CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-1923

Malware in sbrugna...

7.5CVSS7.6AI score0.00451EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-1849

Malware in sbrugna...

9.8CVSS9.5AI score0.00411EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 1:13 p.m.•6 views

CVE-2018-1000125

inversoft prime-jwt version prior to version 1.3.0 or prior to commit 0d94dcef0133d699f21d217e922564adbb83a227 contains an input validation vulnerability in JWTDecoder.decode that can result in a JWT that is decoded and thus implicitly validated even if it lacks a valid signature. This attack...

9.8CVSS6.9AI score0.00411EPSS

Exploits0References1

OSV•added 2018/06/26 4:29 p.m.•17 views

CVE-2018-1000531

inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT token. This attack can be exploitable when an attacker crafts a JWT token with a valid header usi...

7.5CVSS7.5AI score

Exploits0References1

NVD•added 2018/06/26 4:29 p.m.•13 views

CVE-2018-1000531

7.5CVSS7.5AI score0.00451EPSS

Exploits0References1

Prion•added 2018/06/26 4:29 p.m.•14 views

Design/Logic Flaw

5CVSS7.5AI score0.00451EPSS

Exploits0References1Affected Software1

Cvelist•added 2018/06/26 4:0 p.m.•12 views

CVE-2018-1000531

7.5AI score0.00451EPSS

Exploits0References1

CVE•added 2018/06/26 4:0 p.m.•53 views

CVE-2018-1000531

The vulnerability CVE-2018-1000531 affects inversoft prime-jwt prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba, where JWTDecoder.decode can mishandle signature verification (CWE-20). An attacker can craft a JWT with a valid header using the none algorithm and a body that passes validatio...

7.5CVSS7.4AI score0.00451EPSS

Exploits0References1Affected Software1

CNVD•added 2018/03/15 12:0 a.m.•1 views

Unspecified Vulnerability in inversoft prime-jwt

inversoft prime-jwt is an open source Java 8-based JWT library . A security vulnerability exists in JWTDecoder.decode in versions prior to inversoft prime-jwt 1.3.0 and commit 0d94dcef0133d699f21d217e922564adbb83a227. No details of the vulnerability are provided at this time...

9.8CVSS6.9AI score0.00411EPSS

Exploits0References1

NVD•added 2018/03/13 9:29 p.m.•9 views

CVE-2018-1000125

9.8CVSS9.5AI score0.00411EPSS

Exploits0References2

Prion•added 2018/03/13 9:29 p.m.•10 views

Input validation

7.5CVSS9.4AI score0.00411EPSS

Exploits0References2Affected Software1

OSV•added 2018/03/13 9:29 p.m.•11 views

CVE-2018-1000125

9.8CVSS9.6AI score

Exploits0References2

CVE•added 2018/03/13 9:0 p.m.•45 views

CVE-2018-1000125

CVE-2018-1000125 affects inversoft prime-jwt prior to version 1.3.0 (before commit 0d94dcef0133d699f21d217e922564adbb83a227). The vulnerability is in JWTDecoder.decode, where input validation can allow a JWT to be decoded and implicitly validated even if the signature is invalid. Attackers can cr...

9.8CVSS9.4AI score0.00411EPSS

Exploits0References2Affected Software1

Cvelist•added 2018/03/13 9:0 p.m.•11 views

CVE-2018-1000125

9.5AI score0.00411EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by