Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories

Browse all Security Advisories for

Loading...
High
GSA_kwCzR0hTQS1jOXA0LXh3cjktcmZoeM4ABDhT
Zot IdP group membership revocation ignored
Ecosystems: go
Packages: zotregistry.dev/zot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 hour ago
Moderate
GSA_kwCzR0hTQS1jZzg3LXdteDQtdjU0Ns4ABDg9
KaTeX \htmlData does not validate attribute names
Ecosystems: npm
Packages: katex
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: about 2 hours ago
Low
GSA_kwCzR0hTQS12NG1xLXg2NzQtZmY3M84ABDg8
AWS Cloud Development Kit (AWS CDK) IAM OIDC custom resource allows connection to unauthorized OIDC provider
Ecosystems: npm
Packages: aws-cdk-lib
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 hours ago
High
GSA_kwCzR0hTQS1mY3I4LTRyOWYtcjY2bc4ABDgt
nbgrader's `frame-ancestors: self` grants all users access to formgrader
Ecosystems: pypi
Packages: nbgrader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 hours ago
High
GSA_kwCzR0hTQS04dnE0LThoZnAtMjl4aM4ABDgF
Eugeny Tabby Sends Password Despite Host Key Verification Failure
Ecosystems: npm
Packages: tabby-ssh
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 23 hours ago
Moderate
GSA_kwCzR0hTQS00ZmY2LTg1OGotcjgyMs4ABDf6
Gomatrixserverlib Server-Side Request Forgery (SSRF) on redirects and federation
Ecosystems: go
Packages: github.com/matrix-org/gomatrixserverlib
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS13NnhoLWM4MnctaDk5N84ABDca
Mattermost webapp crash via a crafted post
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS1yY3hjLXdqZ3ctNTc5cs4ABDcV
Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders
Ecosystems: go
Packages: github.com/t2bot/matrix-media-repo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS1yNmpnLWpmdjYtMmZqds4ABDcU
Matrix Media Repo (MMR) allows Server-Side Request Forgery (SSRF) on redirects and federation
Ecosystems: go
Packages: github.com/t2bot/matrix-media-repo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS1ncDg2LXE4aGctZnB4as4ABDcT
matrix-media-repo (MMR) allows a denial of service through memory exhaustion
Ecosystems: go
Packages: github.com/t2bot/matrix-media-repo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS1qaHZqLWYzOTctOHc2cc4ABDcS
HAL Console has a Cross Site Scripting (XSS) vulnerability of user input
Ecosystems: maven
Packages: org.jboss.hal:hal-console
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS12YzJtLWh3ODktcWp4Zs4ABDcR
matrix-media-repo (MMR) allows denial of service/high operating costs through unauthenticated downloads
Ecosystems: go
Packages: github.com/t2bot/matrix-media-repo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS04dm1yLWg3aDUtY3FoZ84ABDcQ
matrix-media-repo (MMR) allows unauthenticated writes to the media repository, which may allow planting of problematic content
Ecosystems: go
Packages: github.com/t2bot/matrix-media-repo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS0zd2c3LXI3cTUtcjJqZs4ABDcF
Indico Insecure Access
Ecosystems: pypi
Packages: indico
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS1nODR4LWc5NmctcmNqY84ABDb7
Librenms has a reflected XSS on error alert
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS1jNjZwLTY0Zmotam1jMs4ABDb6
LibreNMS Misc Section Stored Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 1.4
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS0yN3ZmLTNnNGYtNmpwN84ABDb5
LibreNMS Ports Stored Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 1.4
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS1wbThqLTN2NjQtOTJjcc4ABDb4
LibreNMS Display Name Stored Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 1.4
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS1wOXY4LXE1bTQtcGY0Ns4ABDb3
CVE-2024-5138: snapd snapctl auth bypass
Ecosystems: go
Packages: github.com/snapcore/snapd
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS0yZjR3LTZtYzctNHc3OM4ABDb2
LibreNMS Display Name 2 Stored Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 1.4
Published: 1 day ago
Moderate
GSA_kwCzR0hTQS02Zng4LWg3am0tNjYzas4ABDbG
parse-uri Regular expression Denial of Service (ReDoS)
Ecosystems: npm
Packages: parseuri, parse-uri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Critical
GSA_kwCzR0hTQS1tbTZ2LTY4cXAtZjlmd84ABDbE
Crayfish allows Remote Code Execution via Homarus Authorization header
Ecosystems: packagist
Packages: islandora/crayfish
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
High
GSA_kwCzR0hTQS1jODczLXdmaHAtd3g1bc4ABDas
SP1 has missing verifier checks and fiat-shamir observations
Ecosystems: cargo
Packages: sp1-stark
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 days ago
Critical
GSA_kwCzR0hTQS03cHE2LXY4OGctd2Yzd84ABDar
Sentry's improper authentication on SAML SSO process allows user impersonation
Ecosystems: pypi
Packages: sentry
Source: GitHub Advisory Database
Blast Radius: 21.1
Published: 2 days ago
Moderate
GSA_kwCzR0hTQS0yYzZnLXBmeDMtdzdoOM4ABDaq
Insecure Temporary File in RESTEasy
Ecosystems: maven
Packages: org.jboss.resteasy:resteasy-core, org.jboss.resteasy:resteasy-multipart-provider
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: 2 days ago
Moderate
GSA_kwCzR0hTQS00NXY5LXc5ZmgtMzNqNs4ABDao
Mattermost fails to properly validate post props
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Moderate
GSA_kwCzR0hTQS01bTdqLTZnYzQtZmY1Z84ABDah
Mattermost fails to properly validate post props
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Moderate
GSA_kwCzR0hTQS04ajNxLWdjOXgtNzk3Ms4ABDZg
Mattermost Incorrect Type Conversion or Cast
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Critical
GSA_kwCzR0hTQS12ZzdqLTdjd3gtOHdnd84ABDYN
Mongoose search injection vulnerability
Ecosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 53.9
Published: 3 days ago
Low
GSA_kwCzR0hTQS1tcWYzLXFwYzMtZzI2cc4ABDXq
Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message
Ecosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS1mZjZxLTNjOWMtNmNmNc4ABDXp
Silverstripe Framework has a XSS in form messages
Ecosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS03Y21wLWNnZzgtNGM4Ms4ABDXo
Silverstripe Framework has a XSS via insert media remote file oembed
Ecosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: 3 days ago
Low
GSA_kwCzR0hTQS1tOWM5LW1jMmgtOXdqd84ABDXn
Lodestar snappy checksum issue
Ecosystems: npm
Packages: @lodestar/reqresp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 days ago
Low
GSA_kwCzR0hTQS01M3J2LWhjdm0tcnBwOc4ABDXm
Lodestar snappy decompression issue
Ecosystems: npm
Packages: @lodestar/reqresp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 days ago
High
GSA_kwCzR0hTQS0ydjJ3LTh2OGMtd2NtOc4ABDXl
Rancher UI has Stored Cross-site Scripting vulnerability
Ecosystems: go
Packages: github.com/rancher/rancher
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS1xY2dnLWoyeDgtaDlnOM4ABDXN
Django has a potential denial-of-service vulnerability in IPv6 validation
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: 3 days ago
High
GSA_kwCzR0hTQS1xNnIyLXgyY2MtdnJwN84ABDXJ
Git LFS permits exfiltration of credentials via crafted HTTP URLs
Ecosystems: go
Packages: github.com/git-lfs/git-lfs, github.com/git-lfs/git-lfs/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 days ago
High
GSA_kwCzR0hTQS1namY2LTN3NHAtN3hmaM4ABDXI
Microsoft Security Advisory CVE-2025-21176 | .NET and Visual Studio Remote Code Execution Vulnerability
Ecosystems: nuget
Packages: Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 days ago
High
GSA_kwCzR0hTQS1qamN2LXdyMmctNHJ2NM4ABDXH
Microsoft Security Advisory CVE-2025-21172 | .NET and Visual Studio Remote Code Execution Vulnerability
Ecosystems: nuget
Packages: Microsoft.NetCore.App.Runtime.linux-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-x86
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 days ago
High
GSA_kwCzR0hTQS1wNTRwLXAzcW0tOHZnas4ABDXG
Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability
Ecosystems: nuget
Packages: Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS05djhtLXF2MjItZjI2OM4ABDXF
Umbraco Forms's Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length
Ecosystems: nuget
Packages: Umbraco.Forms, UmbracoForms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 days ago
High
GSA_kwCzR0hTQS04NmMyLTR4NTctd2M4Z84ABDXE
Git Credential Manager carriage-return character in remote URL allows malicious repository to leak credentials
Ecosystems: nuget
Packages: git-credential-manager
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS1jM2g1LWg3M2MtMjlocc4ABDUX
Mediawiki - DataTransfer Extension Cross-Site Request Forgery (CSRF) and Cross-site Scripting (XSS)
Ecosystems: packagist
Packages: mediawiki/data-transfer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS04Y3ZxLTNqanAtcGg5cM4ABDUB
Apache Linkis Metadata Query Service JDBC: JDBC Datasource Module with Mysql has file read vulnerability
Ecosystems: maven
Packages: org.apache.linkis:linkis-metadata-query-service-jdbc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 days ago
Low
GSA_kwCzR0hTQS12Z2YyLWd2eDgteHdjM84ABDT7
Vyper Does Not Check the Success of Certain Precompile Calls
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 days ago
Critical
GSA_kwCzR0hTQS1qMmpnLWZxNjItN2MzaM4ABDT6
Gradio Blocked Path ACL Bypass Vulnerability
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 days ago
Low
GSA_kwCzR0hTQS13OHh2LXJ3Z2YtNGZ3aM4ABDT5
CVE-2025-0343: Swift ASN.1 can crash when parsing maliciously formed BER/DER
Ecosystems: swift
Packages: github.com/apple/swift-asn1
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 days ago
Critical
GSA_kwCzR0hTQS1ybW03LXI3d3IteHBmZ84ABDT4
XWiki Realtime WYSIWYG Editor extension allows privilege escalation (PR) through realtime WYSIWYG editing
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-realtime-wysiwyg-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 days ago
Critical
GSA_kwCzR0hTQS1jcHY0LWdncnItN2o5ds4ABDT3
Rasa Allows Remote Code Execution via Remote Model Loading
Ecosystems: pypi
Packages: rasa, rasa-pro
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS04bXYzLTM3cmMtcHZ4as4ABDT2
TYPO3 DB Check Module vulnerable to Cross-Site Request Forgery
Ecosystems: packagist
Packages: typo3/cms-lowlevel
Source: GitHub Advisory Database
Blast Radius: 9.9
Published: 3 days ago
High
GSA_kwCzR0hTQS03ODM1LWZjdjMtZzI1Ns4ABDT1
TYPO3 Scheduler Module vulnerable to Cross-Site Request Forgery
Ecosystems: packagist
Packages: typo3/cms-scheduler
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS03cjVxLTRxZ3gtdjU0Nc4ABDT0
TYPO3 Indexed Search Module vulnerable to Cross-Site Request Forgery
Ecosystems: packagist
Packages: typo3/cms-indexed-search
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS13dzdoLWcycWYtN3h2Ns4ABDTz
TYPO3 Form Framework Module vulnerable to Cross-Site Request Forgery
Ecosystems: packagist
Packages: typo3/cms-form
Source: GitHub Advisory Database
Blast Radius: 13.1
Published: 3 days ago
High
GSA_kwCzR0hTQS00ZzUyLXBxOGotNnF2Nc4ABDTy
TYPO3 Extension Manager Module vulnerable to Cross-Site Request Forgery
Ecosystems: packagist
Packages: typo3/cms-extensionmanager
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS1xd3g3LTM5cHctMm1ocs4ABDR-
TYPO3 Cross-Site Request Forgery in Dashboard Module
Ecosystems: packagist
Packages: typo3/cms-dashboard
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS02dzR4LWdjeDMtOHA3ds4ABDR9
TYPO3 Cross-Site Request Forgery in Backend User Module
Ecosystems: packagist
Packages: typo3/cms-beuser
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS1jamZyLTlmNXItM3E5M84ABDR8
TYPO3 Cross-Site Request Forgery in Log Module
Ecosystems: packagist
Packages: typo3/cms-belog
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS0yZng1LXBnZ3YtNmpqcs4ABDR7
TYPO3 Potential Open Redirect via Parsing Differences
Ecosystems: packagist
Packages: typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: 3 days ago
Low
GSA_kwCzR0hTQS0zOHg3LWNjNnctajI3cc4ABDR6
TYPO3 Information Disclosure via Exception Handling/Logger
Ecosystems: packagist
Packages: typo3/cms-install
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: 3 days ago
Moderate
GSA_kwCzR0hTQS0zMnE2LXJyOTgtY2pxds4ABDO8
OpenFGA Authorization Bypass
Ecosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS13M2c4LXI5Z3ctcXJoOM4ABDOw
Denial of Service in Keycloak Server via Security Headers
Ecosystems: maven
Packages: org.keycloak:keycloak-quarkus-server
Source: GitHub Advisory Database
Blast Radius: 9.1
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS1mNHY3LTNtd3ctOWdjMs4ABDOv
Keycloak allows unrestricted admin use of system and environment variables
Ecosystems: maven
Packages: org.keycloak:keycloak-quarkus-server
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS12aDIyLTZjNmgtcm04cc4ABDOu
jte's HTML templates containing Javascript template strings are subject to XSS
Ecosystems: maven
Packages: gg.jte:jte-runtime, gg.jte:jte
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 4 days ago
Low
GSA_kwCzR0hTQS1tZ3I3LTU3ODItNmpoOc4ABDOt
The Umbraco Heartcore headless client library uses a vulnerable Refit dependency package
Ecosystems: nuget
Packages: Umbraco.Headless.Client.Net
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS00NXYzLTM4cGMtODc0ds4ABDOs
notation-go's timestamp signature generation lacks certificate revocation check
Ecosystems: go
Packages: github.com/notaryproject/notation-go
Source: GitHub Advisory Database
Blast Radius: 5.7
Published: 4 days ago
Low
GSA_kwCzR0hTQS1xamgzLTRqM2gtdm13cM4ABDOr
notation-go has an OS error when setting CRL cache leads to denial of signature verification
Ecosystems: go
Packages: github.com/notaryproject/notation-go
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 4 days ago
Moderate
GSA_kwCzR0hTQS13NWc1LTRqajMtOGY2ds4ABDLu
Microweber Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 days ago
Moderate
GSA_kwCzR0hTQS05N2g5LXA5ZjgtNHAzcs4ABDLs
Microweber Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 days ago
Moderate
GSA_kwCzR0hTQS1qNHY5LWNtMzctaDdjMs4ABDLp
Microweber Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 days ago
High
GSA_kwCzR0hTQS14N205LW12NDktZnY3M84ABDKz
Vaultwarden vulnerable to user impersonation
Ecosystems: cargo
Packages: vaultwarden
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
Low
GSA_kwCzR0hTQS12cHJtLTI3cHYtanAzd84ABDK1
Vaultwarden authenticated reflected cross-site scripting (XSS) vulnerability
Ecosystems: cargo
Packages: vaultwarden
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
Low
GSA_kwCzR0hTQS1nNXg4LXYyY2gtZ2oyZ84ABDKt
Vaultwarden HTML injection vulnerability
Ecosystems: cargo
Packages: vaultwarden
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
Moderate
GSA_kwCzR0hTQS02M3dnLTg3cXYtcnc0cs4ABDJ_
Drupal Open Social allows Functionality Misuse
Ecosystems: packagist
Packages: goalgorilla/open_social
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: 8 days ago
Low
GSA_kwCzR0hTQS01eGgyLTIzY2MtNWpjNs4ABDJe
Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution
Ecosystems: pypi
Packages: strawberry-graphql
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: 8 days ago
Low
GSA_kwCzR0hTQS02NzVmLXJxMnItanc4Ms4ABDIp
JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh
Ecosystems: go
Packages: github.com/MicahParks/jwkset
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 days ago
Moderate
GSA_kwCzR0hTQS0yNTQ5LXhoNzItcXJwbc4ABDHr
Mattermost Improper Validation of Specified Type of Input vulnerability
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
Low
GSA_kwCzR0hTQS03cmdwLTRqNTYtZm03Oc4ABDHn
Mattermost has Improper Check for Unusual or Exceptional Conditions
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
Low
GSA_kwCzR0hTQS1xOGZnLWNwM3EtNWp3bc4ABDHt
Mattermost Incorrect Authorization vulnerability
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
High
GSA_kwCzR0hTQS03dzZyLTc0OHctbWg1Ms4ABDHh
pgAdmin has Incorrect Default Permissions
Ecosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 9 days ago
Low
GSA_kwCzR0hTQS02Z2YyLWZmcTgtZ2N3d84ABDGx
GHSL-2024-288: SickChill open redirect in login
Ecosystems: pypi
Packages: sickchill
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
Moderate
GSA_kwCzR0hTQS1qM2Y5LXA2aG0tNXc2cc4ABDGi
Carbon has an arbitrary file include via unvalidated input passed to Carbon::setLocale
Ecosystems: packagist
Packages: nesbot/carbon
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
Moderate
GSA_kwCzR0hTQS1jamdxLTVxbXctcmNqNs4ABDGI
keras Path Traversal vulnerability
Ecosystems: pypi
Packages: keras
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
Moderate
GSA_kwCzR0hTQS1qNGp3LW02eHItZnY2Y84ABDGD
Soft Serve vulnerable to path traversal attacks
Ecosystems: go
Packages: github.com/charmbracelet/soft-serve
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
Critical
GSA_kwCzR0hTQS1tamY5LTRwY3YtdmZnN84ABDF5
Apache OpenMeetings vulnerable to Deserialization of Untrusted Data
Ecosystems: maven
Packages: org.apache.openmeetings:openmeetings-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 days ago
Low
GSA_kwCzR0hTQS04ODYzLTRxbWctZnI0Nc4ABDF7
Apache Airflow Fab Provider Insufficient Session Expiration vulnerability
Ecosystems: pypi
Packages: apache-airflow-providers-fab
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 days ago
High
GSA_kwCzR0hTQS05NW0yLWNobTQtbXE3bc4ABDCx
PHP-Textile has persistent XSS vulnerability in image link handling
Ecosystems: packagist
Packages: netcarver/textile
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: 10 days ago
High
GSA_kwCzR0hTQS0ycjJ2LTlwZjgtNjM0Ms4ABDCw
WireGuard Portal v2 Vulnerable to OAuth Insecure Redirect URI / Account Takeover
Ecosystems: go
Packages: github.com/h44z/wg-portal
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 days ago
Moderate
GSA_kwCzR0hTQS1yNXZmLXdmNGgtODJnZ84ABDCl
matrix-sdk-crypto missing facility to signal rotation of a verified cryptographic identity
Ecosystems: cargo
Packages: matrix-sdk-crypto
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: 10 days ago
High
GSA_kwCzR0hTQS1mMjdwLWNtdjgteGhtNs4ABC_L
fetch: Authorization headers not dropped when redirecting cross-origin
Ecosystems: cargo
Packages: deno, deno_fetch
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: 11 days ago
Low
GSA_kwCzR0hTQS0ycDk1LTh4dm0tMnBqeM4ABC_I
REDAXO CMS Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: redaxo/source
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 days ago
Low
GSA_kwCzR0hTQS1tNzhjLXF4OTktbXZ3Oc4ABC_K
Grav Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: getgrav/grav
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 days ago
Moderate
GSA_kwCzR0hTQS0yMzdyLXI4bTQtNHE4OM4ABC_D
Guzzle OAuth Subscriber has insufficient nonce entropy
Ecosystems: packagist
Packages: guzzlehttp/oauth-subscriber
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 days ago
High
GSA_kwCzR0hTQS12Nmp2LXA2cjgtajc4d84ABC-m
NiceGUI On Air authentication issue
Ecosystems: pypi
Packages: nicegui
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: 11 days ago
High
GSA_kwCzR0hTQS1yOXB4LW05NTktY3hmNM4ABC-l
go-git clients vulnerable to DoS via maliciously crafted Git server replies
Ecosystems: go
Packages: github.com/go-git/go-git, github.com/go-git/go-git/v5, gopkg.in/src-d/go-git.v4
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: 11 days ago
Critical
GSA_kwCzR0hTQS12NzI1LTk1NDYtN3E3bc4ABC-k
go-git has an Argument Injection via the URL field
Ecosystems: go
Packages: github.com/go-git/go-git/v5, gopkg.in/src-d/go-git.v4
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: 11 days ago
High
GSA_kwCzR0hTQS00eDZ4LThybTgtYzM3as4ABC-j
Extension:TabberNeue vulnerable to Cross-site Scripting
Ecosystems: packagist
Packages: starcitizentools/tabber-neue
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 days ago
Moderate
GSA_kwCzR0hTQS03bTI3LTdnaGMtNDR3Oc4ABC8r
Next.js Allows a Denial of Service (DoS) with Server Actions
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 29.4
Published: 14 days ago
Moderate
GSA_kwCzR0hTQS1xOWp2LW1tM3ItajQ3cs4ABC8m
PhpSpreadsheet allows bypass XSS sanitizer using the javascript protocol and special characters
Ecosystems: packagist
Packages: phpoffice/phpspreadsheet
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: 14 days ago
Moderate
GSA_kwCzR0hTQS1od2NwLTJoMzUtcDY2d84ABC8l
PhpSpreadsheet has a Cross-Site Scripting (XSS) vulnerability of the hyperlink base in the HTML page header
Ecosystems: packagist
Packages: phpoffice/phpspreadsheet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 14 days ago
Moderate
GSA_kwCzR0hTQS13djIzLTk5NnYtcTIyOc4ABC8k
PhpSpreadsheet has a Cross-Site Scripting (XSS) vulnerability in custom properties
Ecosystems: packagist
Packages: phpoffice/phpspreadsheet
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: 14 days ago
Statistics
Advisories: 21,102
Packages: 9,207
Repositories: 5,644
Ecosystems: 12
Filter by Severity
Moderate 9,014 High 7,414 Critical 3,100 Low 1,196
Filter by Ecosystem
maven 5,941 packagist 4,728 pypi 4,449 npm 3,863 go 2,394 nuget 1,604 cargo 924 rubygems 887 swift 34 hex 32 actions 21 pub 10
Filter by Package
tensorflow 433 tensorflow-gpu 427 tensorflow-cpu 423 moodle/moodle 367 Microsoft.ChakraCore 247 magento/community-edition 235 org.jenkins-ci.main:jenkins-core 193 typo3/cms 174 org.apache.tomcat:tomcat 132 pimcore/pimcore 118 dolibarr/dolibarr 113 typo3/cms-core 107 Django 103 drupal/core 99 microweber/microweber 97 phpmyadmin/phpmyadmin 92 silverstripe/framework 88 apache-airflow 85 drupal/drupal 83 librenms/librenms 80 thorsten/phpmyfaq 73 Plone 72 github.com/mattermost/mattermost/server/v8 72 com.fasterxml.jackson.core:jackson-databind 69 symfony/symfony 69 github.com/usememos/memos 64 ansible 63 actionpack 61 concrete5/concrete5 60 salt 56 org.apache.struts:struts2-core 56 apache-superset 55 shopware/platform 52 com.liferay.portal:release.portal.bom 51 org.keycloak:keycloak-core 49 github.com/grafana/grafana 49 craftcms/cms 47 baserproject/basercms 47 mlflow 47 nova 47 django 46 nokogiri 43 rdiffweb 42 plone 41 matrix-synapse 41 nilsteampassnet/teampass 40 org.apache.tomcat.embed:tomcat-embed-core 40 shopware/core 40 showdoc/showdoc 40 github.com/rancher/rancher 39 intelliants/subrion 39 vyper 39 github.com/mattermost/mattermost-server/v6 38 froxlor/froxlor 38 org.elasticsearch:elasticsearch 38 com.thoughtworks.xstream:xstream 37 github.com/hashicorp/vault 37 mautic/core 37 org.xwiki.platform:xwiki-platform-oldcore 37 com.jfinal:jfinal 36 k8s.io/kubernetes 36 moin 35 gradio 35 snipe/snipe-it 35 org.keycloak:keycloak-services 35 net.mingsoft:ms-mcms 35 github.com/answerdev/answer 34 zendframework/zendframework1 34 io.undertow:undertow-core 34 org.jenkins-ci.plugins:script-security 33 keystone 32 opencv-python 31 github.com/argoproj/argo-cd 31 opencv-contrib-python 31 gogs.io/gogs 31 parse-server 31 Pillow 31 shopware/shopware 30 getgrav/grav 30 github.com/hashicorp/nomad 29 github.com/docker/docker 29 github.com/hashicorp/consul 29 directus 28 mediawiki/core 28 github.com/argoproj/argo-cd/v2 27 centreon/centreon 27 pillow 26 prestashop/prestashop 26 openssl-src 26 github.com/cilium/cilium 26 electron 26 org.springframework.security:spring-security-core 25 rubygems-update 25 org.apache.solr:solr-core 25 contao/core-bundle 24 org.keycloak:keycloak-parent 24 magento/core 24 org.eclipse.jetty:jetty-server 24 pocketmine/pocketmine-mp 23 puppet 23 remdex/livehelperchat 23 rack 23 grumpydictator/firefly-iii 23 simplesamlphp/simplesamlphp 23 zendframework/zendframework 23 com.liferay.portal:release.dxp.bom 23 tribalsystems/zenario 22 getkirby/cms 22 org.bouncycastle:bcprov-jdk14 22 org.apache.openmeetings:openmeetings-parent 22 ckb 22 activerecord 21 glance 21 org.apache.nifi:nifi 21 Microsoft.AspNetCore.App.Runtime.win-x64 21 @openzeppelin/contracts-upgradeable 21 Microsoft.AspNetCore.App.Runtime.win-x86 21 github.com/ethereum/go-ethereum 20 Microsoft.AspNetCore.App.Runtime.win-arm 20 langchain 20 org.cloudfoundry.identity:cloudfoundry-identity-server 20 laravel/framework 20 code.gitea.io/gitea 20 next 20 funadmin/funadmin 20 github.com/traefik/traefik/v2 20 @openzeppelin/contracts 20 github.com/goharbor/harbor 19 golang.org/x/net 19 org.xwiki.platform:xwiki-platform-web-templates 19 phpoffice/phpspreadsheet 19 contao/contao 19 org.springframework:spring-core 19 wasmtime 19 DotNetNuke.Core 19 cockpit-hq/cockpit 18 mercurial 18 topthink/framework 18 Microsoft.AspNetCore.App.Runtime.win-arm64 18 Microsoft.AspNetCore.App.Runtime.osx-x64 18 mindsdb 18 forkcms/forkcms 18 cobbler 18 com.vaadin:vaadin-bom 18 Microsoft.AspNetCore.App.Runtime.linux-x64 18 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 18 Microsoft.AspNetCore.App.Runtime.linux-arm64 18 Microsoft.AspNetCore.App.Runtime.linux-arm 18 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 17 genix/cms 17 neutron 17 org.apache.geode:geode-core 17 opencart/opencart 17 notebook 17 francoisjacquet/rosariosis 17 ezsystems/ezpublish-kernel 17 yetiforce/yetiforce-crm 17 cakephp/cakephp 17 symfony/security 17 helm.sh/helm/v3 17 github.com/zitadel/zitadel 16 org.apache.activemq:activemq-client 16 sequelize 16 PaddlePaddle 16 typo3/cms-backend 16 org.bouncycastle:bcprov-jdk15 16 org.apache.jspwiki:jspwiki-main 16 phpbb/phpbb 16 surrealdb 16 cryptography 16 tinymce 16 rusqlite 16 ethyca-fides 16 pyload-ng 16 openmage/magento-lts 16 paddlepaddle 16 org.apache.dubbo:dubbo 16 OctoPrint 15 ghost 15 smarty/smarty 15 ec-cube/ec-cube 15 Microsoft.NetCore.App.Runtime.win-x86 15 Microsoft.NetCore.App.Runtime.win-x64 15 Microsoft.NetCore.App.Runtime.win-arm64 15 Microsoft.NetCore.App.Runtime.win-arm 15 ckeditor4 15 calibreweb 15 symfony/security-http 15 october/system 15 org.apache.struts.xwork:xwork-core 15 camaleon_cms 14 swagger-ui 14 activesupport 14 phpmailer/phpmailer 14 bolt/bolt 14 github.com/nats-io/nats-server/v2 14 org.xwiki.platform:xwiki-platform-web 14 github.com/containerd/containerd 14 publify_core 14 silverstripe/cms 14
Filter by Repository
https://github.com/tensorflow/tensorflow 433 https://github.com/moodle/moodle 218 https://github.com/chakra-core/ChakraCore 214 https://github.com/xwiki/xwiki-platform 189 https://github.com/jenkinsci/jenkins 150 https://github.com/django/django 114 https://github.com/pimcore/pimcore 113 https://github.com/apache/tomcat 103 https://github.com/apache/airflow 101 https://github.com/microweber/microweber 88 https://github.com/TYPO3/typo3 85 https://github.com/keycloak/keycloak 78 https://github.com/librenms/librenms 71 https://github.com/FasterXML/jackson-databind 70 https://github.com/thorsten/phpmyfaq 69 https://github.com/silverstripe/silverstripe-framework 66 https://github.com/symfony/symfony 64 https://github.com/usememos/memos 64 https://github.com/rails/rails 61 https://github.com/ansible/ansible 58 https://github.com/Dolibarr/dolibarr 57 https://github.com/kubernetes/kubernetes 53 https://github.com/python-pillow/Pillow 52 https://github.com/spring-projects/spring-framework 47 https://github.com/apache/struts 46 https://github.com/shopware/platform 43 https://github.com/ikus060/rdiffweb 42 https://github.com/argoproj/argo-cd 42 https://github.com/grafana/grafana 41 https://github.com/concretecms/concretecms 41 https://github.com/vyperlang/vyper 39 https://github.com/magento/magento2 38 https://github.com/phpmyadmin/phpmyadmin 38 https://github.com/star7th/showdoc 38 https://github.com/plone/Products.CMFPlone 37 https://github.com/openstack/nova 37 https://github.com/x-stream/xstream 37 https://github.com/dotnet/runtime 36 https://github.com/craftcms/cms 35 https://github.com/octobercms/october 35 https://github.com/rancher/rancher 35 https://github.com/mautic/mautic 35 https://github.com/saltstack/salt 34 https://github.com/answerdev/answer 34 https://github.com/apache/activemq 33 https://github.com/go-gitea/gitea 32 https://github.com/sparklemotion/nokogiri 32 https://github.com/opencv/opencv 32 https://github.com/matrix-org/synapse 32 https://github.com/gradio-app/gradio 32 https://github.com/parse-community/parse-server 31 https://github.com/mlflow/mlflow 31 https://github.com/PaddlePaddle/Paddle 31 https://github.com/snipe/snipe-it 30 https://github.com/openstack/keystone 28 https://github.com/CVEProject/cvelist 28 https://github.com/shopware/shopware 28 https://github.com/apache/inlong 27 https://github.com/directus/directus 27 https://github.com/gogs/gogs 26 https://github.com/baserproject/basercms 26 https://github.com/froxlor/froxlor 26 https://github.com/cilium/cilium 26 https://github.com/contao/contao 25 https://github.com/github/advisory-database 25 https://github.com/umbraco/Umbraco-CMS 25 https://github.com/electron/electron 25 https://github.com/strapi/strapi 24 https://github.com/apache/nifi 24 https://github.com/getgrav/grav 24 https://github.com/pmmp/PocketMine-MP 23 https://github.com/livehelperchat/livehelperchat 23 https://github.com/eclipse/jetty.project 23 https://github.com/TYPO3/TYPO3.CMS 23 https://github.com/firefly-iii/firefly-iii 23 https://github.com/langchain-ai/langchain 22 https://github.com/PrestaShop/PrestaShop 22 https://github.com/nervosnetwork/ckb 22 https://github.com/hashicorp/consul 22 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/netty/netty 21 https://github.com/apache/cxf 21 https://github.com/nilsteampassnet/TeamPass 21 https://github.com/simplesamlphp/simplesamlphp 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/undertow-io/undertow 20 https://github.com/bytecodealliance/wasmtime 20 https://github.com/traefik/traefik 20 https://github.com/OpenZeppelin/openzeppelin-contracts 20 https://github.com/moby/moby 20 https://github.com/funadmin/funadmin 20 https://github.com/OpenNMS/opennms 20 https://github.com/zitadel/zitadel 19 https://github.com/bcgit/bc-java 19 https://github.com/getkirby/kirby 19 https://github.com/cloudfoundry/uaa 19 https://github.com/nilsteampassnet/teampass 19 https://github.com/PHPOffice/PhpSpreadsheet 19 https://github.com/geoserver/geoserver 19 https://github.com/goharbor/harbor 19 https://github.com/rubygems/rubygems 18 https://github.com/intelliants/subrion 18 https://github.com/helm/helm 18 https://github.com/rack/rack 18 https://github.com/denoland/deno 17 https://github.com/vaadin/platform 17 https://github.com/backstage/backstage 17 https://github.com/hashicorp/vault 17 https://github.com/liufee/cms 17 https://github.com/laravel/framework 17 https://github.com/opencast/opencast 17 https://github.com/mindsdb/mindsdb 17 https://github.com/pyload/pyload 16 https://github.com/ethyca/fides 16 https://github.com/OpenMage/magento-lts 16 https://github.com/forkcms/forkcms 16 https://github.com/etcd-io/etcd 16 https://github.com/tinymce/tinymce 16 https://github.com/sequelize/sequelize 16 https://github.com/rusqlite/rusqlite 16 https://github.com/mattermost/mattermost 16 https://github.com/yetiforcecompany/yetiforcecrm 16 https://github.com/vercel/next.js 16 https://github.com/surrealdb/surrealdb 16 https://github.com/ethereum/go-ethereum 16 https://github.com/TYPO3-CMS/core 16 https://github.com/decidim/decidim 15 https://github.com/dompdf/dompdf 15 https://github.com/cobbler/cobbler 15 https://github.com/PHPMailer/PHPMailer 15 https://github.com/zendframework/zendframework 15 https://github.com/drupal/core 15 https://github.com/puppetlabs/puppet 15 https://github.com/vantage6/vantage6 15 https://github.com/pyca/cryptography 15 https://github.com/apache/camel 15 https://github.com/hashicorp/nomad 15 https://github.com/centreon/centreon 15 https://github.com/rails/rails-html-sanitizer 14 https://github.com/cockpit-hq/cockpit 14 https://github.com/golang/go 14 https://github.com/janeczku/calibre-web 14 https://github.com/ckeditor/ckeditor4 14 https://github.com/aio-libs/aiohttp 14 https://github.com/xuxueli/xxl-job 14 https://github.com/twisted/twisted 14 https://github.com/thorsten/phpMyFAQ 14 https://github.com/dotnet/aspnetcore 14 https://github.com/containerd/containerd 14 https://github.com/apache/superset 13 https://github.com/dromara/hutool 13 https://github.com/apache/dolphinscheduler 13 https://github.com/modoboa/modoboa 13 https://github.com/nodejs/undici 13 https://github.com/swagger-api/swagger-ui 13 https://github.com/publify/publify 13 https://github.com/openfga/openfga 13 https://github.com/quarkusio/quarkus 13 https://github.com/OPCFoundation/UA-.NETStandard 13 https://github.com/laurent22/joplin 13 https://github.com/ming-soft/MCMS 13 https://github.com/TryGhost/Ghost 13 https://github.com/OpenRefine/OpenRefine 13 https://github.com/urllib3/urllib3 12 https://github.com/getsentry/sentry 12 https://github.com/openstack/glance 12 https://github.com/centreon/centreon-archived 12 https://github.com/opencontainers/runc 12 https://github.com/patriksimek/vm2 12 https://github.com/apache/kylin 12 https://github.com/puma/puma 12 https://github.com/containers/podman 12 https://github.com/wagtail/wagtail 12 https://github.com/pimcore/admin-ui-classic-bundle 12 https://github.com/1Panel-dev/1Panel 12 https://github.com/smarty-php/smarty 12 https://github.com/yiisoft/yii2 11 https://github.com/zenml-io/zenml 11 https://github.com/cakephp/cakephp 11 https://github.com/onionshare/onionshare 11 https://github.com/matrix-org/matrix-js-sdk 11 https://github.com/top-think/framework 11 https://github.com/cri-o/cri-o 11 https://github.com/spring-projects/spring-security 11 https://github.com/igniterealtime/Openfire 11 https://github.com/cloudflare/cfrpki 11 https://github.com/nats-io/nats-server 11 https://github.com/vaadin/flow 11 https://github.com/Sylius/Sylius 11 https://github.com/dpgaspar/Flask-AppBuilder 11 https://github.com/Pylons/waitress 11 https://github.com/pomerium/pomerium 11 https://github.com/WWBN/AVideo 11 https://github.com/ezsystems/ezpublish-kernel 11 https://github.com/NodeBB/NodeBB 11 https://github.com/cosmos/cosmos-sdk 11 https://github.com/scrapy/scrapy 11 https://github.com/Studio-42/elFinder 11 https://github.com/owen2345/camaleon-cms 11