33 matches found
CVE-2025-12036
Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
CVE-2025-11219
Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Firefox
Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS using DNS rebinding. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...
EUVD-2025-25233
Malicious code in bioql PyPI...
EUVD-2025-25231
Malicious code in bioql PyPI...
EUVD-2025-25229
Malicious code in bioql PyPI...
Unspecified Vulnerability in Mozilla Firefox for Android (CNVD-2025-19561)
Mozilla Firefox for Android is a web browser designed for Android devices by the US-based Mozilla Foundation. A security vulnerability exists in Mozilla Firefox for Android prior to version 141, which stems from a blob:URI that may hide the true origin of a page and can be exploited by an attacke...
Mozilla Firefox for iOS Security Bypass Vulnerability (CNVD-2025-19563)
Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. A security bypass vulnerability exists in Mozilla Firefox for iOS prior to version 141, which can be exploited by attackers to open arbitrary website URLs or internal pages...
CVE-2025-8364
A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. Note: This issue only affected Android operating systems. Other operating systems are unaffected.. This vulnerability was fixed in Firefox 141...
CVE-2025-8042
Firefox for Android allowed a sandboxed iframe without the allow-downloads attribute to start downloads. This vulnerability was fixed in Firefox 141...
CVE-2025-8041
In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability was fixed in Firefox 141...
CVE-2025-8041
In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability was fixed in Firefox 141...
CVE-2025-8042
Firefox for Android allowed a sandboxed iframe without the allow-downloads attribute to start downloads. This vulnerability was fixed in Firefox 141...
CVE-2025-8042
Firefox for Android allowed a sandboxed iframe without the allow-downloads attribute to start downloads. This vulnerability affects Firefox 141...
CVE-2025-8041
In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability affects Firefox 141...
CVE-2025-8364
A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. Note: This issue only affected Android operating systems. Other operating systems are unaffected.. This vulnerability was fixed in Firefox 141...
CVE-2025-54144 Internal Firefox open-text URL scheme allowed loading of arbitrary URLs
The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link. This vulnerability was fixed in Firefox for iOS 141...
CVE-2025-54143 Sandboxed iframes could allow local downloads despite sandbox restrictions
Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141...
CVE-2025-8364
Summary: CVE-2025-8364 affects Mozilla Firefox for Android (pre-141) due to a crafted blob: URI that can hide the page’s true origin, enabling potential spoofing. The issue is Android-only; other OSes are unaffected. Affected component is the browser’s handling of blob: URLs, with the root cause ...
CVE-2025-8041 Incorrect URL truncation in Firefox for Android
In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability was fixed in Firefox 141...