Lucene search
K

54 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:31 p.m.5 views

CVE-2021-29973

Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user's password would be entered by the browser's autofill functionality This bug only affects Firefox for Android. Other...

8.8CVSS7.2AI score0.00812EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/03/04 2:15 p.m.3 views

CVE-2025-1940

A select option could partially obscure the confirmation prompt shown before launching external apps. This could be used to trick a user in to launching an external app unexpectedly. This issue only affects Android versions of Firefox. This vulnerability affects Firefox 136...

7.1CVSS6AI score0.0023EPSS
Exploits0References2
OSV
OSV
added 2025/03/04 2:15 p.m.1 views

UBUNTU-CVE-2025-1940

A select option could partially obscure the confirmation prompt shown before launching external apps. This could be used to trick a user in to launching an external app unexpectedly. This issue only affects Android versions of Firefox. This vulnerability affects Firefox 136...

7.1CVSS5.8AI score0.0023EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/10/11 3:33 a.m.2 views

SUSE CVE-2023-29549

Under certain circumstances, a call to the bind function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

6.5CVSS8.4AI score0.00327EPSS
Exploits0References4
OSV
OSV
added 2024/10/01 4:15 p.m.3 views

CVE-2024-9395

A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox 131...

5.3CVSS5.8AI score0.00332EPSS
Exploits0References2
OSV
OSV
added 2024/08/06 1:15 p.m.3 views

CVE-2024-7523

A select option could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This issue only affects Android versions of Firefox. This vulnerability affects Firefox 129...

8.1CVSS7.2AI score0.0026EPSS
Exploits0References2
OSV
OSV
added 2024/08/06 1:15 p.m.3 views

UBUNTU-CVE-2024-7523

A select option could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This issue only affects Android versions of Firefox. This vulnerability affects Firefox 129...

8.1CVSS5.6AI score0.0026EPSS
Exploits0References5
OSV
OSV
added 2024/05/14 6:15 p.m.4 views

CVE-2024-4766

Different techniques existed to obscure the fullscreen notification in Firefox for Android. These could have led to potential user confusion and spoofing attacks. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox 126...

4.3CVSS5.8AI score0.00393EPSS
Exploits0References3
OSV
OSV
added 2024/05/14 6:15 p.m.1 views

CVE-2024-4765

Web application manifests were stored by using an insecure MD5 hash which allowed for a hash collision to overwrite another application's manifest. This could have been exploited to run arbitrary code in another application's context. This issue only affects Firefox for Android. Other versions of...

8.1CVSS7.5AI score0.00274EPSS
Exploits0References2
OSV
OSV
added 2023/12/19 2:15 p.m.10 views

CVE-2023-6870

Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. This issue only affects Android versions of Firefox and Firefox Focus. This vulnerability affects Firefox 121...

4.3CVSS6.1AI score
Exploits0References3
OSV
OSV
added 2023/12/19 2:15 p.m.4 views

UBUNTU-CVE-2023-6870

Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. This issue only affects Android versions of Firefox and Firefox Focus. This vulnerability affects Firefox 121...

4.3CVSS7.3AI score0.0038EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/06/10 2:54 a.m.3 views

SUSE CVE-2023-29540

Using a redirect embedded into sourceMappingUrls could allow for navigation to external protocol links in sandboxed iframes without allow-top-navigation-to-custom-protocols. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

6.1CVSS8.3AI score0.00315EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/06/02 5:15 p.m.2 views

CVE-2023-29538

Under specific circumstances a WebExtension may have received a jar:file:/// URI instead of a moz-extension:/// URI during a load request. This leaked directory paths on the user's machine. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

4.3CVSS6.3AI score0.00397EPSS
Exploits0References3
OSV
OSV
added 2023/06/02 5:15 p.m.3 views

CVE-2023-28159

The fullscreen notification could have been hidden on Firefox for Android by using download popups, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 111...

4.3CVSS6.9AI score0.00348EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/06/02 5:15 p.m.3 views

CVE-2023-29540

Using a redirect embedded into sourceMappingUrls could allow for navigation to external protocol links in sandboxed iframes without allow-top-navigation-to-custom-protocols. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

6.1CVSS6.7AI score0.00315EPSS
Exploits0References3
OSV
OSV
added 2023/06/02 5:15 p.m.1 views

DEBIAN-CVE-2023-29550

Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR...

8.8CVSS7.9AI score0.00702EPSS
Exploits0References1
OSV
OSV
added 2023/06/02 5:15 p.m.3 views

CVE-2023-23600

Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. This bug only affects Firefox for Android. Other...

6.5CVSS7AI score
Exploits0References2
OSV
OSV
added 2023/04/12 12:0 a.m.6 views

UBUNTU-CVE-2023-29551

Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

8.8CVSS7.4AI score0.00521EPSS
Exploits0References4
OSV
OSV
added 2023/04/12 12:0 a.m.5 views

UBUNTU-CVE-2023-29540

Using a redirect embedded into sourceMappingUrls could allow for navigation to external protocol links in sandboxed iframes without allow-top-navigation-to-custom-protocols. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

6.1CVSS6.7AI score0.00315EPSS
Exploits0References4
OSV
OSV
added 2023/04/12 12:0 a.m.5 views

UBUNTU-CVE-2023-29538

Under specific circumstances a WebExtension may have received a jar:file:/// URI instead of a moz-extension:/// URI during a load request. This leaked directory paths on the user's machine. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

4.3CVSS6.2AI score0.00397EPSS
Exploits0References4
Rows per page
Query Builder