Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories

Browse all Security Advisories for

Loading...
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwd2otbXZ2Ny12M205
High severity vulnerability that affects org.apache.cxf.fediz:fediz-spring and org.apache.cxf.fediz:fediz-spring2
Ecosystems: maven
Packages: org.apache.cxf.fediz:fediz-spring2, org.apache.cxf.fediz:fediz-spring
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMzNTctODI5eC1tOXBy
Apache CXF Fediz application plugins are vulnerable to Denial of Service (DoS) attacks
Ecosystems: maven
Packages: org.apache.cxf.fediz:fediz-core, org.apache.cxf.fediz:fediz-idp
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXczZ2gtZzMybS1jdmhy
High severity vulnerability that affects org.apache.cxf.fediz:fediz-jetty8, org.apache.cxf.fediz:fediz-jetty9, org.apache.cxf.fediz:fediz-spring, org.apache.cxf.fediz:fediz-spring2, and org.apache.cxf.fediz:fediz-spring3
Ecosystems: maven
Packages: org.apache.cxf.fediz:fediz-jetty9, org.apache.cxf.fediz:fediz-jetty8, org.apache.cxf.fediz:fediz-spring3, org.apache.cxf.fediz:fediz-spring2, org.apache.cxf.fediz:fediz-spring
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdodzctaDI1di05cXZ4
Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-jetty8, org.apache.cxf.fediz:fediz-jetty9, and org.apache.cxf.fediz:fediz-spring2
Ecosystems: maven
Packages: org.apache.cxf.fediz:fediz-jetty8, org.apache.cxf.fediz:fediz-jetty9, org.apache.cxf.fediz:fediz-spring2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzMnItMzk3Ny1jZ2Mz
Keycloak vulnerable to uncontrolled resource consumption
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk1OXEtMzJnOC12dnA3
Moderate severity vulnerability that affects org.keycloak:keycloak-core
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg3ajctcHczdi0zdjN4
Moderate severity vulnerability that affects org.keycloak:keycloak-core
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM3N3ItNmY2NC00Nzhx
keycloak-core discloses system properties
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjNnEtMjdtdy1wNTV3
Keycloak vulnerable to infinite loop based Denial of Service
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk1bTYtbWpoMy01OGdt
Improper Authentication in org.keycloak:keycloak-core
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3OHgtMm1xdi13Nnh3
Moderate severity vulnerability that affects org.keycloak:keycloak-core
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2Z3YtM3Izdi1nd2dq
keycloak-core vulnerable to timing attacks against JWS token verification
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM4N3YtODRjdi05cW1j
Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjcnYtNDlmci0yaDZq
Spring Security and Spring Framework may not recognize certain paths that should be protected
Ecosystems: maven
Packages: org.springframework.security:spring-security-core, org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnZjktaDY5cC1wY2dm
Files or Directories Accessible to External Parties in org.springframework:spring-core
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ2N3ctNTM1ai1ycTVt
Pivotal Spring Framework DoS Attack with XML Input
Ecosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ1dmctMnY3My12bTYy
Moderate severity vulnerability that affects org.springframework:spring-core
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNybXYtMnBnNS14dnFq
Improperly Implemented Security Check for Standard in org.springframework:spring-core
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0ODcteDM4My1xcHBo
Possible privilege escalation in org.springframework:spring-core
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc4aHctNzk0Yy00ajln
Path Traversal in org.springframework:spring-core
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1aGctM3htMy1nY2pn
Spring Framework allows applications to expose STOMP over WebSocket endpoints
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN4cmotNjZjNS05Zm1o
Spring Framework when used in combination with any versions of Spring Security contains an authorization bypass
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 45.7
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJjcGYtdmo1My03aDJt
Denial of Service in org.springframework:spring-core
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY1OTYtZndocS04eDQ4
Improper Input Validation in org.springframework.security:spring-security-core, org.springframework.security:spring-security-core , and org.springframework:spring-core
Ecosystems: maven
Packages: org.springframework.security:spring-security-core, org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1oN2ctOTl3OS14cGpt
Remote code execution occurs in Apache Solr
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJjOXYtaDI4Zi1qY21m
There is a XML external entity expansion (XXE) vulnerability in Apache Solr config files
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNwcGgtMjU5NS1jZ2Zo
There is a XML external entity expansion (XXE) vulnerability in Apache Solr
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdweDMtNmY2Zy1oeGNq
XML external entity expansion in org.apache.solr:solr-core
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJocTItMjU3NC03OG1j
Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal
Ecosystems: maven
Packages: cn.hutool:hutool-core, cn.hutool:hutool-all, cn.hutool:hutool-parent
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM4Y2MtcDNqNy00Yzdm
Moderate severity vulnerability that affects org.apache.mesos:mesos
Ecosystems: maven
Packages: org.apache.mesos:mesos
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyNjQtd2Y3Ni1jNTNw
In blynk-server a Directory Traversal exists
Ecosystems: maven
Packages: com.github.blynkkk:blynk-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEzNXAtY2hjNi03eDU3
Moderate severity vulnerability that affects org.apache.storm:storm-core
Ecosystems: maven
Packages: org.apache.storm:storm-core
Source: GitHub Advisory Database
Blast Radius: 21.1
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA4angteDJ2dy13bTMz
Code execution in org.apache.storm:storm-core
Ecosystems: maven
Packages: org.apache.storm:storm-core
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg4MjUtcmp3dy0yMjQ1
Apache Storm it is possible for the owner of a topology to trick the supervisor to launch a worker as a different, non-root, user
Ecosystems: maven
Packages: org.apache.storm:storm-core
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZmdngtcjdoeC0zdmg2
JavaMelody has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java.
Ecosystems: maven
Packages: net.bull.javamelody:javamelody-core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd4OTYtdmdmNy1od2Zn
In Apache PDFBox a carefully crafted PDF file can trigger an extremely long running computation
Ecosystems: maven
Packages: org.apache.pdfbox:pdfbox
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRjMzIteG1nai0yZzk4
High severity vulnerability that affects org.apache.pdfbox:pdfbox
Ecosystems: maven
Packages: org.apache.pdfbox:pdfbox
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1ZjUtcmo0ci00MmY2
Incorrect access control in Neo4j Enterprise Database Server via LDAP authentication
Ecosystems: maven
Packages: org.neo4j:neo4j-enterprise
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVxOG0tbXFteC1weHA5
Spring Data Commons contain a property path parser vulnerability caused by unlimited resource allocation
Ecosystems: maven
Packages: org.springframework.data:spring-data-commons
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05MjktN2ZyNi1jdmpn
Spring Data Commons, used in combination with XMLBeam, contains a property binder vulnerability caused by improper restriction of XML external entity references
Ecosystems: maven
Packages: org.springframework.data:spring-data-commons
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRmcTMtbXI1Ni1jZzZy
Spring Data Commons remote code injection vulnerability
Ecosystems: maven
Packages: org.springframework.data:spring-data-commons
Source: GitHub Advisory Database
Blast Radius: 39.9
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZmamgtZmpnZy1tZnBx
Moderate severity vulnerability that affects org.apache.ranger:ranger
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1OG0tNmczcS1nM2ho
Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard character
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5OWgtZmdxbS02Njc5
UnixAuthenticationService in Apache Ranger was updated to correctly handle user input to avoid Stack-based buffer overflow
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh2N3gteDZ3ci14eDdn
Apache Ranger policy engine incorrectly matches paths in certain conditions
Ecosystems: maven
Packages: org.apache.ranger:ranger-plugins-common
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY3bWYtcWd4Zi1xbXZm
Apache Ranger admin users can store some arbitrary javascript code to be executed when normal users login and access policies
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 1.4
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZoeGMtOGpqcS04NTlq
Moderate severity vulnerability that affects org.apache.ranger:ranger
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmN3EteHFtMy02OTIz
Apache Ranger allows remote authenticated administrators to inject arbitrary web script or HTML
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 1.4
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyamYtbXhmbS05OGg1
SQL injection vulnerability in the policy admin tool in Apache Ranger
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4NGMtajhxbS1nNDdy
The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ2NTItbWo1ci03ajJt
Apache Tomcat Race Condition vulnerability
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ2ajMtcjRwai00ODM1
The host name verification missing in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI0eDItM2NxNS1ocXZw
The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01OWMtanBjOC1tMng0
In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp4NmgtM2ZqeC1jZ3Y1
Apache Tomcat information exposure vulnerability
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 27.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZyeGotNThqaC00MzZy
Apache Tomcat unauthorized access vulnerability
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVxOTktZjM0bS02N2dj
Apache Tomcat Open Redirect vulnerability
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqZnItcWYzcC0zcTI1
When running Apache Tomcat on Windows with HTTP PUTs enabled it was possible to upload a JSP file to the server
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 33.6
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtdjctY3E3NS0zcWpt
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXcyODUtd2Y5cS01dzY5
In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: about 6 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZqcW0tMjQ2Yy1td3Fn
In Bouncy Castle JCE Provider the other party DH public key is not fully validated
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJydngtcHdmOC1wNTlw
In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFjajctZzJqNS1nN3Iz
In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI5Y2gtbTRmaC1mYzdx
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI5N3gtM2c4Zi1neDNt
The Bouncy Castle JCE Provider carry a propagation bug
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM4eGYtbTRmZi1qY3hq
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2aGotOThyNi00MjRo
In Bouncy Castle JCE Provider it is possible to inject extra elements in the sequence making up the signature and still have it validate
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0NDYtNjU2cC1mNTRn
Deserialization of Untrusted Data in Bouncy castle
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15on
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzOXgtbTU1Yy12NTVo
Eclipse Vert.x does not properly neutralize '' (forward slashes) sequences that can resolve to an external location
Ecosystems: maven
Packages: io.vertx:vertx-web
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFoM20tcXc2di1xdmhn
Moderate severity vulnerability that affects io.vertx:vertx-core
Ecosystems: maven
Packages: io.vertx:vertx-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ1eG0tdjhncS03anF4
Excessive memory allocation
Ecosystems: maven
Packages: io.vertx:vertx-core
Source: GitHub Advisory Database
Blast Radius: 25.7
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2Z2ctZjhxbS02aDdq
High severity vulnerability that affects io.vertx:vertx-web
Ecosystems: maven
Packages: io.vertx:vertx-web
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVtZjctMjZtdy0zcnFy
Moderate severity vulnerability that affects org.apache.tika:tika-core
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo1M2otZ21yOS1oOGcz
Comparison errorr in org.apache.tika:tika-core
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2ZzMtdjQ2cS01cDI4
Moderate severity vulnerability that affects org.apache.tika:tika-core
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 22.3
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZqcTItNzg5cS1mZmYy
High severity vulnerability that affects org.apache.tika:tika-core
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 28.4
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4ZzYtMndoNy02NDM5
Apache Tika allows Java code execution for serialized objects embedded in MATLAB files
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR4cjQtNGM2NS1oajdm
Apache Tika does not properly initialize the XML parser or choose handlers
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNjanAtdzcyMy0yamYy
Apache Tika Server exposes sensitive information
Ecosystems: maven
Packages: org.apache.tika:tika-server
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2OTktM3dnYy03aDcy
org.apache.tika:tika-parsers has an Infinite Loop vulnerability
Ecosystems: maven
Packages: org.apache.tika:tika-parsers
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlyMjQtZ3A0NC1oM3Bt
Command injection in org.apache.tika:tika-core
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 30.6
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg4cTUtZzJjai1xcjVo
Apache Tika is vulnerable to entity expansions which can lead to a denial of service attack
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 28.4
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZtajUtd3Y5Ni1yMmNo
Denial of service vulnerability in org.apache.httpcomponents:httpclient
Ecosystems: maven
Packages: org.apache.httpcomponents:httpclient
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4ODMtcjU2Zy1jdjQ3
Improper certificate validation in org.apache.httpcomponents:httpclient
Ecosystems: maven
Packages: org.apache.httpcomponents:httpclient
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmaDUtM2doaC13Zmp4
Improper Verification of Cryptographic Signature in org.apache.httpcomponents:httpclient
Ecosystems: maven
Packages: org.apache.httpcomponents:httpclient
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczY3EtZmhwMy04cnB3
Moderate severity vulnerability that affects org.restlet.jse:org.restlet
Ecosystems: maven
Packages: org.restlet.jse:org.restlet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtcDgtcXZxbS0zeHdx
Restlet Framework Ja-rs extension is vulnerable to XXE when using SimpleXMLProvider
Ecosystems: maven
Packages: org.restlet.jse:org.restlet.ext.jaxrs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN2ajQtZzNneC04dnFx
Restlet Framework allows remote attackers to access arbitrary files via a crafted REST API HTTP request
Ecosystems: maven
Packages: org.restlet.jse:org.restlet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV4cXItZ3JxNC1xd2d4
Junrar vulnerable to Infinite Loop
Ecosystems: maven
Packages: com.github.junrar:junrar
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2cnAtOHY0ai1od3Bo
Apache Camel's XSLT component allows remote attackers to execute arbitrary Java methods
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJmdzUtcnZmMi1qcTU2
Apache Camel's XSLT component allows remote attackers to read arbitrary files
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZxOWotamg2Mi01aG1w
Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE.
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 29.1
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ2amMtcTV2ci01MnE2
Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks
Ecosystems: maven
Packages: org.apache.camel:camel-jackson
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI2djYtdzZmdy1yaDk0
Apache Camel can allow remote attackers to execute arbitrary commands
Ecosystems: maven
Packages: org.apache.camel:camel-ahc, org.apache.camel:camel-http4, org.apache.camel:camel-http-common, org.apache.camel:camel-http, org.apache.camel:camel-servlet, org.apache.camel:camel-jetty
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd2NWYtY2p3OS01dnhn
Camel-xstream component in Apache Camel can allow remote attackers to execute arbitrary commands
Ecosystems: maven
Packages: org.apache.camel:camel-xstream
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1oeDItcjNqeC1nOTRj
Apache Camel allows remote actor to read arbitrary files via external entity in invalid XML string or GenericFile object
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNocmMtZjQzOS03Mjdn
Apache Camel XML External Entity vulnerability
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp2NzQtZjlwai14cDNm
Apache Camel's Mail is vulnerable to path traversal
Ecosystems: maven
Packages: org.apache.camel:camel-mail
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2Zm0tNDM4OC02cnBj
Apache is vulnerable to XXE in XSD validation processor
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: about 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmNHEtOG1yNy01YzVj
Camel-castor component in Apache Camel is vulnerable to Java object de-serialisation
Ecosystems: maven
Packages: org.apache.camel:camel-castor
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: about 6 years ago
Statistics
Advisories: 20,936
Packages: 9,157
Repositories: 5,597
Ecosystems: 12
Filter by Severity
Moderate 8,934 High 7,373 Critical 3,086 Low 1,175
Filter by Ecosystem
maven 5,926 packagist 4,675 pypi 4,424 npm 3,850 go 2,355 nuget 1,564 cargo 910 rubygems 886 swift 33 hex 32 actions 21 pub 10
Filter by Package
tensorflow 433 tensorflow-gpu 427 tensorflow-cpu 423 moodle/moodle 367 Microsoft.ChakraCore 247 magento/community-edition 235 org.jenkins-ci.main:jenkins-core 193 typo3/cms 174 org.apache.tomcat:tomcat 132 pimcore/pimcore 118 dolibarr/dolibarr 113 typo3/cms-core 106 Django 102 drupal/core 99 microweber/microweber 94 phpmyadmin/phpmyadmin 92 silverstripe/framework 85 apache-airflow 85 drupal/drupal 83 librenms/librenms 75 Plone 72 thorsten/phpmyfaq 72 symfony/symfony 69 com.fasterxml.jackson.core:jackson-databind 69 github.com/mattermost/mattermost/server/v8 65 github.com/usememos/memos 64 ansible 63 actionpack 61 concrete5/concrete5 60 salt 56 org.apache.struts:struts2-core 56 apache-superset 55 shopware/platform 52 com.liferay.portal:release.portal.bom 51 org.keycloak:keycloak-core 49 github.com/grafana/grafana 49 baserproject/basercms 47 craftcms/cms 47 nova 47 mlflow 47 django 44 nokogiri 43 rdiffweb 42 matrix-synapse 41 plone 41 shopware/core 40 showdoc/showdoc 40 intelliants/subrion 39 github.com/mattermost/mattermost-server/v6 38 vyper 38 froxlor/froxlor 38 org.apache.tomcat.embed:tomcat-embed-core 38 github.com/rancher/rancher 38 org.elasticsearch:elasticsearch 37 nilsteampassnet/teampass 37 org.xwiki.platform:xwiki-platform-oldcore 37 com.thoughtworks.xstream:xstream 37 mautic/core 37 github.com/hashicorp/vault 37 k8s.io/kubernetes 36 com.jfinal:jfinal 36 io.undertow:undertow-core 35 net.mingsoft:ms-mcms 35 org.keycloak:keycloak-services 35 moin 35 snipe/snipe-it 35 gradio 34 github.com/answerdev/answer 34 zendframework/zendframework1 34 org.jenkins-ci.plugins:script-security 33 keystone 32 opencv-python 31 opencv-contrib-python 31 Pillow 31 parse-server 31 github.com/argoproj/argo-cd 31 shopware/shopware 30 github.com/hashicorp/consul 29 github.com/docker/docker 29 getgrav/grav 29 github.com/hashicorp/nomad 29 directus 28 mediawiki/core 28 centreon/centreon 27 github.com/argoproj/argo-cd/v2 27 pillow 26 openssl-src 26 prestashop/prestashop 26 electron 26 github.com/cilium/cilium 26 org.keycloak:keycloak-parent 25 gogs.io/gogs 25 rubygems-update 25 org.apache.solr:solr-core 25 magento/core 24 contao/core-bundle 24 org.eclipse.jetty:jetty-server 24 org.springframework.security:spring-security-core 24 zendframework/zendframework 23 com.liferay.portal:release.dxp.bom 23 rack 23 grumpydictator/firefly-iii 23 simplesamlphp/simplesamlphp 23 pocketmine/pocketmine-mp 23 puppet 23 remdex/livehelperchat 23 ckb 22 getkirby/cms 22 org.bouncycastle:bcprov-jdk14 22 tribalsystems/zenario 22 Microsoft.AspNetCore.App.Runtime.win-x64 21 glance 21 org.apache.openmeetings:openmeetings-parent 21 activerecord 21 Microsoft.AspNetCore.App.Runtime.win-x86 21 @openzeppelin/contracts-upgradeable 21 org.apache.nifi:nifi 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 github.com/ethereum/go-ethereum 20 funadmin/funadmin 20 github.com/traefik/traefik/v2 20 code.gitea.io/gitea 20 org.springframework:spring-core 20 @openzeppelin/contracts 20 langchain 20 laravel/framework 20 Microsoft.AspNetCore.App.Runtime.win-arm 20 wasmtime 19 DotNetNuke.Core 19 org.xwiki.platform:xwiki-platform-web-templates 19 github.com/goharbor/harbor 19 golang.org/x/net 19 contao/contao 19 next 19 Microsoft.AspNetCore.App.Runtime.win-arm64 18 Microsoft.AspNetCore.App.Runtime.osx-x64 18 mindsdb 18 Microsoft.AspNetCore.App.Runtime.linux-x64 18 topthink/framework 18 forkcms/forkcms 18 mercurial 18 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 18 cobbler 18 Microsoft.AspNetCore.App.Runtime.linux-arm64 18 com.vaadin:vaadin-bom 18 Microsoft.AspNetCore.App.Runtime.linux-arm 18 cockpit-hq/cockpit 18 francoisjacquet/rosariosis 17 cakephp/cakephp 17 symfony/security 17 opencart/opencart 17 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 17 ezsystems/ezpublish-kernel 17 neutron 17 org.apache.geode:geode-core 17 genix/cms 17 helm.sh/helm/v3 17 notebook 17 org.bouncycastle:bcprov-jdk15 16 tinymce 16 org.apache.activemq:activemq-client 16 cryptography 16 typo3/cms-backend 16 rusqlite 16 github.com/zitadel/zitadel 16 ethyca-fides 16 openmage/magento-lts 16 sequelize 16 pyload-ng 16 PaddlePaddle 16 org.apache.dubbo:dubbo 16 org.apache.jspwiki:jspwiki-main 16 paddlepaddle 16 phpbb/phpbb 16 yetiforce/yetiforce-crm 16 surrealdb 16 ghost 15 org.apache.struts.xwork:xwork-core 15 OctoPrint 15 ckeditor4 15 ec-cube/ec-cube 15 october/system 15 smarty/smarty 15 symfony/security-http 15 calibreweb 15 github.com/containerd/containerd 14 activesupport 14 silverstripe/cms 14 phpmailer/phpmailer 14 github.com/nats-io/nats-server/v2 14 feehi/cms 14 org.apache.tomcat:tomcat-coyote 14 pyftpdlib 14 joplin 14 swagger-ui 14 camaleon_cms 14 org.apache.inlong:manager-pojo 14 org.xwiki.platform:xwiki-platform-web 14 aiohttp 14 rails-html-sanitizer 14
Filter by Repository
https://github.com/tensorflow/tensorflow 433 https://github.com/moodle/moodle 218 https://github.com/chakra-core/ChakraCore 214 https://github.com/xwiki/xwiki-platform 188 https://github.com/jenkinsci/jenkins 150 https://github.com/pimcore/pimcore 113 https://github.com/django/django 113 https://github.com/apache/tomcat 103 https://github.com/apache/airflow 100 https://github.com/microweber/microweber 88 https://github.com/keycloak/keycloak 76 https://github.com/TYPO3/typo3 75 https://github.com/FasterXML/jackson-databind 70 https://github.com/thorsten/phpmyfaq 69 https://github.com/librenms/librenms 66 https://github.com/usememos/memos 64 https://github.com/silverstripe/silverstripe-framework 64 https://github.com/symfony/symfony 64 https://github.com/rails/rails 60 https://github.com/ansible/ansible 58 https://github.com/Dolibarr/dolibarr 56 https://github.com/kubernetes/kubernetes 53 https://github.com/python-pillow/Pillow 52 https://github.com/spring-projects/spring-framework 47 https://github.com/apache/struts 46 https://github.com/shopware/platform 43 https://github.com/ikus060/rdiffweb 42 https://github.com/argoproj/argo-cd 42 https://github.com/concretecms/concretecms 41 https://github.com/grafana/grafana 41 https://github.com/phpmyadmin/phpmyadmin 38 https://github.com/star7th/showdoc 38 https://github.com/vyperlang/vyper 38 https://github.com/magento/magento2 38 https://github.com/plone/Products.CMFPlone 37 https://github.com/openstack/nova 37 https://github.com/x-stream/xstream 37 https://github.com/craftcms/cms 35 https://github.com/octobercms/october 35 https://github.com/mautic/mautic 35 https://github.com/saltstack/salt 34 https://github.com/answerdev/answer 34 https://github.com/rancher/rancher 34 https://github.com/dotnet/runtime 33 https://github.com/apache/activemq 33 https://github.com/go-gitea/gitea 32 https://github.com/opencv/opencv 32 https://github.com/sparklemotion/nokogiri 32 https://github.com/matrix-org/synapse 32 https://github.com/gradio-app/gradio 31 https://github.com/parse-community/parse-server 31 https://github.com/PaddlePaddle/Paddle 31 https://github.com/mlflow/mlflow 31 https://github.com/snipe/snipe-it 30 https://github.com/openstack/keystone 28 https://github.com/shopware/shopware 28 https://github.com/CVEProject/cvelist 28 https://github.com/directus/directus 27 https://github.com/apache/inlong 27 https://github.com/froxlor/froxlor 26 https://github.com/baserproject/basercms 26 https://github.com/cilium/cilium 26 https://github.com/contao/contao 25 https://github.com/umbraco/Umbraco-CMS 25 https://github.com/electron/electron 25 https://github.com/github/advisory-database 25 https://github.com/gogs/gogs 24 https://github.com/getgrav/grav 24 https://github.com/strapi/strapi 24 https://github.com/livehelperchat/livehelperchat 23 https://github.com/pmmp/PocketMine-MP 23 https://github.com/eclipse/jetty.project 23 https://github.com/firefly-iii/firefly-iii 23 https://github.com/apache/nifi 23 https://github.com/TYPO3/TYPO3.CMS 23 https://github.com/langchain-ai/langchain 22 https://github.com/netty/netty 22 https://github.com/nervosnetwork/ckb 22 https://github.com/PrestaShop/PrestaShop 22 https://github.com/hashicorp/consul 22 https://github.com/undertow-io/undertow 21 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/apache/cxf 21 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/moby/moby 20 https://github.com/OpenZeppelin/openzeppelin-contracts 20 https://github.com/bytecodealliance/wasmtime 20 https://github.com/traefik/traefik 20 https://github.com/funadmin/funadmin 20 https://github.com/OpenNMS/opennms 20 https://github.com/simplesamlphp/simplesamlphp 20 https://github.com/getkirby/kirby 19 https://github.com/bcgit/bc-java 19 https://github.com/cloudfoundry/uaa 19 https://github.com/nilsteampassnet/teampass 19 https://github.com/geoserver/geoserver 19 https://github.com/goharbor/harbor 19 https://github.com/zitadel/zitadel 19 https://github.com/rack/rack 18 https://github.com/rubygems/rubygems 18 https://github.com/nilsteampassnet/TeamPass 18 https://github.com/intelliants/subrion 18 https://github.com/helm/helm 18 https://github.com/opencast/opencast 17 https://github.com/liufee/cms 17 https://github.com/mindsdb/mindsdb 17 https://github.com/backstage/backstage 17 https://github.com/hashicorp/vault 17 https://github.com/vaadin/platform 17 https://github.com/OpenMage/magento-lts 16 https://github.com/ethereum/go-ethereum 16 https://github.com/sequelize/sequelize 16 https://github.com/pyload/pyload 16 https://github.com/surrealdb/surrealdb 16 https://github.com/forkcms/forkcms 16 https://github.com/etcd-io/etcd 16 https://github.com/TYPO3-CMS/core 16 https://github.com/tinymce/tinymce 16 https://github.com/ethyca/fides 16 https://github.com/mattermost/mattermost 16 https://github.com/yetiforcecompany/yetiforcecrm 16 https://github.com/rusqlite/rusqlite 16 https://github.com/laravel/framework 16 https://github.com/denoland/deno 16 https://github.com/apache/camel 15 https://github.com/puppetlabs/puppet 15 https://github.com/zendframework/zendframework 15 https://github.com/pyca/cryptography 15 https://github.com/cobbler/cobbler 15 https://github.com/centreon/centreon 15 https://github.com/dompdf/dompdf 15 https://github.com/decidim/decidim 15 https://github.com/vercel/next.js 15 https://github.com/hashicorp/nomad 15 https://github.com/drupal/core 15 https://github.com/vantage6/vantage6 15 https://github.com/PHPMailer/PHPMailer 15 https://github.com/aio-libs/aiohttp 14 https://github.com/rails/rails-html-sanitizer 14 https://github.com/janeczku/calibre-web 14 https://github.com/xuxueli/xxl-job 14 https://github.com/cockpit-hq/cockpit 14 https://github.com/golang/go 14 https://github.com/containerd/containerd 14 https://github.com/twisted/twisted 14 https://github.com/ckeditor/ckeditor4 14 https://github.com/dotnet/aspnetcore 14 https://github.com/apache/superset 13 https://github.com/modoboa/modoboa 13 https://github.com/publify/publify 13 https://github.com/thorsten/phpMyFAQ 13 https://github.com/OPCFoundation/UA-.NETStandard 13 https://github.com/apache/dolphinscheduler 13 https://github.com/laurent22/joplin 13 https://github.com/swagger-api/swagger-ui 13 https://github.com/dromara/hutool 13 https://github.com/TryGhost/Ghost 13 https://github.com/OpenRefine/OpenRefine 13 https://github.com/quarkusio/quarkus 13 https://github.com/nodejs/undici 13 https://github.com/ming-soft/MCMS 13 https://github.com/PHPOffice/PhpSpreadsheet 12 https://github.com/opencontainers/runc 12 https://github.com/1Panel-dev/1Panel 12 https://github.com/openfga/openfga 12 https://github.com/smarty-php/smarty 12 https://github.com/centreon/centreon-archived 12 https://github.com/wagtail/wagtail 12 https://github.com/patriksimek/vm2 12 https://github.com/apache/kylin 12 https://github.com/containers/podman 12 https://github.com/puma/puma 12 https://github.com/pimcore/admin-ui-classic-bundle 12 https://github.com/urllib3/urllib3 12 https://github.com/openstack/glance 12 https://github.com/onionshare/onionshare 11 https://github.com/Sylius/Sylius 11 https://github.com/vaadin/flow 11 https://github.com/yiisoft/yii2 11 https://github.com/getsentry/sentry 11 https://github.com/spring-projects/spring-security 11 https://github.com/Pylons/waitress 11 https://github.com/NodeBB/NodeBB 11 https://github.com/WWBN/AVideo 11 https://github.com/cri-o/cri-o 11 https://github.com/top-think/framework 11 https://github.com/zenml-io/zenml 11 https://github.com/matrix-org/matrix-js-sdk 11 https://github.com/ezsystems/ezpublish-kernel 11 https://github.com/owen2345/camaleon-cms 11 https://github.com/pomerium/pomerium 11 https://github.com/dolibarr/dolibarr 11 https://github.com/cloudflare/cfrpki 11 https://github.com/dpgaspar/Flask-AppBuilder 11 https://github.com/cakephp/cakephp 11 https://github.com/cosmos/cosmos-sdk 11 https://github.com/Studio-42/elFinder 11 https://github.com/nats-io/nats-server 11 https://github.com/scrapy/scrapy 11