RockyLinux 8 : webkit2gtk3 (RLSA-2025:17802)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:17802 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously crafted we...

webkitgtk: A website may be able to access sensor information without user consent

A flaw was found in WebKitGTK. A malicious website can obtain access to sensor information without user consent due to improper handling of caches...

RHEL 9 : webkit2gtk3 (RHSA-2025:17741)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17741 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free via improper handling of caches. An attacker can obtain unauthorized access to sensor information by tricking a user into visiting a malicious website. This is only exploitable if the system is configured with certain...

CVE-2025-43356

The issue was addressed with improved handling of caches. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A website may be able to access sensor information without user consent...

CVE-2025-43356

The issue was addressed with improved handling of caches. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A website may be able to access sensor information without user consent...

CVE-2025-31192

The issue was addressed with improved checks. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A website may be able to access sensor information without user consent...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS and Apple iPadOS that originates from websites that may be able to access...

Google Wear OS Security Vulnerability

Google Wear OS is a Google-developed operating system from Google, Inc. in the United States, designed specifically for use in smartwatches, smart bands, and other wearable devices. Google Wear OS has a security vulnerability that stems from the presence of privilege bypass in multiple locations,...

PT-2023-18018 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows for the retrieval of sensor data without proper permissions due to a permissions bypass. This can lead to local information disclosure,...

CVE-2023-21034

In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

PUB-A-230358834

In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...