EUVD-2026-17759

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution...

CVE-2024-50968

A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading Online Shopping System 1.0, which allows remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the quantity value to -0, an attacker can exploit a flaw in the...

CVE-2024-42231

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix calcavailablefreespace for zoned mode calcavailablefreespace returns the total size of metadata or system block groups, which can be allocated from unallocated disk space. The logic is wrong on zoned mode in two...

CVE-2021-47584

In the Linux kernel, the following vulnerability has been resolved: iocost: Fix divide-by-zero on donation from low hweight cgroup The donation calculation logic assumes that the donor has non-zero after-donation hweight, so the lowest active hweight a donating cgroup can have is 2 so that it can...

The calculation logic for the currentEpochStartTimestamp in the constructor of the CashManager.sol is wrong

Lines of code Vulnerability details Impact This wrong calculation logic for the currentEpochStartTimestamp lead to the situation the currentEpoch that the wrong result is assigned will be stored into the storages in the several functions in the CashManager.sol. Proof of Concept Epoch parameters...

Invalid Use of BODMAS in TokenDistributor.sol and PartyGovernanceNFT.sol

Lines of code Vulnerability details Invalid Use of BODMAS in TokenDistributor.sol and PartyGovernanceNFT.sol In contract TokenDistributor.sol we initializing the value of uint128 fee using a mathematical way but in a wrong manner their brackets are missing which will clear out the instance of usi...