Lucene search
K

4934 matches found

Cvelist
Cvelist
added 2026/03/09 1:27 p.m.30 views

CVE-2026-2919 Attacker-controlled content shown under spoofed domains in Focus for iOS via stalled navigation and iframe redirect

Malicious scripts could display attacker-controlled web content under spoofed domains in Focus for iOS by stalling a self navigation to an invalid port and triggering an iframe redirect, causing the UI to display a trusted domain without user interaction. This vulnerability was fixed in Focus for...

0.00184EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/09 1:27 p.m.4 views

CVE-2026-2919 Attacker-controlled content shown under spoofed domains in Focus for iOS via stalled navigation and iframe redirect

Malicious scripts could display attacker-controlled web content under spoofed domains in Focus for iOS by stalling a self navigation to an invalid port and triggering an iframe redirect, causing the UI to display a trusted domain without user interaction. This vulnerability was fixed in Focus for...

5.8AI score0.00184EPSS
Exploits0References2
CVE
CVE
added 2026/03/09 1:27 p.m.21 views

CVE-2026-2919

CVE-2026-2919 affects Focus for iOS. The issue arises from malicious scripts manipulating navigation and iframe behavior to display attacker-controlled or spoofed content under a trusted domain without user interaction. Impact stated as UI could present a spoofed domain; vulnerability fixed in Fo...

4.3CVSS5.8AI score0.00184EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.6 views

Mozilla Firefox Focus for iOS 安全漏洞

Mozilla Firefox Focus for iOS is a privacy browser designed specifically for iOS devices by the Mozilla Foundation in the United States. Versions of Mozilla Firefox Focus for iOS prior to 148.2 contained a security vulnerability. This vulnerability allowed malicious scripts to display web content...

4.3CVSS5.8AI score0.00184EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/03/04 11:30 a.m.5 views

New RFP Template for AI Usage Control and AI Governance 

As AI becomes the central engine for enterprise productivity, security leaders are finally getting the green light — and the budget — to secure it. But there’s a quiet crisis unfolding in the boardroom: many organizations know they need "AI Governance," but they have no idea what they are actuall...

6.1AI score
Exploits0
Mozilla
Mozilla
added 2026/03/02 12:0 a.m.13 views

Security Vulnerabilities fixed in Focus for iOS 148.2 — Mozilla

Malicious scripts could display attacker-controlled web content under spoofed domains in Focus for iOS by stalling a self navigation to an invalid port and triggering an iframe redirect, causing the UI to display a trusted domain without user interaction...

4.3CVSS5.8AI score0.00184EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2026/02/25 12:26 a.m.6 views

SUSE CVE-2026-2794

Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 148...

6.5CVSS5.8AI score0.00253EPSS
Exploits0References3
OSV
OSV
added 2026/02/24 2:16 p.m.5 views

CVE-2026-2794

Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability affects Firefox 148...

7.5CVSS5.8AI score0.00253EPSS
Exploits0References2
NVD
NVD
added 2026/02/24 2:16 p.m.15 views

CVE-2026-2794

Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 148...

7.5CVSS0.00253EPSS
Exploits0References5
OSV
OSV
added 2026/02/24 2:16 p.m.11 views

UBUNTU-CVE-2026-2794

Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 148...

7.5CVSS5.8AI score0.00253EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/24 2:16 p.m.5 views

CVE-2026-2794

Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 148...

7.5CVSS5.8AI score0.00253EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/24 1:33 p.m.22 views

CVE-2026-2794 Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android

Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 148...

0.00253EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/02/24 1:33 p.m.2 views

CVE-2026-2794

Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 148...

7.5CVSS5.8AI score0.00253EPSS
Exploits0References2
CVE
CVE
added 2026/02/24 1:33 p.m.20 views

CVE-2026-2794

CVE-2026-2794: Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. Affected: Firefox/Firefox Focus for Android; root cause is uninitialized memory. Status: fixed in Firefox 148.0. Remediation: upgrade to Firefox 148 or later (per Mozilla advisory). Practic...

7.5CVSS5.8AI score0.00253EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/24 1:33 p.m.2 views

CVE-2026-2794 Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android

Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 148...

5.8AI score0.00253EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/24 1:33 p.m.5 views

EUVD-2026-8447

Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability affects Firefox 148...

5.3AI score0.00253EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.2 views

PT-2026-21727

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Description An information disclosure issue exists in Firefox and Firefox Focus for Android due to uninitialized memory. This can potentially allow an attacker to access sensitive information. Recommendations Upda...

7.5CVSS5.9AI score0.00253EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.9 views

PT-2026-21830

Malicious scripts could display attacker-controlled web content under spoofed domains in Focus for iOS by stalling a self navigation to an invalid port and triggering an iframe redirect, causing the UI to display a trusted domain without user interaction. This vulnerability affects Focus for iOS...

5.8AI score0.00184EPSS
Exploits0References3
Wallarm Lab
Wallarm Lab
added 2026/02/09 1:0 p.m.7 views

The Myth of “Known APIs”: Why Inventory-First Security Models Are Already Obsolete

You probably think the security mantra “you can’t protect what you don’t know about” is an inarguable truth. But you would be wrong. It doesn’t hold water in today’s threat landscape. Of course, it sounds reasonable. Before you secure APIs, you must first discover, inventory, and document them...

5.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/02/05 3:0 p.m.12 views

Chrysalis, Notepad++, and Supply Chain Risk: What it Means, and What to Do Next

When Rapid7 published its analysis of the Chrysalis backdoor linked to a compromise of Notepad++ update infrastructure, it raised understandable questions from customers and security teams. The investigation showed that attackers did not exploit a flaw in the application itself. Instead, they...

5.7AI score
Exploits0
Rows per page
Query Builder