Lucene search
K

12 matches found

NVD
NVD
added 2026/05/25 3:16 p.m.13 views

CVE-2026-9078

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...

5.4CVSS0.00199EPSS
Exploits0References2
CVE
CVE
added 2026/02/16 2:13 p.m.29 views

CVE-2026-2032

CVE-2026-2032 concerns Mozilla Firefox for iOS. The issue involves malicious scripts that interrupt new tab page loading, causing desynchronization between the address bar and page content. This can allow an attacker to forge arbitrary HTML under a trusted domain. The vulnerability affects Firefo...

4.3CVSS5.9AI score0.0015EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25229

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.0021EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-25224

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00315EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/19 8:52 p.m.7 views

CVE-2025-54145 Scanning a malicious URL utilizing Firefox's open-text scheme with the QR code scanner could load arbitrary websites

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme. This vulnerability was fixed in Firefox for iOS 141...

0.00367EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.4 views

PT-2025-33874 · Mozilla · Firefox For Ios

Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 142 Description: Malicious scripts utilizing repetitive JavaScript alerts can prevent client user interaction, potentially leading to denial of service attacks. Recommendations: Update Firefox for iOS to...

6.5CVSS6.9AI score0.00207EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 11:32 p.m.2 views

CVE-2022-1887

The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS 101...

9.8CVSS8.8AI score0.00581EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/05/21 6:15 p.m.2 views

CVE-2025-5020

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS 139...

4.3CVSS6.6AI score0.00198EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.5 views

PT-2024-30300 · Mozilla · Firefox

Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 129 Description: A potential issue exists where long pressing on a download link could allow Javascript commands to be executed within the browser. Recommendations: For Firefox for iOS versions prior to 129,...

9.8CVSS6.8AI score0.00255EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/07/04 12:0 a.m.6 views

The vulnerability of Firefox browser for iOS, related to information representation errors in the user interface, allows a hacker to perform a spoofing attack.

The vulnerability of Firefox browser for iOS is related to information representation errors in the user interface. Exploiting this vulnerability allows an attacker to perform a spoofing attack by replacing the URL address in the location string cp...

6.4CVSS6.5AI score0.00292EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/12/22 8:15 p.m.2 views

CVE-2022-31746

Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS 102...

6.5CVSS5.8AI score0.00412EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/09/28 12:0 a.m.8 views

The vulnerability of the WKUserScript script in Mozilla Firefox’s browser loading mechanism for iOS allows a malicious user to load any file they desire.

The vulnerability of the WKUserScript script in Mozilla Firefox’s browser download function for iOS is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to download any file they desire...

7.8CVSS6.6AI score0.00674EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder