Cezar Lungu - Security Researcher - Exploit Intelligence Platform

CVE-2025-32901 GITLAB MEDIUM WORKING POC

KDEConnect < 1.33.0 - Denial of Service via Malicious Device ID

In KDE Connect before 1.33.0 on Android, malicious device IDs (sent via broadcast UDP) could cause an application crash.

CVSS 4.3

View Code

CVE-2024-29384 WRITEUP HIGH WRITEUP

CSS Exfil Protection <1.1.0 - Info Disclosure

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information via the content.js and parseCSSRules functions.

CVSS 7.5

View Code

CVE-2024-33436 WRITEUP MEDIUM WRITEUP

CSS Exfil Protection 1.1.0 - Exposure of Sensitive Information via Missing CSS Variable Support

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS variables

CVSS 5.3

View Code

CVE-2024-33437 WRITEUP HIGH WRITEUP

CSS Exfil Protection 1.1.0 - Exposure of Sensitive Information via Missing CSS Style Rules Support

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules.

CVSS 7.5

View Code