37137 matches found
CVE-2026-2634
Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability was fixed in Firefox for iOS 147.4...
CVE-2026-2634 Spoofed web content presented under trusted domains using scripted navigation on Firefox iOS
Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability was fixed in Firefox for iOS 147.4...
CVE-2026-2634 Spoofed web content presented under trusted domains using scripted navigation on Firefox iOS
Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability was fixed in Firefox for iOS 147.4...
CVE-2026-2634
The vulnerability CVE-2026-2634 affects Firefox for iOS . Malicious scripts could cause desynchronization between the address bar and web content before a response is received, allowing attacker‑controlled pages to be displayed under spoofed domains. The vulnerability is stated to be fixed in Fir...
Mozilla Firefox for iOS 安全漏洞
Mozilla Firefox for iOS is a web browser designed for iOS devices by the Mozilla Foundation in the United States. Versions of Mozilla Firefox for iOS prior to 147.4 contained a security vulnerability. This vulnerability allowed malicious scripts to cause the address bar and web content to be out ...
PT-2026-21689
Name of the Vulnerable Software and Affected Versions Firefox for iOS versions prior to 147.4 Description A flaw exists in Firefox for iOS that could allow malicious scripts to cause a mismatch between the address bar display and the actual web content. This could lead to a user being presented...
CVE-2026-2974
A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file sharedprefs/aliasvault.xml of the component Backup Handler. The manipulation of the argument accessToken/refreshToken/metadata/keyderivationparams/authmethods leads to...
Security Vulnerabilities fixed in Firefox for iOS 147.4 — Mozilla
Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains...
CVE-2026-26327
OpenClaw is a personal AI assistant. Discovery beacons Bonjour/mDNS and DNS-SD include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. TXT records are unauthenticated. Prior to version 2026.2.14, some clients treated TXT values as authoritative routing/pinning inputs...
CVE-2019-25354
iSmartViewPro 1.3.34 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the camera ID input field. Attackers can paste a 257-character buffer into the camera DID and password fields to trigger an application crash on iOS devices...
CVE-2019-25354 iSmartViewPro 1.3.34 - Denial of Service
iSmartViewPro 1.3.34 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the camera ID input field. Attackers can paste a 257-character buffer into the camera DID and password fields to trigger an application crash on iOS devices...
CVE-2019-25354 iSmartViewPro 1.3.34 - Denial of Service
iSmartViewPro 1.3.34 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the camera ID input field. Attackers can paste a 257-character buffer into the camera DID and password fields to trigger an application crash on iOS devices...
CVE-2019-25349
CVE-2019-25349 affects ScadaApp for iOS (version 1.1.4.0). The vulnerability is a denial of service caused by an oversized buffer in the Servername field, where pasting a 257-character buffer during login can crash the app on iOS devices. CVSS details: CVSS v4.0 base score 4.6 (AV:L/AC:L/PR:N/UI:...
PT-2026-20524
ScadaApp for iOS 1.1.4.0 contains a denial of service vulnerability that allows attackers to crash the application by inputting an oversized buffer in the Servername field. Attackers can paste a 257-character buffer during login to trigger an application crash on iOS devices...
PT-2026-20529
iSmartViewPro 1.3.34 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the camera ID input field. Attackers can paste a 257-character buffer into the camera DID and password fields to trigger an application crash on iOS devices...
CVE-2026-2032
Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability was fixed in Firefox for iOS 147.2.1...
Linux Distros Unpatched Vulnerability : CVE-2026-2032
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof...
CVE-2026-2032
Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability affects Firefox for iOS 147.2.1...
CVE-2026-2032
Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability was fixed in Firefox for iOS 147.2.1...
CVE-2026-2032 Interrupted page loads in new tabs could allow website spoofing under trusted domains in Firefox iOS
Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability was fixed in Firefox for iOS 147.2.1...