025-6554

CVE-2025-6554 is a Google Chromium V8 type-confusion vulnerability that could allow a remote attacker to perform arbitrary read/write via a crafted HTML page. Affected product scope is Google Chrome/Chromium-based engines; root cause is type confusion in V8. Chrome’s June 2025/Stable updates addr...

CVE-2025-6554

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

CVE-2025-6554

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

CVE-2025-6554

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

CVE-2025-6554

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

VulnCheck KEV: CVE-2025-6554

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2022-49956

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs Read/WriteMACREG callbacks are NULL so the read/writemacreghdl functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delete them...

SUSE CVE-2022-50059

In the Linux kernel, the following vulnerability has been resolved: ceph: don't leak snaprwsem in handlecapgrant When handlecapgrant is called on an IMPORT op, then the snaprwsem is held and the function is expected to release it before returning. It currently fails to do that in all cases which...

The vulnerability in the ZendTo web application for transferring files involves an incorrect restriction on the path to the restricted directory. This allows a malicious actor to gain read and write access to data, or cause a service failure.

The vulnerability in the web application for transferring files via ZendTo is related to an incorrect restriction on the path to the restricted directory during the processing of the tmpname parameter. Exploiting this vulnerability can allow an attacker to gain read and modify access to data, or...

DEBIAN-CVE-2022-49956

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs Read/WriteMACREG callbacks are NULL so the read/writemacreghdl functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delete them...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fixed a potential out-of-bounds issue related to read/write operations via C45 clause 45 of the mdiobus interface. When using publicly available tools like ‘mdio-tools’ to read/write data from/to network interfaces v...

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...