webkitgtk: A website may be able to access sensor information without user consent

A flaw was found in WebKitGTK. A malicious website can obtain access to sensor information without user consent due to improper handling of caches...

ALSA-2025:20922 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously crafted web content may lead to an unexpected proces...

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously crafted web content may lead to an unexpected proces...

RHEL 9 : webkit2gtk3 (RHSA-2025:20922)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:20922 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

Important: webkitgtk4

Issue Overview: The issue was addressed with improved memory handling. This issue is fixed in Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash. CVE-2025-43272 A correctness issue was address...

SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2025:3905-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3905-1 advisory. - CVE-2025-43343: Fixed an issue where processing maliciously crafted web content may lead to an unexpected process crash bsc1251975 -...

[SECURITY] Fedora 42 Update: qt5-qtsensors-5.15.18-1.fc42

The Qt Sensors API provides access to sensor hardware via QML and C++ interfaces. The Qt Sensors API also provides a motion gesture recognition API for devices...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990419)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990419 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: chemical: bme680: Fix overflows in compensate functions There are cases in the compensate...

CLSA-2025-1762362132 webkit2gtk3: Fix of 4 CVEs

Update to 2.48.7. The following CVEs were fixed: - CVE-2025-43272: fix processing maliciously crafted web content which may lead to an unexpected process/Safari crash - CVE-2025-43342: fix processing maliciously crafted web content which may lead to an unexpected process crash - CVE-2025-43356:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989898)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989898 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: chemical: bme680: Fix overflows in compensate functions There are cases in the compensate...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989073)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989073 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: Handle failure to register sensor with thermal zone correctly If an attempt is made to a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989589)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989589 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Fix NULL pointer dereference by removing unnecessary structure field If driver rea...

CVE-2025-52513

An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in an out-of-bounds write, leading to a denial of service...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: HID: Quirks – Added quirks for 2 Chicony Electronics HP 5MP cameras. The Chicony Electronics HP 5MP cameras USB IDs: 04F2:B824 & 04F2:B82C report a HID sensor interface that is not actually implemented. Attempting to access this...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: CVE-2025-43343: Fixed an issue where processing maliciously crafted web content may lead to an unexpected process crash bsc1251975 CVE-2025-43272: Fixed an issue where processing maliciously crafted web content may lead to an unexpected Safa...

SUSE-SU-2025:3905-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - CVE-2025-43343: Fixed an issue where processing maliciously crafted web content may lead to an unexpected process crash bsc1251975 - CVE-2025-43272: Fixed an issue where processing maliciously crafted web content may lead to an unexpected...

EUVD-2025-37394

When SmartStart Inclusion fails during the onboarding of a Z-Wave PIR sensor, the sensor will join the network as a non-secure device. This vulnerability exists in Silicon Labs' Z-Wave PIR Sensor Reference design delivered as part of SiSDK v2025.6.0 and v2025.6.1...

CVE-2025-10693 Silicon Labs Z-Wave PIR Sensor Joins Network as Non-Secure

When SmartStart Inclusion fails during the onboarding of a Z-Wave PIR sensor, the sensor will join the network as a non-secure device. This vulnerability exists in Silicon Labs' Z-Wave PIR Sensor Reference design delivered as part of SiSDK v2025.6.0 and v2025.6.1...

CVE-2025-10693

CVE-2025-10693 affects Silicon Labs’ Z‑Wave PIR Sensor Reference design in SiSDK v2025.6.0 and v2025.6.1. When SmartStart Inclusion fails, the PIR sensor may join the Z‑Wave network as a non‑secure device, exposing confidentiality and integrity (High) and impacting availability (Low) with a base ...

CVE-2025-10693 Silicon Labs Z-Wave PIR Sensor Joins Network as Non-Secure

When SmartStart Inclusion fails during the onboarding of a Z-Wave PIR sensor, the sensor will join the network as a non-secure device. This vulnerability exists in Silicon Labs' Z-Wave PIR Sensor Reference design delivered as part of SiSDK v2025.6.0 and v2025.6.1...