Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories

Browse all Security Advisories for

Loading...
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgzNmMteGc5Ny04cDRo
libtaxii Server-Side Request Forgery vulnerability
Ecosystems: pypi
Packages: libtaxii
Source: GitHub Advisory Database
Blast Radius: 18.4
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhoeDktcDY5di1jeDJq
Authentication bypass in Apache Airflow
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3cHctYzNqMi01ZmM4
Plaintext password leak in Apache Superset
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNncWotY214ci1wNHgy
Forced Browsing in Twisted
Ecosystems: pypi
Packages: twisted
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtdjItNzlxOC1mdjZn
Uncontrolled Resource Consumption in urllib3
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 42.2
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjcjgtNHZmdy1tcjdo
REXML round-trip instability
Ecosystems: rubygems
Packages: rexml
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFncDQtNXF4Ni01NDhn
Cross-site scripting (XSS) from unsanitized uploaded SVG files in Kirby
Ecosystems: packagist
Packages: getkirby/cms
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2MzktM3FoNy05djd3
Improper Input Validation in Spring Framework
Ecosystems: maven
Packages: org.springframework:spring-framework-bom
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFnY2ctcDN2Mi05aDRw
Externally Controlled Reference to a Resource in Another Sphere and Confused Deputy in Spring Cloud Netflix
Ecosystems: maven
Packages: org.springframework.cloud:spring-cloud-netflix
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJoaDktY202NS0zdzU0
Improper Authentication in Apache Hadoop
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-main
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc4dnEtOWo1Ni13cmZy
Gon gem lack of escaping certain input when outputting as JSON
Ecosystems: rubygems
Packages: gon
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5dzMtZ3djMi1jcjQ5
HTTP Request Smuggling in Undertow
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0Y3AtaDUzcC12M3Y4
Allocation of Resources Without Limits or Throttling in Undertow
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNjY2YtN3h3My1wMnZy
HTTP Request Smuggling in Undertow
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmdzIteDlmOC0yZjZt
Cross-Site Scripting
Ecosystems: pypi
Packages: oncall
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczeHYtdzVncC1mcnho
Logic error in Legion of the Bouncy Castle BC Java
Ecosystems: maven
Packages: org.bouncycastle:bcprov-ext-jdk16, org.bouncycastle:bcprov-jdk16, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-ext-jdk15on, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk15to18
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlmZ3gtcTI1aC1qeHJn
DOM XSS in Theme Preview
Ecosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEzNDgtZjkzeC05Z3g0
Lack of Input Validation in zendesk_api_client_php for Zendesk Subdomain
Ecosystems: packagist
Packages: zendesk/zendesk_api_client_php
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtZzktdmh4cS12bTdq
SQL Server LIMIT / OFFSET SQL Injection in laravel/framework and illuminate/database
Ecosystems: packagist
Packages: illuminate/database, laravel/framework
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUycXAtanBxNy02YzU0
Insecure Deserialization of untrusted data in rmccue/requests
Ecosystems: packagist
Packages: rmccue/requests
Source: GitHub Advisory Database
Blast Radius: 36.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1aDgtcGM2aC1qdnZ4
Composer's missing argument delimiter can lead to code execution via VCS repository URLs or source download URLs on systems with Mercurial
Ecosystems: packagist
Packages: composer/composer
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2N3EtNzdjYy05OG12
Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI Generator Maven plugin
Ecosystems: maven
Packages: org.openapitools:openapi-generator-maven-plugin
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA0OHctdmYzYy1ycWp4
Cross-Site Scripting in Bootstrap Package
Ecosystems: packagist
Packages: bk2k/bootstrap-package
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh2NWgtdjdqaC1wMnFo
Authentication bypass for specific endpoint
Ecosystems: maven
Packages: com.alibaba.nacos:nacos-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM2aHAtanI4aC01NTZm
Authentication Bypass
Ecosystems: maven
Packages: com.alibaba.nacos:nacos-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM1cTItNDdxNy0zcGMz
Node-Redis potential exponential regex in monitor mode
Ecosystems: npm
Packages: redis
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcycmotMzZxYy00N2c3
Pgsync Contains Cleartext Transmission of Sensitive Information
Ecosystems: rubygems
Packages: pgsync
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3cnAtcHZycS1qbXd2
Path Traversal and Improper Input Validation in Apache Commons IO
Ecosystems: maven
Packages: org.smartboot.servlet:servlet-core, org.checkerframework.annotatedlib:commons-io, org.apache.servicemix.bundles:org.apache.servicemix.bundles.commons-io, org.apache.commons:commons-io, net.hasor:cobble-lang, com.virjar:ratel-api, com.liferay:com.liferay.sass.compiler.jsass, com.diamondq.common:common-thirdparty.jcasbin, com.cosium.vet:vet, commons-io:commons-io
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM0M3EtNWhwai00Y3J2
Local information disclosure via system temporary directory
Ecosystems: maven
Packages: org.glassfish.jersey.core:jersey-common
Source: GitHub Advisory Database
Blast Radius: 23.4
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpncHYtNGg0Yy14aHcz
Uncontrolled Resource Consumption in pillow
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczNTktM2M2ci1oZmMy
Improper Certificate Validation in oauth ruby gem
Ecosystems: rubygems
Packages: oauth
Source: GitHub Advisory Database
Blast Radius: 33.5
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1YzUtZjRndy0zOHI5
Multiple vulnerabilities through filename manipulation in Archive_Tar
Ecosystems: packagist
Packages: pear/archive_tar
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpoNXgtaGZoZy03OGpx
Deserialization of Untrusted Data in Archive_Tar
Ecosystems: packagist
Packages: pear/archive_tar
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJwdzYtOXhmeC1qdmN4
Directory Traversal in Archive_Tar
Ecosystems: packagist
Packages: pear/archive_tar
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcybTUtZnZ2di01NW02
Observable Differences in Behavior to Error Inputs in Bouncy Castle
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-ext-jdk16, org.bouncycastle:bcprov-ext-jdk15on, org.bouncycastle:bc-fips, org.bouncycastle:bcprov-jdk16, org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlxNjktZzVnYy05Zmdm
Cross-Site Request Forgery in Vert.x-Web framework
Ecosystems: maven
Packages: io.vertx:vertx-web
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVjaGoteHByci03cXF4
Cross-site Scripting in GwtUpload
Ecosystems: maven
Packages: com.googlecode.gwtupload:gwtupload
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY0eDItZ3EyNC03NXB2
Cross-site scripting in Apache CXF
Ecosystems: maven
Packages: org.apache.cxf:cxf, org.apache.cxf:apache-cxf
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM2cDktMjRyYy1qcjVo
Remote Code Execution and download tracking in Mintegral SDK
Ecosystems: maven
Packages: com.mintegral.msdk:alphab
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFxNDgtbTRqeC14cWg4
"Deserialization errors in MyBatis"
Ecosystems: maven
Packages: org.mybatis:mybatis
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4cDUtOHBncS1tZ3Y5
Missing Authentication for Critical Function in Apache Calcite
Ecosystems: maven
Packages: org.apache.calcite:calcite-splunk, org.apache.calcite:calcite-druid, org.apache.calcite:calcite-core
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjajQtZ2o4bS1tMmY3
Authentication bypass in Apache Shiro
Ecosystems: maven
Packages: org.apache.shiro:shiro-spring
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVjNjYtdjI5aC14amg4
XSS Cross Site Scripting
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZoZ3ItMmc2cS0zcm1j
Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19
Ecosystems: maven
Packages: com.vaadin:flow-client
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1yOGgtajljdi00bTho
Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19
Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ2cmYtOTQyOC01Mjdt
Backport for CVE-2021-21024 Blind SQLi from Magento 2
Ecosystems: packagist
Packages: openmage/magento-lts
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW00OTYteDU2Ny1mOThj
Fixes a bug in Zend Framework's Stream HTTP Wrapper
Ecosystems: packagist
Packages: openmage/magento-lts
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJmdzQtbWdxOS0zOWN4
Code Injection in oauth2-server
Ecosystems: npm
Packages: oauth2-server
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdoaHAtOTk3dy1xcjI4
.NET Core Remote Code Execution Vulnerability
Ecosystems: nuget
Packages: System.Text.Encodings.Web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdqZ2otOHd2Yy1qaDU3
.NET Core Information Disclosure
Ecosystems: nuget
Packages: System.Net.Http
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0bXEtNmZwNS1xd2Nm
Ansible vulnerable to Exposure of Resource to Wrong Sphere and Insecure Temporary File
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyeGotNWoyNy1mOHJm
Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNjNjctZ2M0OC05ODN3
Path Traversal in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 21.7
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3cjgtNWo4My00ODNj
OS Command Injection and Improper Input Validation in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW00MjktZmhtdi1jNnEy
Improper Verification of Cryptographic Signature in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWoyaDYtNzN4OC0yMmM0
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5M2gtMzV2NC1teHF4
Path Traversal in Ansible
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNwcXgtNGZxZi1qNDlm
Deserialization of Untrusted Data in PyYAML
Ecosystems: pypi
Packages: pyyaml
Source: GitHub Advisory Database
Blast Radius: 49.9
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdteDUteDM3Mi14aDg3
Incorrect Session Validation in Apache Airflow
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2dnAteDNwci03OXJ4
Apache Airflow cross-site scripting due to incomplete fix for CVE-2020-13944
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhqNXYtNTc0cC1tajdj
py vulnerable to Regular Expression Denial of Service
Ecosystems: pypi
Packages: py
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl3NDktbTd4aC01cjM5
Cross-site scripting in papermerge
Ecosystems: pypi
Packages: papermerge
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl3OHItMzk3Zi1wcmZo
Infinite Loop in Pygments
Ecosystems: pypi
Packages: Pygments
Source: GitHub Advisory Database
Blast Radius: 36.4
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY5cTItcDl4cC03Mzl2
XML Injection in petl
Ecosystems: pypi
Packages: petl
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJtcDctZjJ2cC0zcnE0
Cross-site scripting in SiCKRAGE
Ecosystems: pypi
Packages: sickrage
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg4MjMtajdjNC12cGM1
Cross-site scripting in sickrage
Ecosystems: pypi
Packages: sickrage
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4cGotZjVnMi04cDdt
Asyncpg Arbitrary Code Execution Via Access to an Uninitialized Pointer
Ecosystems: pypi
Packages: asyncpg
Source: GitHub Advisory Database
Blast Radius: 37.0
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNwM2gtcWdocC1odmgy
Open Redirect in werkzeug
Ecosystems: pypi
Packages: werkzeug
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNjZ20tM3h3NC1oNXA4
Improper Restriction of XML External Entity Reference in pikepdf
Ecosystems: pypi
Packages: pikepdf
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYyNDgtdjRxaC14MnI2
Improper Certificate Validation in blackduck
Ecosystems: pypi
Packages: blackduck
Source: GitHub Advisory Database
Blast Radius: 12.8
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3NTctanA4NC1neGZ4
Improper Input Validation in PyYAML
Ecosystems: pypi
Packages: pyyaml
Source: GitHub Advisory Database
Blast Radius: 49.9
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3cDctdnFyNS1oMzNo
Open Redirect in autobahn
Ecosystems: pypi
Packages: autobahn
Source: GitHub Advisory Database
Blast Radius: 24.0
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd4YzUtZ2dwcC1nMjQ5
pwntools Server-Side Template Injection (SSTI) vulnerability
Ecosystems: pypi
Packages: pwntools
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdxNWgtZjlwNS1xN2Z4
Improper validation of URLs ('Cross-site Scripting') in Wagtail rich text fields
Ecosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThodzktMjJ2Ni05anI5
Any logged in user could edit any other logged in user.
Ecosystems: npm
Packages: @curveball/a12n-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIyd2MtYzl3ai02cTJ2
VVE-2021-0001: Memory corruption using function calls within arrays
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM3NW0tNWZ2di14cTIz
VVE-2021-0002: Incorrect `returndatasize` when using simple forwarder proxies deployed prior to EIP-1167 adoption
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2Y3ctZjY4dy04aDho
Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime
Ecosystems: npm
Packages: jose-node-cjs-runtime
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2NGctNzI2aC14dmZ2
Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-esm-runtime
Ecosystems: npm
Packages: jose-node-esm-runtime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk0aGgtcGpqZy1yd21y
Padding Oracle Attack due to Observable Timing Discrepancy in jose-browser-runtime
Ecosystems: npm
Packages: jose-browser-runtime
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4ZjUtaGZxYy1qZ2No
Padding Oracle Attack due to Observable Timing Discrepancy in jose
Ecosystems: npm
Packages: jose
Source: GitHub Advisory Database
Blast Radius: 28.0
Published: over 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZnM2MtMm1oNS03cTZ4
Missing validation of JWT signature in `ManyDesigns/Portofino`
Ecosystems: maven
Packages: com.manydesigns:portofino-core, com.manydesigns:portofino-dispatcher
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1oNzQtNG01Zy1mY2p4
Malicious users could abuse Sydent to control the content of invitation emails
Ecosystems: pypi
Packages: matrix-sydent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlqaG0tOG04Yy1jM2Y0
SSRF in Sydent due to missing validation of hostnames
Ecosystems: pypi
Packages: matrix-sydent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdtZzQtOGNwMi1ocGc5
Sydent vulnerable to denial of service attack via memory exhaustion
Ecosystems: pypi
Packages: matrix-sydent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyaDQtMjk0cC12Y2Zx
Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17
Ecosystems: maven
Packages: com.vaadin:vaadin-text-field-flow
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: over 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpteDgtMzU1bS04dndo
Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11
Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJwNHgtd3hxdi1jZjlt
Reflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13
Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: over 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJqd3ctMng4di1tOXY5
Potential sensitive data exposure in applications using Vaadin 15
Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 6.5
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ5cjItNzNtNi1wcDhm
Directory traversal in development mode handler in Vaadin 14 and 15-17
Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 12.4
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh3ZzMtcXJjZy13OXg2
Timing side channel vulnerability in UIDL request handler in Vaadin 10, 11-14, and 15-18
Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1eGMtcXZ4aC0yN2Y4
Timing side channel vulnerability in UIDL request handler in Vaadin 7 and 8
Ecosystems: maven
Packages: com.vaadin:vaadin-server, com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI1eGMtandmcS0zOWp3
OSGi applications using Vaadin 12-14 and 19 vulnerable to server classes and resources exposure
Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA3anEtdjhqcC1qNDI0
Timing side channel vulnerability in endpoint request handler in Vaadin 15-19
Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE3NHItNHh3My1wcHg5
Stored cross-site scripting in Grid component in Vaadin 7 and 8
Ecosystems: maven
Packages: com.vaadin:vaadin-server, com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQyajQtNzMzeC01dmNm
Regular expression denial of service (ReDoS) in EmailValidator class in Vaadin 7
Ecosystems: maven
Packages: com.vaadin:vaadin-server, com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 27.3
Published: over 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNoNXItOTI4di1teGho
Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11
Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpxajQtcjQ4My00Z3Zy
Reflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13
Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: over 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2ZjQtZnczMy02ajJ2
Potential sensitive data exposure in applications using Vaadin 15
Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgybWYtbW1oNy1oeHA1
Directory traversal in development mode handler in Vaadin 14 and 15-17
Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 21.5
Published: over 3 years ago
Statistics
Advisories: 20,090
Packages: 8,834
Repositories: 5,388
Ecosystems: 12
Filter by Severity
Moderate 8,749 High 6,916 Critical 2,988 Low 1,112
Filter by Ecosystem
maven 5,758 packagist 4,466 pypi 4,208 npm 3,733 go 2,197 nuget 1,508 rubygems 857 cargo 849 swift 32 hex 30 actions 19 pub 8
Filter by Package
tensorflow 433 tensorflow-gpu 425 tensorflow-cpu 422 moodle/moodle 343 Microsoft.ChakraCore 247 magento/community-edition 215 org.jenkins-ci.main:jenkins-core 191 typo3/cms 174 org.apache.tomcat:tomcat 132 pimcore/pimcore 118 dolibarr/dolibarr 112 typo3/cms-core 106 microweber/microweber 94 drupal/core 92 phpmyadmin/phpmyadmin 92 silverstripe/framework 85 apache-airflow 84 Django 80 drupal/drupal 77 thorsten/phpmyfaq 70 com.fasterxml.jackson.core:jackson-databind 69 symfony/symfony 64 ansible 63 github.com/usememos/memos 63 concrete5/concrete5 58 actionpack 58 django 58 org.apache.struts:struts2-core 55 github.com/mattermost/mattermost/server/v8 55 salt 55 librenms/librenms 54 Plone 52 shopware/platform 52 apache-superset 51 org.keycloak:keycloak-core 50 github.com/grafana/grafana 47 nova 47 mlflow 46 com.liferay.portal:release.portal.bom 45 baserproject/basercms 43 plone 43 nokogiri 43 craftcms/cms 43 rdiffweb 42 Pillow 41 shopware/core 40 showdoc/showdoc 40 intelliants/subrion 39 froxlor/froxlor 38 vyper 38 github.com/mattermost/mattermost-server/v6 37 org.apache.tomcat.embed:tomcat-embed-core 37 nilsteampassnet/teampass 37 org.xwiki.platform:xwiki-platform-oldcore 37 org.elasticsearch:elasticsearch 36 com.jfinal:jfinal 36 com.thoughtworks.xstream:xstream 36 mautic/core 36 moin 35 matrix-synapse 35 net.mingsoft:ms-mcms 35 k8s.io/kubernetes 34 zendframework/zendframework1 34 github.com/hashicorp/vault 34 github.com/answerdev/answer 34 snipe/snipe-it 33 org.keycloak:keycloak-services 33 github.com/rancher/rancher 33 io.undertow:undertow-core 32 org.jenkins-ci.plugins:script-security 32 github.com/argoproj/argo-cd 31 opencv-contrib-python 31 opencv-python 31 keystone 31 parse-server 30 shopware/shopware 30 github.com/docker/docker 29 getgrav/grav 29 github.com/argoproj/argo-cd/v2 27 centreon/centreon 27 github.com/hashicorp/nomad 27 openssl-src 26 electron 26 github.com/hashicorp/consul 26 prestashop/prestashop 26 directus 26 org.apache.solr:solr-core 25 rubygems-update 25 org.keycloak:keycloak-parent 25 github.com/cilium/cilium 24 mediawiki/core 24 magento/core 24 gogs.io/gogs 24 org.springframework.security:spring-security-core 24 contao/core-bundle 24 org.eclipse.jetty:jetty-server 23 rack 23 grumpydictator/firefly-iii 23 puppet 23 simplesamlphp/simplesamlphp 23 pocketmine/pocketmine-mp 23 remdex/livehelperchat 23 zendframework/zendframework 23 org.apache.nifi:nifi 22 getkirby/cms 22 org.bouncycastle:bcprov-jdk14 22 ckb 22 activerecord 21 @openzeppelin/contracts-upgradeable 21 org.apache.openmeetings:openmeetings-parent 21 glance 20 code.gitea.io/gitea 20 tribalsystems/zenario 20 @openzeppelin/contracts 20 github.com/ethereum/go-ethereum 20 org.cloudfoundry.identity:cloudfoundry-identity-server 20 Microsoft.AspNetCore.App.Runtime.win-x86 20 Microsoft.AspNetCore.App.Runtime.win-x64 20 langchain 19 laravel/framework 19 org.springframework:spring-core 19 org.xwiki.platform:xwiki-platform-web-templates 19 Microsoft.AspNetCore.App.Runtime.win-arm 19 DotNetNuke.Core 19 github.com/goharbor/harbor 18 mindsdb 18 forkcms/forkcms 18 com.vaadin:vaadin-bom 18 topthink/framework 18 gradio 18 cockpit-hq/cockpit 18 com.liferay.portal:release.dxp.bom 18 contao/contao 18 golang.org/x/net 18 github.com/traefik/traefik/v2 18 cakephp/cakephp 17 PaddlePaddle 17 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 17 mercurial 17 Microsoft.AspNetCore.App.Runtime.linux-x64 17 ezsystems/ezpublish-kernel 17 cobbler 17 helm.sh/helm/v3 17 org.apache.geode:geode-core 17 Microsoft.AspNetCore.App.Runtime.linux-arm 17 symfony/security 17 francoisjacquet/rosariosis 17 Microsoft.AspNetCore.App.Runtime.osx-x64 17 Microsoft.AspNetCore.App.Runtime.win-arm64 17 opencart/opencart 17 genix/cms 17 Microsoft.AspNetCore.App.Runtime.linux-arm64 17 next 17 cryptography 16 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 16 neutron 16 wasmtime 16 org.apache.dubbo:dubbo 16 org.apache.activemq:activemq-client 16 sequelize 16 openmage/magento-lts 16 org.apache.jspwiki:jspwiki-main 16 pillow 16 rusqlite 16 yetiforce/yetiforce-crm 16 org.bouncycastle:bcprov-jdk15 16 tinymce 16 notebook 16 smarty/smarty 15 ethyca-fides 15 paddlepaddle 15 ec-cube/ec-cube 15 ghost 15 org.apache.struts.xwork:xwork-core 15 october/system 15 pyload-ng 15 ckeditor4 15 typo3/cms-backend 14 github.com/nats-io/nats-server/v2 14 silverstripe/cms 14 pyftpdlib 14 publify_core 14 feehi/cms 14 bolt/bolt 14 activesupport 14 org.apache.inlong:manager-pojo 14 github.com/containerd/containerd 14 swagger-ui 14 phpmailer/phpmailer 14 symfony/security-http 14 modoboa 14 org.xwiki.platform:xwiki-platform-web 14 github.com/zitadel/zitadel 14 strapi 13 lavalite/cms 13 twisted 13 deno 13 elefant/cms 13 undici 13 org.apache.cxf:cxf 13
Filter by Repository
https://github.com/tensorflow/tensorflow 433 https://github.com/moodle/moodle 214 https://github.com/chakra-core/ChakraCore 214 https://github.com/xwiki/xwiki-platform 183 https://github.com/jenkinsci/jenkins 150 https://github.com/pimcore/pimcore 113 https://github.com/django/django 111 https://github.com/apache/airflow 98 https://github.com/apache/tomcat 97 https://github.com/microweber/microweber 88 https://github.com/TYPO3/typo3 72 https://github.com/FasterXML/jackson-databind 70 https://github.com/thorsten/phpmyfaq 69 https://github.com/keycloak/keycloak 67 https://github.com/silverstripe/silverstripe-framework 64 https://github.com/usememos/memos 63 https://github.com/symfony/symfony 57 https://github.com/ansible/ansible 56 https://github.com/Dolibarr/dolibarr 56 https://github.com/rails/rails 55 https://github.com/python-pillow/Pillow 52 https://github.com/kubernetes/kubernetes 50 https://github.com/librenms/librenms 46 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 43 https://github.com/shopware/platform 43 https://github.com/argoproj/argo-cd 42 https://github.com/ikus060/rdiffweb 42 https://github.com/grafana/grafana 40 https://github.com/concretecms/concretecms 39 https://github.com/vyperlang/vyper 38 https://github.com/star7th/showdoc 38 https://github.com/phpmyadmin/phpmyadmin 38 https://github.com/magento/magento2 38 https://github.com/openstack/nova 37 https://github.com/plone/Products.CMFPlone 37 https://github.com/x-stream/xstream 36 https://github.com/octobercms/october 35 https://github.com/saltstack/salt 34 https://github.com/answerdev/answer 34 https://github.com/mautic/mautic 34 https://github.com/apache/activemq 33 https://github.com/matrix-org/synapse 32 https://github.com/opencv/opencv 32 https://github.com/sparklemotion/nokogiri 32 https://github.com/go-gitea/gitea 32 https://github.com/craftcms/cms 31 https://github.com/PaddlePaddle/Paddle 31 https://github.com/mlflow/mlflow 30 https://github.com/parse-community/parse-server 30 https://github.com/snipe/snipe-it 29 https://github.com/shopware/shopware 28 https://github.com/dotnet/runtime 28 https://github.com/openstack/keystone 28 https://github.com/CVEProject/cvelist 28 https://github.com/rancher/rancher 28 https://github.com/apache/inlong 27 https://github.com/froxlor/froxlor 26 https://github.com/directus/directus 25 https://github.com/electron/electron 25 https://github.com/contao/contao 25 https://github.com/TYPO3/TYPO3.CMS 24 https://github.com/getgrav/grav 24 https://github.com/strapi/strapi 24 https://github.com/cilium/cilium 24 https://github.com/gogs/gogs 24 https://github.com/firefly-iii/firefly-iii 23 https://github.com/eclipse/jetty.project 23 https://github.com/livehelperchat/livehelperchat 23 https://github.com/pmmp/PocketMine-MP 23 https://github.com/github/advisory-database 23 https://github.com/PrestaShop/PrestaShop 22 https://github.com/baserproject/basercms 22 https://github.com/apache/nifi 22 https://github.com/nervosnetwork/ckb 22 https://github.com/apache/cxf 21 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/umbraco/Umbraco-CMS 20 https://github.com/OpenNMS/opennms 20 https://github.com/OpenZeppelin/openzeppelin-contracts 20 https://github.com/simplesamlphp/simplesamlphp 20 https://github.com/netty/netty 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/hashicorp/consul 19 https://github.com/langchain-ai/langchain 19 https://github.com/cloudfoundry/uaa 19 https://github.com/getkirby/kirby 19 https://github.com/nilsteampassnet/teampass 19 https://github.com/bcgit/bc-java 19 https://github.com/rack/rack 18 https://github.com/nilsteampassnet/TeamPass 18 https://github.com/helm/helm 18 https://github.com/goharbor/harbor 18 https://github.com/intelliants/subrion 18 https://github.com/rubygems/rubygems 18 https://github.com/traefik/traefik 18 https://github.com/geoserver/geoserver 18 https://github.com/vaadin/platform 17 https://github.com/moby/moby 17 https://github.com/liufee/cms 17 https://github.com/mindsdb/mindsdb 17 https://github.com/bytecodealliance/wasmtime 17 https://github.com/ethereum/go-ethereum 16 https://github.com/sequelize/sequelize 16 https://github.com/yetiforcecompany/yetiforcecrm 16 https://github.com/opencast/opencast 16 https://github.com/rusqlite/rusqlite 16 https://github.com/hashicorp/vault 16 https://github.com/tinymce/tinymce 16 https://github.com/OpenMage/magento-lts 16 https://github.com/etcd-io/etcd 16 https://github.com/gradio-app/gradio 16 https://github.com/forkcms/forkcms 16 https://github.com/TYPO3-CMS/core 16 https://github.com/pyca/cryptography 15 https://github.com/undertow-io/undertow 15 https://github.com/zendframework/zendframework 15 https://github.com/puppetlabs/puppet 15 https://github.com/apache/camel 15 https://github.com/vantage6/vantage6 15 https://github.com/PHPMailer/PHPMailer 15 https://github.com/backstage/backstage 15 https://github.com/centreon/centreon 15 https://github.com/denoland/deno 15 https://github.com/pyload/pyload 15 https://github.com/laravel/framework 15 https://github.com/ethyca/fides 15 https://github.com/xuxueli/xxl-job 14 https://github.com/zitadel/zitadel 14 https://github.com/cockpit-hq/cockpit 14 https://github.com/ckeditor/ckeditor4 14 https://github.com/twisted/twisted 14 https://github.com/mattermost/mattermost 14 https://github.com/cobbler/cobbler 14 https://github.com/containerd/containerd 14 https://github.com/quarkusio/quarkus 13 https://github.com/vercel/next.js 13 https://github.com/publify/publify 13 https://github.com/golang/go 13 https://github.com/decidim/decidim 13 https://github.com/swagger-api/swagger-ui 13 https://github.com/dompdf/dompdf 13 https://github.com/dromara/hutool 13 https://github.com/apache/dolphinscheduler 13 https://github.com/nodejs/undici 13 https://github.com/TryGhost/Ghost 13 https://github.com/ming-soft/MCMS 13 https://github.com/hashicorp/nomad 13 https://github.com/modoboa/modoboa 13 https://github.com/dotnet/aspnetcore 13 https://github.com/pimcore/admin-ui-classic-bundle 12 https://github.com/1Panel-dev/1Panel 12 https://github.com/patriksimek/vm2 12 https://github.com/openfga/openfga 12 https://github.com/apache/kylin 12 https://github.com/centreon/centreon-archived 12 https://github.com/aio-libs/aiohttp 12 https://github.com/smarty-php/smarty 12 https://github.com/wagtail/wagtail 12 https://github.com/laurent22/joplin 12 https://github.com/opencontainers/runc 12 https://github.com/urllib3/urllib3 12 https://github.com/top-think/framework 11 https://github.com/nats-io/nats-server 11 https://github.com/Studio-42/elFinder 11 https://github.com/thorsten/phpMyFAQ 11 https://github.com/drupal/core 11 https://github.com/scrapy/scrapy 11 https://github.com/OPCFoundation/UA-.NETStandard 11 https://github.com/cloudflare/cfrpki 11 https://github.com/igniterealtime/Openfire 11 https://github.com/dpgaspar/Flask-AppBuilder 11 https://github.com/vaadin/flow 11 https://github.com/yiisoft/yii2 11 https://github.com/cakephp/cakephp 11 https://github.com/WWBN/AVideo 11 https://github.com/openstack/glance 11 https://github.com/puma/puma 11 https://github.com/Sylius/Sylius 11 https://github.com/NodeBB/NodeBB 11 https://github.com/onionshare/onionshare 11 https://github.com/containers/podman 11 https://github.com/ezsystems/ezpublish-kernel 11 https://github.com/janeczku/calibre-web 11 https://github.com/nextauthjs/next-auth 10 https://github.com/opencart/opencart 10 https://github.com/jquery/jquery 10 https://github.com/dolibarr/dolibarr 10 https://github.com/greenpau/caddy-security 10 https://github.com/apache/superset 10 https://github.com/cri-o/cri-o 10 https://github.com/nautobot/nautobot 10 https://github.com/keystonejs/keystone 10 https://github.com/pomerium/pomerium 10 https://github.com/jenkinsci/git-plugin 10 https://github.com/nocodb/nocodb 10 https://github.com/jupyter/notebook 10 https://github.com/zenml-io/zenml 10 https://github.com/DSpace/DSpace 10