12 matches found
CVE-2026-9078
Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...
CVE-2026-2032
CVE-2026-2032 concerns Mozilla Firefox for iOS. The issue involves malicious scripts that interrupt new tab page loading, causing desynchronization between the address bar and page content. This can allow an attacker to forge arbitrary HTML under a trusted domain. The vulnerability affects Firefo...
EUVD-2025-25229
Malicious code in bioql PyPI...
EUVD-2025-25224
Malicious code in bioql PyPI...
CVE-2025-54145 Scanning a malicious URL utilizing Firefox's open-text scheme with the QR code scanner could load arbitrary websites
The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme. This vulnerability was fixed in Firefox for iOS 141...
PT-2025-33874 · Mozilla · Firefox For Ios
Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 142 Description: Malicious scripts utilizing repetitive JavaScript alerts can prevent client user interaction, potentially leading to denial of service attacks. Recommendations: Update Firefox for iOS to...
CVE-2022-1887
The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS 101...
CVE-2025-5020
Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS 139...
PT-2024-30300 · Mozilla · Firefox
Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 129 Description: A potential issue exists where long pressing on a download link could allow Javascript commands to be executed within the browser. Recommendations: For Firefox for iOS versions prior to 129,...
The vulnerability of Firefox browser for iOS, related to information representation errors in the user interface, allows a hacker to perform a spoofing attack.
The vulnerability of Firefox browser for iOS is related to information representation errors in the user interface. Exploiting this vulnerability allows an attacker to perform a spoofing attack by replacing the URL address in the location string cp...
CVE-2022-31746
Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS 102...
The vulnerability of the WKUserScript script in Mozilla Firefox’s browser loading mechanism for iOS allows a malicious user to load any file they desire.
The vulnerability of the WKUserScript script in Mozilla Firefox’s browser download function for iOS is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to download any file they desire...