EUVD-2026-34013

Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme with no...

CVE-2025-54145

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme. This vulnerability was fixed in Firefox for iOS 141...

CVE-2025-54144

The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link. This vulnerability was fixed in Firefox for iOS 141...

CVE-2025-54144

The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link This vulnerability affects Firefox for iOS 141...

CVE-2025-54145 Scanning a malicious URL utilizing Firefox's open-text scheme with the QR code scanner could load arbitrary websites

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme. This vulnerability was fixed in Firefox for iOS 141...

Mozilla: Full screen notification obscured by external program

The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks...

Mozilla: Full screen notification obscured by external program

The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks...

Mozilla: Full screen notification obscured by external program

The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks...

Mozilla: Fullscreen notification obscured

The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks...

Mozilla: Fullscreen notification obscured

The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks...

Hot Pepper Gourmet App fails to restrict access permissions

Overview Hot Pepper Gourmet App provided by Recruit Co., Ltd. implements the function to access a requested URL using Custom URL Scheme. This function contains an improper access control vulnerability CWE-284 that may allow the vulnerable App to receive an request from an arbitrary App and execut...

Apple Safari Input Validation Error Vulnerability

Apple Safari is a web browser from Apple, Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. A security vulnerability exists in Apple Safari versions prior to 13.0.5, which stems from a logic issue where URL schemes may be incorrectly ignored when determining...

CVE-2007-1225

The connection log file implementation in Grok Developments NetProxy 4.03 does not record requests that omit http:// in a URL, which might allow remote attackers to conduct unauthorized activities and avoid detection...