13 matches found
MAL-2026-6691 Malicious code in polymarket-clob-maths (npm)
Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign targeting Polymarket developers. polymarket-clob-maths uses a dropper technique: a postinstall hook fetches a remote bundle from trabalhos-flax.vercel.app and executes a syncSession function that runs a...
PT-2026-23111
Name of the Vulnerable Software and Affected Versions Drupal Calculation Fields versions prior to 1.0.4 Description The Calculation Fields module for Drupal does not properly validate user-supplied input, potentially allowing for Information Disclosure or Cross-Site Scripting XSS attacks. This...
Calculation Fields - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-023
This module extends the Drupal form API adding "Calculation element" form element types, which can evaluate a maths expression. It offers webform integration. The module doesn't sufficiently validate user input; this could be exploited to achieve Information Disclosure or Cross-site Scripting XSS...
SUSE CVE-2022-49810
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix missing xasretry calls in xarray iteration netfslib has a number of places in which it performs iteration of an xarray whilst being under the RCU read lock. It should call xasretry as the first thing inside of the loop...
UBUNTU-CVE-2022-49810
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix missing xasretry calls in xarray iteration netfslib has a number of places in which it performs iteration of an xarray whilst being under the RCU read lock. It should call xasretry as the first thing inside of the loop...
the protocol using 3% GBC instead of 2%
Lines of code Vulnerability details Impact the protocol using 3% GBC instead of 2% as they mentioned in their docs, this may cause problem in the code implementation because the logic is based on 2% but the protocol allowing to use 3% of GBC. Proof of Concept the line that it mentioned that the...
maths-london.com Cross Site Scripting vulnerability OBB-1427279
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Maths Artists first grade FREE - Base64 encoded String, Exported ContentProvider, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Maths Artists first grade FREE published at the 'play' market has multiple vulnerabilities...
Maths War - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application Maths War published at the 'play' market has multiple vulnerabilities...
Maths Formulas Free - Dangerous filesystem permissions, MIT license, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Maths Formulas Free published at the 'play' market has multiple vulnerabilities...
things.maths.cam.ac.uk XSS vulnerability
Vulnerable URL: https://things.maths.cam.ac.uk/computing/news/news.pl?id=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 25.07.2016 Latest check for patch:| 25.07.2016 09:15 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
crackingmaths.ie XSS vulnerability
Vulnerable URL:...
maths.wh.sdu.edu.cn XSS vulnerability
Vulnerable URL: http://maths.wh.sdu.edu.cn/teacher.php?mid=16=detail=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...