16 matches found
EUVD-2025-25242
Malicious code in bioql PyPI...
EUVD-2025-25225
Malicious code in bioql PyPI...
EUVD-2025-25227
Malicious code in bioql PyPI...
CVE-2025-55033
Dragging JavaScript links to the URL bar in Focus for iOS could be utilized to run malicious scripts, potentially resulting in XSS attacks. This vulnerability was fixed in Focus for iOS 142...
SUSE CVE-2025-9184
Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...
CVE-2025-9184
Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox...
DEBIAN-CVE-2025-9180
Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...
CVE-2025-55032
Focus for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline, potentially allowing for XSS attacks. This vulnerability was fixed in Focus for iOS 142...
CVE-2025-55032
Focus for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline, potentially allowing for XSS attacks This vulnerability affects Focus for iOS 142...
CVE-2025-55030
Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks. This vulnerability was fixed in Firefox for iOS 142...
CVE-2025-55030
Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This vulnerability affects Firefox for iOS 142...
CVE-2025-55033
The CVE describes a Cross-Site Scripting (XSS) issue in Mozilla Focus for iOS prior to version 142. The vulnerability arises when dragging JavaScript links to the URL bar, which can cause arbitrary script execution. Affected product: Focus for iOS (versions
CVE-2025-55030
CVE-2025-55030 concerns Firefox for iOS where a mis-handling of the Content-Disposition header (Attachment) allows inline content display and potential XSS. Affected: Firefox for iOS versions prior to 142. Root cause: improper handling of the Content-Disposition header for certain MIME types. Imp...
CVE-2025-9187 Memory safety bugs fixed in Firefox 142 and Thunderbird 142
Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 142 and Thunderbird 142...
CVE-2025-9187
Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 142 and Thunderbird 142...
CVE-2025-9186
Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability was fixed in Firefox 142...