Lucene search
+L

288 matches found

Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.21 views

PT-2026-32328

Deserialization of Untrusted Data vulnerability in Apache Storm. Versions Affected: before 2.8.6. Description: When processing topology credentials submitted via the Nimbus Thrift API, Storm deserializes the base64-encoded TGT blob using ObjectInputStream.readObject without any class filtering or...

6.4AI score0.01011EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/31 6:13 p.m.15 views

Malicious code in @c8o/nimbus-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8225c79aa127203c225df747705db370e11cfae184af100a063b2dfa4eb20eb8 The package @c8o/nimbus-core was found to contain malicious code. Source: ghsa-malware 23fd3197db4264e7b8ef6d65380e017c5b205b46a8e732df586feffcf3c7c7...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/03/31 6:13 p.m.4 views

Malicious Package

Overview @c8o/nimbus-core is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2026/03/31 6:13 p.m.4 views

MAL-2026-2314 Malicious code in @c8o/nimbus-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8225c79aa127203c225df747705db370e11cfae184af100a063b2dfa4eb20eb8 The package @c8o/nimbus-core was found to contain malicious code. Source: ghsa-malware 23fd3197db4264e7b8ef6d65380e017c5b205b46a8e732df586feffcf3c7c7...

5.8AI score
Exploits0References1
Atlassian
Atlassian
added 2026/02/25 6:29 p.m.26 views

DoS (Denial of Service) com.nimbusds:nimbus-jose-jwt Dependency in Crucible Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 4.8.0, 4.9.0 of Crucible Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker...

7.5CVSS5.8AI score0.00814EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/27 7:0 a.m.10 views

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Nimbus JOSE+JWT

Summary Vulnerabilities have been identified in Nimbus JOSE+JWT, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to...

5.8CVSS5.9AI score0.00806EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/07 2:21 p.m.8 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Connect2id Nimbus JOSE + JWT (CVE-2025-53864)

Summary A vulnerability in Connect2id Nimbus JOSE + JWT that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a denial of...

5.8CVSS6.8AI score0.00806EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2025/10/27 8:46 p.m.11 views

org.keycloak.testframework:keycloak-test-framework-core (>=26.1.0 <=26.2.1), org.keycloak.testframework:keycloak-test-framework-db-mariadb (>=26.1.0 <=26.2.1) +12 more potentially affected by CVE-2025-11419 via org.keycloak:keycloak-quarkus-dist (>=26.1.0 <=26.2.1)

org.keycloak:keycloak-quarkus-dist MAVEN version =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.0, =26.2.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.1 Source cves: CVE-2025-11419 Source advisory: OSV:GHSA-Q8HQ-4H99-FJ7Xhttps://vulners.com...

7.5CVSS5.8AI score0.00656EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-22140

Malware in sbrugna...

8CVSS5.5AI score0.00576EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-44751

Malicious code in bioql PyPI...

9.3CVSS9.2AI score0.00657EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-2037

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00888EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-4754

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.01256EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-30043

Malicious code in bioql PyPI...

9CVSS9.1AI score0.00518EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-4350

Malicious code in bioql PyPI...

4.3CVSS4.3AI score0.00637EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-29719

Malicious code in bioql PyPI...

6.5CVSS5.8AI score0.00589EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-38540

Malicious code in bioql PyPI...

4.8CVSS5.3AI score0.00319EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2025-21099

Malicious code in bioql PyPI...

5.8CVSS7.2AI score0.00806EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-44752

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00605EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-34217

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00656EPSS
Exploits1References2
HackRead
HackRead
added 2025/09/23 3:56 p.m.6 views

Iranian Hackers Use Fake Job Lures to Breach Europe’s Critical Industries

New research from Check Point Research reveals the Iranian cyber group Nimbus Manticore is targeting defence, telecom, and aerospace companies in Europe with fake job offers. Learn how they use advanced malware to steal sensitive data...

6.9AI score
Exploits0
Rows per page
Query Builder