Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

124 matches found

Debian CVE
Debian CVEadded 2025/01/11 3:36 a.m.8 views

CVE-2025-23108

Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability was fixed in Firefox for iOS 134...

4.3CVSS5.2AI score0.00232EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2025/01/11 12:0 a.m.3 views

PT-2025-4825 · Mozilla · Firefox

Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 134 Description: The issue allows long hostnames in URLs to be used to obscure the actual host of a website or to spoof the website address. Recommendations: For Firefox for iOS versions prior to 134, update ...

6.5CVSS6AI score0.00175EPSS
Exploits0References10
Mozilla
Mozillaadded 2025/01/10 12:0 a.m.16 views

Security Vulnerabilities fixed in Firefox for iOS 134 — Mozilla

Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address...

6.5CVSS6.2AI score0.00232EPSS
Exploits0References2Affected Software1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/01/03 12:43 a.m.3 views

Malicious code in firefox-ios (npm)

This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d8da1499a4dcf0cde084f83cf51955dee40dfa2217bdc1d01d4b71d3359e9d34 Any computer that has this package install...

7AI score
Exploits0References1
OSV
OSVadded 2025/01/03 12:43 a.m.2 views

MAL-2025-50 Malicious code in firefox-ios (npm)

This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d8da1499a4dcf0cde084f83cf51955dee40dfa2217bdc1d01d4b71d3359e9d34 Any computer that has this package install...

7AI score
Exploits0References1
SUSE CVE
SUSE CVEadded 2024/11/27 3:47 a.m.3 views

SUSE CVE-2024-53976

Under certain circumstances, navigating to a webpage would result in the address missing from the location URL bar, making it unclear what the URL was for the loaded webpage. This vulnerability affects Firefox for iOS 133...

5.4CVSS6.3AI score0.00294EPSS
Exploits0References3
OSV
OSVadded 2024/11/26 2:15 p.m.2 views

CVE-2024-53975

Accessing a non-secure HTTP site that uses a non-existent port may cause the SSL padlock icon in the location URL bar to, misleadingly, appear secure. This vulnerability affects Firefox for iOS 133...

5.4CVSS5.6AI score0.00273EPSS
Exploits0References2
OSV
OSVadded 2024/11/26 2:15 p.m.1 views

CVE-2024-53976

Under certain circumstances, navigating to a webpage would result in the address missing from the location URL bar, making it unclear what the URL was for the loaded webpage. This vulnerability affects Firefox for iOS 133...

5.4CVSS5.8AI score0.00294EPSS
Exploits0References2
NVD
NVDadded 2024/11/26 2:15 p.m.15 views

CVE-2024-53975

Accessing a non-secure HTTP site that uses a non-existent port may cause the SSL padlock icon in the location URL bar to, misleadingly, appear secure. This vulnerability affects Firefox for iOS 133...

5.4CVSS0.00273EPSS
Exploits0References2
OSV
OSVadded 2024/11/26 2:15 p.m.1 views

UBUNTU-CVE-2024-53976

Under certain circumstances, navigating to a webpage would result in the address missing from the location URL bar, making it unclear what the URL was for the loaded webpage. This vulnerability affects Firefox for iOS 133...

5.4CVSS5.8AI score0.00294EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/11/26 1:34 p.m.14 views

CVE-2024-53975

Accessing a non-secure HTTP site that uses a non-existent port may cause the SSL padlock icon in the location URL bar to, misleadingly, appear secure. This vulnerability affects Firefox for iOS 133...

6.1AI score0.00273EPSS
Exploits0References2
CVE
CVEadded 2024/11/26 1:34 p.m.282 views

CVE-2024-53976

CVE-2024-53976 affects Firefox for iOS

5.4CVSS6.3AI score0.00294EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2024/11/26 1:34 p.m.284 views

CVE-2024-53975

CVE-2024-53975 affects Firefox for iOS before version 133. The issue is a spoofing vulnerability where accessing a non-secure HTTP site that uses a non-existent port could cause the SSL padlock to appear secure, misleading users. Root cause is UI/URL handling that fails to reflect the actual secu...

5.4CVSS6.3AI score0.00273EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2024/11/26 12:0 a.m.5 views

PT-2024-35989 · Mozilla · Firefox

Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 133 Description: Accessing a non-secure HTTP site that uses a non-existent port may cause the SSL padlock icon in the location URL bar to appear secure misleadingly. Recommendations: For Firefox for iOS...

5.4CVSS6.4AI score0.00273EPSS
Exploits0References6
OSV
OSVadded 2024/08/06 4:15 p.m.2 views

CVE-2024-43113

The contextual menu for links could provide an opportunity for cross-site scripting attacks This vulnerability affects Firefox for iOS 129...

6.1CVSS5.7AI score
Exploits0References2
NVD
NVDadded 2024/08/06 4:15 p.m.16 views

CVE-2024-43113

The contextual menu for links could provide an opportunity for cross-site scripting attacks This vulnerability affects Firefox for iOS 129...

6.1CVSS0.00237EPSS
Exploits0References2
OSV
OSVadded 2024/08/06 4:15 p.m.1 views

UBUNTU-CVE-2024-43111

Long pressing on a download link could potentially allow Javascript commands to be executed within the browser This vulnerability affects Firefox for iOS 129...

9.8CVSS5.8AI score0.00255EPSS
Exploits0References4
Cvelist
Cvelistadded 2024/08/06 3:55 p.m.31 views

CVE-2024-43111

Long pressing on a download link could potentially allow Javascript commands to be executed within the browser This vulnerability affects Firefox for iOS 129...

0.00255EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2024/08/06 3:55 p.m.17 views

CVE-2024-43112

Long pressing on a download link could potentially provide a means for cross-site scripting This vulnerability affects Firefox for iOS 129...

6.1CVSS4.8AI score0.00237EPSS
Exploits0
Debian CVE
Debian CVEadded 2024/08/06 3:55 p.m.22 views

CVE-2024-43113

The contextual menu for links could provide an opportunity for cross-site scripting attacks This vulnerability affects Firefox for iOS 129...

6.1CVSS4.8AI score0.00237EPSS
Exploits0
Rows per page
Query Builder