Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

75502 matches found

RedhatCVE
RedhatCVEadded 2025/10/15 12:41 p.m.4 views

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

8.1CVSS5.7AI score0.00244EPSS
Exploits0References1
Wired Threat Level
Wired Threat Leveladded 2025/10/14 9:40 p.m.3 views

A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

The malicious app required to make a “Pixnapping” attack work requires no permissions...

6.9AI score
Exploits0
EUVD
EUVDadded 2025/10/14 3:31 p.m.4 views

EUVD-2025-34199

Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability affects Firefox 144 and Thunderbird 144...

5.7AI score0.00214EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/14 3:31 p.m.6 views

EUVD-2025-34196

When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability affects Firefox 144...

5.9AI score0.00244EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/14 3:31 p.m.4 views

EUVD-2025-34194

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

5.6AI score0.00244EPSS
Exploits0References4
AlpineLinux
AlpineLinuxadded 2025/10/14 1:15 p.m.4 views

CVE-2025-11718

When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event This vulnerability affects Firefox 144...

6.5CVSS6AI score0.00192EPSS
Exploits0References2
OSV
OSVadded 2025/10/14 1:15 p.m.3 views

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

8.1CVSS5.6AI score0.00244EPSS
Exploits0References3
OSV
OSVadded 2025/10/14 1:15 p.m.2 views

CVE-2025-11717

When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability affects Firefox 144...

9.1CVSS5.8AI score0.00244EPSS
Exploits0References2
NVD
NVDadded 2025/10/14 1:15 p.m.2 views

CVE-2025-11718

When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event. This vulnerability was fixed in Firefox 144...

6.5CVSS0.00192EPSS
Exploits0References2
NVD
NVDadded 2025/10/14 1:15 p.m.4 views

CVE-2025-11717

When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability was fixed in Firefox 144...

9.1CVSS0.00244EPSS
Exploits0References2
NVD
NVDadded 2025/10/14 1:15 p.m.1 views

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

8.1CVSS0.00244EPSS
Exploits0References3
AlpineLinux
AlpineLinuxadded 2025/10/14 1:15 p.m.2 views

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

8.1CVSS6AI score0.00244EPSS
Exploits0References3
AlpineLinux
AlpineLinuxadded 2025/10/14 1:15 p.m.4 views

CVE-2025-11717

When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability affects Firefox 144...

9.1CVSS6.2AI score0.00244EPSS
Exploits0References2
OSV
OSVadded 2025/10/14 1:15 p.m.2 views

CVE-2025-11718

When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event This vulnerability affects Firefox 144...

6.5CVSS5.8AI score0.00192EPSS
Exploits0References2
OSV
OSVadded 2025/10/14 1:15 p.m.3 views

CVE-2025-11716

Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability affects Firefox 144 and Thunderbird 144...

6.5CVSS5.8AI score0.00214EPSS
Exploits0References3
AlpineLinux
AlpineLinuxadded 2025/10/14 1:15 p.m.3 views

CVE-2025-11716

Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability affects Firefox 144 and Thunderbird 144...

6.5CVSS6AI score0.00214EPSS
Exploits0References3
NVD
NVDadded 2025/10/14 1:15 p.m.2 views

CVE-2025-11716

Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

6.5CVSS0.00214EPSS
Exploits0References3
OSV
OSVadded 2025/10/14 1:15 p.m.4 views

UBUNTU-CVE-2025-11716

Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

6.5CVSS5.8AI score0.00214EPSS
Exploits0References6
OSV
OSVadded 2025/10/14 1:15 p.m.2 views

UBUNTU-CVE-2025-11718

When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event. This vulnerability was fixed in Firefox 144...

6.5CVSS5.8AI score0.00192EPSS
Exploits0References5
OSV
OSVadded 2025/10/14 1:15 p.m.2 views

UBUNTU-CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

8.1CVSS5.7AI score0.00244EPSS
Exploits0References6
Rows per page
Query Builder