288 matches found
PT-2026-32328
Deserialization of Untrusted Data vulnerability in Apache Storm. Versions Affected: before 2.8.6. Description: When processing topology credentials submitted via the Nimbus Thrift API, Storm deserializes the base64-encoded TGT blob using ObjectInputStream.readObject without any class filtering or...
Malicious code in @c8o/nimbus-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8225c79aa127203c225df747705db370e11cfae184af100a063b2dfa4eb20eb8 The package @c8o/nimbus-core was found to contain malicious code. Source: ghsa-malware 23fd3197db4264e7b8ef6d65380e017c5b205b46a8e732df586feffcf3c7c7...
Malicious Package
Overview @c8o/nimbus-core is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-2314 Malicious code in @c8o/nimbus-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8225c79aa127203c225df747705db370e11cfae184af100a063b2dfa4eb20eb8 The package @c8o/nimbus-core was found to contain malicious code. Source: ghsa-malware 23fd3197db4264e7b8ef6d65380e017c5b205b46a8e732df586feffcf3c7c7...
DoS (Denial of Service) com.nimbusds:nimbus-jose-jwt Dependency in Crucible Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in version 4.8.0, 4.9.0 of Crucible Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker...
Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Nimbus JOSE+JWT
Summary Vulnerabilities have been identified in Nimbus JOSE+JWT, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Connect2id Nimbus JOSE + JWT (CVE-2025-53864)
Summary A vulnerability in Connect2id Nimbus JOSE + JWT that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a denial of...
org.keycloak.testframework:keycloak-test-framework-core (>=26.1.0 <=26.2.1), org.keycloak.testframework:keycloak-test-framework-db-mariadb (>=26.1.0 <=26.2.1) +12 more potentially affected by CVE-2025-11419 via org.keycloak:keycloak-quarkus-dist (>=26.1.0 <=26.2.1)
org.keycloak:keycloak-quarkus-dist MAVEN version =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.0, =26.2.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.1 Source cves: CVE-2025-11419 Source advisory: OSV:GHSA-Q8HQ-4H99-FJ7Xhttps://vulners.com...
EUVD-2021-22140
Malware in sbrugna...
EUVD-2022-44751
Malicious code in bioql PyPI...
EUVD-2022-2037
Malicious code in bioql PyPI...
EUVD-2022-4754
Malicious code in bioql PyPI...
EUVD-2023-30043
Malicious code in bioql PyPI...
EUVD-2022-4350
Malicious code in bioql PyPI...
EUVD-2022-29719
Malicious code in bioql PyPI...
EUVD-2024-38540
Malicious code in bioql PyPI...
EUVD-2025-21099
Malicious code in bioql PyPI...
EUVD-2022-44752
Malicious code in bioql PyPI...
EUVD-2022-34217
Malicious code in bioql PyPI...
Iranian Hackers Use Fake Job Lures to Breach Europe’s Critical Industries
New research from Check Point Research reveals the Iranian cyber group Nimbus Manticore is targeting defence, telecom, and aerospace companies in Europe with fake job offers. Learn how they use advanced malware to steal sensitive data...