8 matches found
EUVD-2025-25225
Malicious code in bioql PyPI...
CVE-2025-55031
Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability affects...
CVE-2025-55031
Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability affects...
CVE-2025-55031
CVE-2025-55031 affects Firefox for iOS and Firefox Focus for iOS prior to version 142. A malicious page can trigger FIDO/hybrid passkey transport by passing FIDO links to the OS, and an attacker within Bluetooth range could coerce a user into using their passkey to sign into the attacker’s machin...
CVE-2025-55031 Passkey phishing within Bluetooth range
Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability was fixed...
Security Vulnerabilities fixed in Focus for iOS 142 — Mozilla
Focus for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline, potentially allowing for XSS attacks Dragging JavaScript links to the URL bar in Focus for iOS could be utilized to run malicious scripts, potentially resulting in XSS...
Security Vulnerabilities fixed in Firefox for iOS 142 — Mozilla
Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some...
Mozilla Firefox < 136.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 136.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-14 advisory. - Malicious pages could use Firefox for Android to pass FIDO: links to the OS and trigger the hybrid passkey...