21 matches found
EUVD-2020-4716
Malware in sbrugna...
EUVD-2024-37261
Malicious code in bioql PyPI...
EUVD-2024-52223
Malicious code in bioql PyPI...
EUVD-2025-7774
Malicious code in bioql PyPI...
CVE-2025-55028
Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks This vulnerability affects Firefox for iOS 142...
CVE-2025-5020
Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139...
CVE-2025-23108
Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability was fixed in Firefox for iOS 134...
CVE-2023-37456
The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS 115...
CVE-2020-15662
A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS 28...
CVE-2020-12404
For native-to-JS bridging the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token could leak when used for downloading files. This vulnerability affects Firefox for iOS 26...
CVE-2025-5020
Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139...
CVE-2025-5020
The CVE-2025-5020 issue affects Firefox for iOS (pre-139). The root cause is that opening maliciously crafted URLs from other apps could allow an attacker to spoof website addresses when the URL uses non-HTTP schemes internal to the Firefox iOS client. The impact is spoofing of website addresses,...
CVE-2025-5020
Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139...
PT-2025-22404 · Mozilla · Firefox
Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 139 Description: The issue allows attackers to spoof website addresses when opening maliciously-crafted URLs in Firefox from other apps, such as Safari, if the URLs utilize non-HTTP schemes used internally by...
CVE-2025-27425
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...
CVE-2025-27424 Firefox Mobile iOS Address Bar Spoof Using Server-Side Redirect to non-http Scheme
Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page. This vulnerability was fixed in Firefox for iOS 136...
CVE-2025-27426 Firefox Mobile iOS Full Address Bar Spoof Using Server-Side Redirect to internal error page
Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL. This vulnerability was fixed in Firefox for iOS 136...
CVE-2025-27426
Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL. This vulnerability was fixed in Firefox for iOS 136...
CVE-2025-23108
Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability was fixed in Firefox for iOS 134...
CVE-2025-23108 Firefox Mobile iOS Full Address Bar Spoof Using Open in New Tab and Javascript URI
Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability was fixed in Firefox for iOS 134...