Lucene search
K

28 matches found

EUVD
EUVD
added 2026/06/16 11:53 a.m.7 views

EUVD-2026-37077

Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging to the target site. This vulnerability was fixed in Firefox for iOS 152.0...

6.5CVSS5.2AI score0.00096EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/01 11:24 a.m.9 views

EUVD-2026-33629

Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with JSON-LD data, potentially resulting in arbitrary JavaScript execution. This vulnerability was...

5.4CVSS5.9AI score0.00157EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-8706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive...

6.5CVSS6AI score0.00192EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/24 1:33 p.m.4 views

EUVD-2026-8446

Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability affects Firefox for iOS 147.4...

5.3AI score0.00308EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/02/16 2:13 p.m.6 views

CVE-2026-2032

Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability was fixed in Firefox for iOS 147.2.1...

4.3CVSS5.5AI score0.0015EPSS
Exploits0
Cvelist
Cvelist
added 2025/12/18 2:21 p.m.22 views

CVE-2025-14744 Filename spoofing via Unicode Right-to-Left Override in Firefox for iOS

Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability was fixed in Firefox for iOS 144.0...

0.00169EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-31731

Malicious code in bioql PyPI...

4CVSS6.6AI score0.00112EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/30 12:49 p.m.7 views

CVE-2025-10859 Data stored in cookies for non-HTML content while browsing Incognito could be viewed after closing private tabs

Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs. This vulnerability was fixed in Firefox for iOS 143.1...

0.00112EPSS
Exploits0References2
CNVD
CNVD
added 2025/08/26 12:0 a.m.3 views

Mozilla Firefox for iOS Security Bypass Vulnerability (CNVD-2025-19563)

Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. A security bypass vulnerability exists in Mozilla Firefox for iOS prior to version 141, which can be exploited by attackers to open arbitrary website URLs or internal pages...

5.4CVSS6.6AI score0.0021EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/26 12:0 a.m.2 views

Mozilla Firefox for iOS Cross-Site Scripting Vulnerability (CNVD-2025-19567)

Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. A cross-site scripting vulnerability exists in Mozilla Firefox for iOS prior to version 142, which stems from an improper handling of the Content-Disposition header and can be exploited by an...

6.1CVSS6.2AI score0.00147EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/21 9:23 p.m.5 views

CVE-2025-54143

Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141...

9.8CVSS5.8AI score0.00449EPSS
Exploits0References1
NVD
NVD
added 2025/08/19 9:15 p.m.5 views

CVE-2025-55029

Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks. This vulnerability was fixed in Firefox for iOS 142...

7.5CVSS0.00315EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/08/19 9:15 p.m.4 views

CVE-2025-55030

Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This vulnerability affects Firefox for iOS 142...

6.1CVSS6AI score0.00147EPSS
Exploits0References2
NVD
NVD
added 2025/08/19 9:15 p.m.5 views

CVE-2025-55030

Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks. This vulnerability was fixed in Firefox for iOS 142...

6.1CVSS0.00147EPSS
Exploits0References2
OSV
OSV
added 2025/08/19 9:15 p.m.3 views

CVE-2025-54143

Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page This vulnerability affects Firefox for iOS 141...

9.8CVSS5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2025/08/19 8:52 p.m.7 views

CVE-2025-55029 Malicious scripts could spam popups for denial of service attacks

Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks. This vulnerability was fixed in Firefox for iOS 142...

0.00315EPSS
Exploits0References2
CVE
CVE
added 2025/08/19 8:52 p.m.18 views

CVE-2025-55028

CVE-2025-55028 affects Mozilla Firefox for iOS. The issue arises from malicious scripts using repetitive JavaScript alerts that can prevent user interaction, potentially enabling denial-of-service scenarios. Affected version range is Firefox for iOS before 142. The available connected documents c...

6.5CVSS5.8AI score0.00207EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/19 8:52 p.m.4 views

CVE-2025-54145 Scanning a malicious URL utilizing Firefox's open-text scheme with the QR code scanner could load arbitrary websites

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme. This vulnerability was fixed in Firefox for iOS 141...

5.9AI score0.00367EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/19 8:52 p.m.9 views

CVE-2025-54143 Sandboxed iframes could allow local downloads despite sandbox restrictions

Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141...

0.00449EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/19 12:0 a.m.7 views

Mozilla Firefox for iOS和Mozilla Firefox Focus for iOS 安全漏洞

Mozilla Firefox for iOS and Mozilla Firefox Focus for iOS are both products of the Mozilla Foundation in the U.S. Mozilla Firefox for iOS is a web browser designed for iOS devices. Mozilla Firefox Focus for iOS is a privacy browser designed for iOS devices. A security vulnerability exists in...

9.8CVSS6.2AI score0.00386EPSS
Exploits0References6
Rows per page
Query Builder