CVE-2022-38971

Stored Cross-Site Scripting XSS vulnerability in ThemeKraft Post Form – Registration Form – Profile Form for User Profiles and Content Forms for User Submissions plugin = 2.7.5 versions...

EUVD-2022-44823

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-1451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.1. A crafted payload added to the user profile page could lea...

CVE-2022-41633

Cross-Site Request Forgery CSRF vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin = 6.0.2.0 versions...

CVE-2025-32149

creationtimestamp| type| source ---|---|--- 2025-04-04 17:48:17+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114280949113507399 2025-04-04 20:01:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3llz7hek26t2z 2026-04-01 21:29:45+00:00| seen|...

Google Chrome Profiles Memory Misreference Code Execution Vulnerability

Google Chrome is a WEB browser developed by Google Inc. A memory misreference code execution vulnerability exists in Google Chrome Profiles, which can be exploited by an attacker to submit a special Web request and trick the user into parsing it, which can crash the application or execute arbitra...

CVE-2024-12038

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'buddyformsnav' shortcode in all versions up to, and including, 2.8.15 due to insufficient input...

CVE-2024-1169

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress is vulnerable to unauthorized media upload due to a missing capability check on the buddyformsuploadhandledroppedmedia function in all versions up to, and...

CVE-2025-23989

creationtimestamp| type| source ---|---|--- 2025-01-31 09:16:42+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzo253gko2b 2025-01-31 10:15:43+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3631 2025-01-31 11:11:51+00:00| seen| https://t.me/cvedetector/16921...

CVE-2024-41149

creationtimestamp| type| source ---|---|--- 2025-01-11 13:06:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1316 2025-01-11 13:15:36+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfhs2vje3l2k 2025-01-12 06:55:04+00:00| seen|...

SUSE CVE-2023-5854

Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. Chromium security severity: Medium...

Google Chrome 资源管理错误漏洞

Chrome is a web browsing tool developed by Google. a post-release reuse vulnerability exists in Profiles in versions prior to Google Chrome 95.0.4638.54. A remote attacker exploited this vulnerability to potentially exploit heap corruption via a crafted HTML page...

The vulnerability of the iOS operating system allows a hacker to bypass the sandbox mechanism and read the values of configuration settings.

The vulnerability of the Sandboxprofiles component of the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the sandbox mechanism and read configuration values using a specially crafted application...