CVE-2026-8945

Sandbox escape in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 151...

KLA90991 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote...

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

CVE-2025-11720

Summary of CVE-2025-11720 : The issue affects Mozilla Firefox (including Firefox for Android) where the Custom Tabs UI only shows the base site hostname, not the full hostname. This can enable user deception when content from a subdomain is hosted to resemble content from another subdomain of the...

EUVD-2012-4134

Malware in sbrugna...

EUVD-2017-18617

Malware in sbrugna...

EUVD-2017-6355

Malware in sbrugna...

CVE-2025-8042

Firefox for Android allowed a sandboxed iframe without the allow-downloads attribute to start downloads. This vulnerability was fixed in Firefox 141...

CVE-2025-8042

Firefox for Android allowed a sandboxed iframe without the allow-downloads attribute to start downloads. This vulnerability affects Firefox 141...

CVE-2025-8041

The CVE-2025-8041 entry concerns Mozilla Firefox for Android, where the address bar truncates URLs from the end instead of prioritizing the origin, allowing a security bypass in Firefox versions prior to 141. Affected product: Firefox for Android; vulnerable component: address bar URL rendering l...

CVE-2025-8042

CVE-2025-8042 affects Mozilla Firefox for Android up to version 141. A sandboxed iframe without the allow-downloads attribute could initiate downloads, enabling information disclosure and potentially arbitrary code execution. CVSSv3.1 is high/critical with network vector, no user interaction. Rem...

Linux Distros Unpatched Vulnerability : CVE-2021-29983

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firefox for Android could get stuck in fullscreen mode and not exit it even after normal interactions that should cause it to exit. Note: This issue only affect...

Linux Distros Unpatched Vulnerability : CVE-2021-29952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been...

Linux Distros Unpatched Vulnerability : CVE-2024-11703

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox 13...

Linux Distros Unpatched Vulnerability : CVE-2025-1940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A select option could partially obscure the confirmation prompt shown before launching external apps. This could be used to trick a user in to launching an...

Linux Distros Unpatched Vulnerability : CVE-2021-23977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application...

Linux Distros Unpatched Vulnerability : CVE-2023-29549

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Under certain circumstances, a call to the bind function may have resulted in the incorrect realm. This may have created a vulnerability relating to...

Linux Distros Unpatched Vulnerability : CVE-2019-9798

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On Android systems, Firefox can load a library from APITRACELIB, which is writable by all users and applications. This could allow malicious third party...

CVE-2023-6870

Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. This issue only affects Android versions of Firefox and Firefox Focus. This vulnerability affects Firefox 121...