PT-2025-44667

Name of the Vulnerable Software and Affected Versions Silicon Labs Z-Wave PIR Sensor Reference design versions 2025.6.0 through 2025.6.1 Description A failure during SmartStart Inclusion when onboarding a Z-Wave PIR sensor can result in the sensor joining the network as a non-secure device. This...

webkitgtk: A website may be able to access sensor information without user consent

A flaw was found in WebKitGTK. A malicious website can obtain access to sensor information without user consent due to improper handling of caches...

Important: Red Hat Security Advisory: webkitgtk4 security update

An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

[SECURITY] Fedora 42 Update: qt6-qtsensors-6.9.3-1.fc42

The Qt Sensors API provides access to sensor hardware via QML and C++ interfaces. The Qt Sensors API also provides a motion gesture recognition API for devices...

RHEL 7 : webkitgtk4 (RHSA-2025:19352)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19352 advisory. WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3. Security...

webkitgtk: A website may be able to access sensor information without user consent

A flaw was found in WebKitGTK. A malicious website can obtain access to sensor information without user consent due to improper handling of caches...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

webkitgtk: A website may be able to access sensor information without user consent

A flaw was found in WebKitGTK. A malicious website can obtain access to sensor information without user consent due to improper handling of caches...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

RLSA-2025:18097 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously crafted web content may lead to an unexpected proces...

webkit2gtk3 security update

An update is available for webkit2gtk3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list WebKitGTK is the port of the portable web rendering engine WebKit to the...

RHEL 8 : webkit2gtk3 (RHSA-2025:19109)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19109 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

RockyLinux 9 : webkit2gtk3 (RLSA-2025:18097)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:18097 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously crafted we...

RHEL 8 : webkit2gtk3 (RHSA-2025:19157)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19157 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

RHEL 8 : webkit2gtk3 (RHSA-2025:19165)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19165 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

webkitgtk: A website may be able to access sensor information without user consent

A flaw was found in WebKitGTK. A malicious website can obtain access to sensor information without user consent due to improper handling of caches...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update ...

AlmaLinux 9 : webkit2gtk3 (ALSA-2025:18097)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18097 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously crafted web...

SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2025:3700-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3700-1 advisory. - CVE-2025-43343: improved memory handling in web content processing to prevent process crash bsc1251975 - CVE-2025-43272: improved...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: CVE-2025-43343: improved memory handling in web content processing to prevent process crash bsc1251975 CVE-2025-43272: improved memory handling to prevent unexpected process crash bsc1250439 CVE-2025-43342: correctness issue was addressed wi...