Lucene search
K

12 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/30 12:0 a.m.8 views

Malicious code in thirdwb (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. thirdwb is a typosquat of the legitimate thirdweb package. It uses a side-loader technique, pulling in log-taker as a transitive dependency; the infostealer runs automatically via that dependency's...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/30 12:0 a.m.7 views

Malicious code in thirdwebb (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. thirdwebb is a typosquat of the legitimate thirdweb package. It uses a side-loader technique, pulling in log-taker as a transitive dependency; the infostealer runs automatically via that dependency's...

6AI score
Exploits0References2
OSV
OSV
added 2026/06/30 12:0 a.m.7 views

MAL-2026-6693 Malicious code in thirdwb (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. thirdwb is a typosquat of the legitimate thirdweb package. It uses a side-loader technique, pulling in log-taker as a transitive dependency; the infostealer runs automatically via that dependency's...

6.1AI score
Exploits0References2
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-36400 Malicious code in test-mlw2-taker-crash (npm)

The package test-mlw2-taker-crash was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in test-mlw2-taker-crash (npm)

The package test-mlw2-taker-crash was found to contain malicious code...

7AI score
Exploits0
CNNVD
CNNVD
added 2023/12/02 12:0 a.m.5 views

SourceCodester Online Quiz System Cross-Site Scripting Vulnerability

Online Quiz System is an online testing platform. A cross-site scripting vulnerability exists in SourceCodester Online Quiz System version 1.0, which stems from a cross-site scripting XSS vulnerability in the parameter quiztaker/yearsection...

5.4CVSS5.9AI score0.00604EPSS
Exploits1References3
Code423n4
Code423n4
added 2022/06/19 12:0 a.m.9 views

Taker can provide several instances of the cheapest ERC-1155 item in a multi item bundle

Lines of code Vulnerability details Maker bid for a bundle of ERC-1155 items can be tricked into successful execution by providing several instances of the cheapest item instead of the required bundle. This way a malicious taker can receive full maker's price, providing several instances of the...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2021/10/05 12:0 a.m.14 views

Swivel: Taker is charged fees twice in exitVaultFillingVaultInitiate

Handle itsmeSTYJ Vulnerability details Impact Taker is charged fees twice in exitVaultFillingVaultInitiate . Maker is transferring less than premiumFilled to taker and then taker is expected to pay fees i.e. taker's net balance is premiumFilled - 2fee Recommended Mitigation Steps function...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/05 12:0 a.m.14 views

Swivel: implementation for initiateZcTokenFillingZcTokenExit is incorrect

Handle itsmeSTYJ Vulnerability details Impact In initiateZcTokenFillingZcTokenExit , this comment // transfer underlying tokens - the premium paid + fee in underlying to swivel from sender is incorrect because you are actually transferring the underlying tokens - premium paid to the maker from...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2017/07/12 12:0 a.m.5 views

PT-2017-11790

Name of the Vulnerable Software and Affected Versions dataTaker DT80 dEX version 1.50.012 Description The issue allows remote attackers to obtain sensitive credential and configuration information. This can be achieved via a direct request for the "/services/getFile.cmd?userfile=config.xml" API...

9.8CVSS7.3AI score0.6413EPSS
Exploits5References5
hackapp
hackapp
added 2016/04/01 10:25 a.m.9 views

Jungle Care Taker - BSD license, Base64 encoded String, Customized SSL vulnerabilities

HackApp vulnerability scanner discovered that application Jungle Care Taker published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
Fedora
Fedora
added 2007/11/13 12:5 a.m.47 views

[SECURITY] Fedora 7 Update: kdeutils-3.5.8-2.fc7

Utilities for the K Desktop Environment. Includes: ark tar/gzip archive manager; kcalc scientific calculator; kcharselect character selector; kdepasswd change password; kdessh ssh front end; kdf view disk usage; kedit simple text editor; kfloppy floppy formatting tool; kgpg gpg gui khexedit hex...

9.3CVSS0.9AI score0.0702EPSS
Exploits1
Rows per page
Query Builder