Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories
Loading...
Moderate
Ecosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Published: 4 months ago
GSA_kwCzR0hTQS1nZjM0LWhoNXItZjc0aM4AAxkK
Cross-site Scripting in thorsten/phpmyfaqEcosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Published: 4 months ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps, org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Published: 8 months ago
GSA_kwCzR0hTQS0yN3JmLThtanAtcjM2M84AAvdY
Sandbox bypass vulnerabilities in Jenkins Script Security Plugin and in Pipeline: Groovy PluginEcosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps, org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Published: 8 months ago
Critical
Ecosystems: maven
Packages: com.bstek.ureport:ureport2-core
Source: GitHub Advisory Database
Published: 4 months ago
GSA_kwCzR0hTQS02ZmNqLTl2ZnctanEybc4AAxlu
Arbitrary file deletion in ureportEcosystems: maven
Packages: com.bstek.ureport:ureport2-core
Source: GitHub Advisory Database
Published: 4 months ago
Critical
Ecosystems: go
Packages: github.com/go-gitea/gitea
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS1qcnBnLTM1aHctbTRwOc0ptg
Capture-replay in GiteaEcosystems: go
Packages: github.com/go-gitea/gitea
Source: GitHub Advisory Database
Published: over 1 year ago
High
Ecosystems: pypi, go, maven, packagist, nuget
Packages: protobuf, github.com/protocolbuffers/protobuf, com.google.protobuf:protobuf-parent, google/protobuf, Google.Protobuf
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS03N3JtLTl4OWgteGozZ80mxQ
NULL Pointer Dereference in Protocol BuffersEcosystems: pypi, go, maven, packagist, nuget
Packages: protobuf, github.com/protocolbuffers/protobuf, com.google.protobuf:protobuf-parent, google/protobuf, Google.Protobuf
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.plugins:requests
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS13M2dtLXZ2NTgtd3I1Nc4AAo_l
Missing permission check in Jenkins requests-plugin Plugin allows sending emailsEcosystems: maven
Packages: org.jenkins-ci.plugins:requests
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
Ecosystems: maven
Packages: io.loader:loaderio-jenkins-plugin
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS13ZzJmLTlyZjctNDhnbc4AAv6P
Missing permission check in Jenkins loader.io Plugin allows enumerating credentials IDsEcosystems: maven
Packages: io.loader:loaderio-jenkins-plugin
Source: GitHub Advisory Database
Published: 7 months ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.plugins:delete-log-plugin
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS1qODc0LTQ3eHgtOXhmZ84AAv6K
Missing permission check in Jenkins Delete log PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:delete-log-plugin
Source: GitHub Advisory Database
Published: 7 months ago
Moderate
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY2aG0tODh4My1tZmp2
A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local hostEcosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS1teDJxLTM1bTIteDJyaM4AAy0V
OpenZeppelin Contracts TransparentUpgradeableProxy clashing selector calls may not be delegatedEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwZnEtcGg3ci1xdjZm
XStream is vulnerable to an Arbitrary Code Execution attackEcosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: packagist
Packages: feehi/feehicms
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS02dmg2LTcyZzYteHF4Ms4AAwXg
FeehiCMS Cross Site Scripting vulnerabilityEcosystems: packagist
Packages: feehi/feehicms
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: packagist
Packages: elgg/elgg
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS1nd3B4LXEyaDktd3hneM0YzA
elgg is vulnerable to Authorization Bypass Through User-Controlled KeyEcosystems: packagist
Packages: elgg/elgg
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
Ecosystems: packagist
Packages: feehi/feehicms
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1ncWdxLTc4NHEtdjl4cM4AAwXc
FeehiCMS Cross Site Scripting vulnerabilityEcosystems: packagist
Packages: feehi/feehicms
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: packagist
Packages: feehi/feehicms
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS04dmpwLWhmZ2gtNjhyas4AAwXa
FeehiCMS Cross Site Scripting vulnerabilityEcosystems: packagist
Packages: feehi/feehicms
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS02cHFtLXh2ZmMtdzdwNM0Yzg
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @easy-team/easywebpack-cli
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS0yNTJoLTJjbXEtcG1yNs4AAwXI
easywebpack-cli Path Traversal vulnerabilityEcosystems: npm
Packages: @easy-team/easywebpack-cli
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS12cmdoLTV3M2MtZ2dmOM0Y3g
showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
Ecosystems: pypi
Packages: ckan
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS02dzlwLTg4cWctcDNnM80YyA
Cross-site Scripting in CKANEcosystems: pypi
Packages: ckan
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS00Z3doLTJwcXgtZjVjY80Ywg
Cross-site Scripting in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: com.anrisoftware.globalpom:globalpomutils
Source: GitHub Advisory Database
Published: 5 months ago
GSA_kwCzR0hTQS1qanZwLXdmcDgtcnY2Oc4AAwyg
globalpom-utils has Insecure Temporary FileEcosystems: maven
Packages: com.anrisoftware.globalpom:globalpomutils
Source: GitHub Advisory Database
Published: 5 months ago
Moderate
Ecosystems: packagist
Packages: feehi/feehicms
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1wd2gzLTNwY20tNnZqaM4AAwXN
FeehiCMS vulnerable to Cross Site ScriptingEcosystems: packagist
Packages: feehi/feehicms
Source: GitHub Advisory Database
Published: 6 months ago
Critical
Ecosystems: npm
Packages: replicator
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1odzQ2LXZnNnctODhmas4AAwXM
replicator vulnerable to Deserialization of Untrusted DataEcosystems: npm
Packages: replicator
Source: GitHub Advisory Database
Published: 6 months ago
Low
Ecosystems: go
Packages: helm.sh/helm/v3/pkg/plugin, helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01NHItdnJtdi1odzMz
Improper Sanitizing of plugin names in helmEcosystems: go
Packages: helm.sh/helm/v3/pkg/plugin, helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.springframework:spring-webflux, org.springframework:spring-webmvc
Source: GitHub Advisory Database
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh3eDItOXE0OC12bTly
RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux ApplicationEcosystems: maven
Packages: org.springframework:spring-webflux, org.springframework:spring-webmvc
Source: GitHub Advisory Database
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: org.springframework:spring-webflux, org.springframework:spring-webmvc, org.springframework:spring-beans, org.springframework.boot:spring-boot-starter-webflux, org.springframework.boot:spring-boot-starter-web
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS0zNnAzLXdqbWctaDk0eM03aQ
Remote Code Execution in Spring FrameworkEcosystems: maven
Packages: org.springframework:spring-webflux, org.springframework:spring-webmvc, org.springframework:spring-beans, org.springframework.boot:spring-boot-starter-webflux, org.springframework.boot:spring-boot-starter-web
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: roots/soil
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1qdzZ4LTRoOGgtNTY5eM4AAwXU
Roots Soil plugin vulnerable to Cross-site ScriptingEcosystems: packagist
Packages: roots/soil
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: @web3-react/walletconnect, @web3-react/metamask, @web3-react/eip1193, @web3-react/coinbase-wallet
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS04cGYzLTZmZ3ItM2czZ84AAy3P
`chainId` may be outdated if user changes chains as part of connection in @web3-reactEcosystems: npm
Packages: @web3-react/walletconnect, @web3-react/metamask, @web3-react/eip1193, @web3-react/coinbase-wallet
Source: GitHub Advisory Database
Published: about 2 months ago
Low
Ecosystems: go
Packages: helm.sh/helm/v3/pkg/plugin, helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1MmYtcHE0Ny0ycjlq
plugin.yaml file allows for duplicate entries in helmEcosystems: go
Packages: helm.sh/helm/v3/pkg/plugin, helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJwM3gtcXc5Yy0yNWho
XStream can cause a Denial of Service.Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: maven
Packages: io.jenkins.plugins:cavisson-ns-nd-integration
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS0zdndtLWZjODctbXE2aM4AAv6W
SSL/TLS certificate validation globally and unconditionally disabled by Jenkins NS-ND Integration Performance Publisher PluginEcosystems: maven
Packages: io.jenkins.plugins:cavisson-ns-nd-integration
Source: GitHub Advisory Database
Published: 7 months ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.plugins:support-core
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS13MmozLXBxNjMtMzM5d84AAv6T
Incorrect permission checks in Jenkins Support Core PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:support-core
Source: GitHub Advisory Database
Published: 7 months ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.plugins:p4
Source: GitHub Advisory Database
Published: almost 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2cXYtZjVnZi04Z2Nm
Missing Authorization in Jenkins P4 pluginEcosystems: maven
Packages: org.jenkins-ci.plugins:p4
Source: GitHub Advisory Database
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1nNTk0LTU1bXAtZjZxOM4AAwRe
Improper Privilege Management in rdiffwebEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB3cHItdnAydi05OXh3
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: go
Packages: github.com/russellhaering/goxmldsig
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE1NDctZ21mOC04anI3
Signature Validation Bypass in goxmldsigEcosystems: go
Packages: github.com/russellhaering/goxmldsig
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: packagist
Packages: slim/psr7
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS1xMnFqLTYyOGctdmhmd84AAy3N
Insecure header validation in slim/psr7Ecosystems: packagist
Packages: slim/psr7
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
Ecosystems: packagist
Packages: directmailteam/direct-mail
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVnbTYtcjc5cS1oZmd3
Denial of service in direct_mailEcosystems: packagist
Packages: directmailteam/direct-mail
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: packagist
Packages: directmailteam/direct-mail
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk1Mm0tbTgzYy0zeG02
Open redirect in direct_mailEcosystems: packagist
Packages: directmailteam/direct-mail
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: go
Packages: github.com/ory/fosite
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdyZnAtcTJtbS1oZnA2
Redirect URL matching ignores character casingEcosystems: go
Packages: github.com/ory/fosite
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:git
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS1nZ2hjLWc4Y2otNHZmds4AAqOV
Stored XSS vulnerability in Jenkins Git PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:git
Source: GitHub Advisory Database
Published: about 1 year ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:urltrigger
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS0zNGo1LWM0Y3YtbW1nNc4AAolr
XXE vulnerability in Jenkins URLTrigger PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:urltrigger
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
Ecosystems: go
Packages: github.com/docker/docker
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS0zM3BnLW02amgtNTIzN84AAyiu
Docker Swarm encrypted overlay network traffic may be unencryptedEcosystems: go
Packages: github.com/docker/docker
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: go
Packages: github.com/ory/fosite
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmcTMtdzU0Yy1mOXE1
OAuth2 Redirect URL validity does not respect query parameters and character casing for loopback addressesEcosystems: go
Packages: github.com/ory/fosite
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dependency-track
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS12N3hoLWg0OGMteHc1Zs4AAn-O
CSRF vulnerability and in Jenkins OWASP Dependency-Track Plugin allow capturing credentialsEcosystems: maven
Packages: org.jenkins-ci.plugins:dependency-track
Source: GitHub Advisory Database
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:jabber
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS03OXI1LXJocnctN3B2aM4AAn-C
Passwords stored in plain text by Jenkins Jabber (XMPP) notifier and control PluginEcosystems: maven
Packages: org.jvnet.hudson.plugins:jabber
Source: GitHub Advisory Database
Published: about 1 year ago
High
Ecosystems: maven
Packages: com.softwaremill.akka-http-session:core_2.12
Source: GitHub Advisory Database
Published: over 1 year ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRqZjUtamdncC1nNTZq
Cross-Site Request Forgery in com.softwaremill.akka-http-session:core_2.12Ecosystems: maven
Packages: com.softwaremill.akka-http-session:core_2.12
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
Ecosystems: go
Packages: github.com/docker/docker
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS02d3JmLW14ZmotcGY1cM4AAyit
Docker Swarm encrypted overlay network with a single endpoint is unauthenticatedEcosystems: go
Packages: github.com/docker/docker
Source: GitHub Advisory Database
Published: 2 months ago
Moderate
Ecosystems: go
Packages: github.com/containerd/containerd/cmd, github.com/containerd/containerd
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM2eHctZng3OC1jNXI0
containerd-shim API Exposed to Host Network ContainersEcosystems: go
Packages: github.com/containerd/containerd/cmd, github.com/containerd/containerd
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBweGMtcG14OS1xanY5
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.biouno:uno-choice
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS1ycDR4LWg1NzctY2h2cc4AAqqb
Stored XSS vulnerability in Jenkins Active Choices PluginEcosystems: maven
Packages: org.biouno:uno-choice
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS01dnI2LWhtNjgtNWo5cM0YwQ
Cross-site Scripting in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: iniparserjs
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJmNmctdzVnai1jOTNo
Prototype Pollution in iniparserjsEcosystems: npm
Packages: iniparserjs
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: go
Packages: ktbs.dev/teler/pkg/errors
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpoajYtNW1oNi00cHZm
Denial-of-Service within Docker containerEcosystems: go
Packages: ktbs.dev/teler/pkg/errors
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN3cDktOTU2Zi12Y3do
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:squashtm-publisher-plugin
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS1oNjQ4LWdqMzQtNXg0cs4AAqqG
Agent-to-controller security bypass in Jenkins Squash TM Publisher (Squash4Jenkins) Plugin allows writing arbitrary filesEcosystems: maven
Packages: org.jenkins-ci.plugins:squashtm-publisher-plugin
Source: GitHub Advisory Database
Published: about 1 year ago
High
Ecosystems: maven
Packages: io.jenkins.plugins:code-coverage-api
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS01OHByLWhwcngtN2hnNs4AApuG
RCE vulnerability in Jenkins Code Coverage API PluginEcosystems: maven
Packages: io.jenkins.plugins:code-coverage-api
Source: GitHub Advisory Database
Published: about 1 year ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:jacoco
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS14ajI5LWdmd3ctajY3Z84AAygB
Jenkins JaCoCo Plugin vulnerable to Stored Cross-site ScriptingEcosystems: maven
Packages: org.jenkins-ci.plugins:jacoco
Source: GitHub Advisory Database
Published: 2 months ago
High
Ecosystems: npm
Packages: decal
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwNzctZnFxcC03OWo4
Prototype Pollution in decalEcosystems: npm
Packages: decal
Source: GitHub Advisory Database
Published: about 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cons3rt
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS1mbXE5LXI0cDItODI3Ms4AAu-R
API token stored in plain text by Jenkins CONS3RT PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:cons3rt
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.plugins:icescrum
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS1yeHZ4LTl3ZzUtcXB3d84AAiYz
Jenkins iceScrum Plugin vulnerable to Cross-site Request ForgeryEcosystems: maven
Packages: org.jenkins-ci.plugins:icescrum
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: oro/crm
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS12ZjdoLTYyNDYtaG00M80XYQ
The disqualify lead action may be executed without CSRF token checkEcosystems: packagist
Packages: oro/crm
Source: GitHub Advisory Database
Published: over 1 year ago
High
Ecosystems: maven
Packages: org.mortbay.jetty:jetty-webapp, org.eclipse.jetty:jetty-webapp
Source: GitHub Advisory Database
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWczd2ctNm1jZi04amo2
Local Temp Directory Hijacking VulnerabilityEcosystems: maven
Packages: org.mortbay.jetty:jetty-webapp, org.eclipse.jetty:jetty-webapp
Source: GitHub Advisory Database
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:junit
Source: GitHub Advisory Database
Published: 12 months ago
GSA_kwCzR0hTQS02NG1qLTNwOTItNTg5ds4AAs7p
Cross-site Scripting in Jenkins JUnit PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:junit
Source: GitHub Advisory Database
Published: 12 months ago
High
Ecosystems: go
Packages: github.com/MichaelMure/git-bug/repository, github.com/MichaelMure/git-bug
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW04OTgtaDRwbS1wcWZy
Arbitrary code execution due to an uncontrolled search path for the git binaryEcosystems: go
Packages: github.com/MichaelMure/git-bug/repository, github.com/MichaelMure/git-bug
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJyZmotMm13cC03ODd2
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: go
Packages: helm.sh/helm/v3
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS01M2M0LWhobWgtdnc1cc4AAwWx
Helm vulnerable to denial of service through through repository index fileEcosystems: go
Packages: helm.sh/helm/v3
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1OGMtZzJmZi05NDQ0
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: npm
Packages: decal
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozMngtajhwai1wZzJo
Prototype Pollution in decalEcosystems: npm
Packages: decal
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.WindowsDesktop.App.Runtime.win-x64
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS05cWNtLWZxajktOTNtNM4AAwU2
.NET Framework Remote Code Execution Vulnerability.Ecosystems: nuget
Packages: Microsoft.WindowsDesktop.App.Runtime.win-x64
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: http-proxy-agent
Source: GitHub Advisory Database
Published: over 1 year ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2d2YtNDM2bS1oNDI0
Resource Exhaustion Denial of Service in http-proxy-agentEcosystems: npm
Packages: http-proxy-agent
Source: GitHub Advisory Database
Published: over 1 year ago
High
Ecosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA0M3ctZzNjNS1nNW1x
Out of bounds read in PillowEcosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkinsci.plugins:octoperf
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS1qOWg0LXA2cDctODY1Ms4AAygL
Jenkins OctoPerf Load Testing Plugin vulnerable to credential captureEcosystems: maven
Packages: org.jenkinsci.plugins:octoperf
Source: GitHub Advisory Database
Published: 2 months ago
High
Ecosystems: npm
Packages: @strapi/plugin-users-permissions
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS14djNxLWpybW0tNGZ4ds4AAy3O
Authentication Bypass in @strapi/plugin-users-permissionsEcosystems: npm
Packages: @strapi/plugin-users-permissions
Source: GitHub Advisory Database
Published: about 2 months ago
High
Ecosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh4anEtOGZjZy1nNWh3
Out-of-bounds Write in PillowEcosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: maven
Packages: com.xebialabs.deployit.ci:deployit-plugin
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS1oMjQ2LWczOXgtN3ZteM4AArAu
Missing permission check in Jenkins XebiaLabs XL Deploy Plugin allows enumerating credentials IDsEcosystems: maven
Packages: com.xebialabs.deployit.ci:deployit-plugin
Source: GitHub Advisory Database
Published: about 1 year ago
High
Ecosystems: maven
Packages: com.xebialabs.deployit.ci:deployit-plugin
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS02bXBwLWNtM3YtMjN2ds4AAoy5
Missing permission check in Jenkins XebiaLabs XL Deploy Plugin allows capturing credentialsEcosystems: maven
Packages: com.xebialabs.deployit.ci:deployit-plugin
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
Ecosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTloeDItaGdxMi0yZzRm
Regular Expression Denial of Service (ReDoS) in PillowEcosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.flink:flink-core
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZnODgtOTl3ai04bWdn
Command injection in Apache FlinkEcosystems: maven
Packages: org.apache.flink:flink-core
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: pypi
Packages: pyRdfa3
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS04OTRxLXdwZzUtbWYyaM4AAwO_
pyRdfa3 Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: pyRdfa3
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS05N2c4LXhmdnctcTRoZ84AAwUZ
Keycloak vulnerable to session takeover with OIDC offline refreshtokensEcosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.plugins:electricflow
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS03cng2LTR2d3YtNDMyZ84AAoNz
Missing permission check in CloudBees CD Plugin allows scheduling buildsEcosystems: maven
Packages: org.jenkins-ci.plugins:electricflow
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
Ecosystems: go
Packages: github.com/csaf-poc/csaf_distribution
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS14eGZ4LXcycnctZ2g2M84AAwVh
csaf-poc/csaf_distribution Cross-site Scripting vulnerabilityEcosystems: go
Packages: github.com/csaf-poc/csaf_distribution
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: maven
Packages: org.eclipse.californium:californium-core
Source: GitHub Advisory Database
Published: 10 months ago
GSA_kwCzR0hTQS1xcTNqLTQ0Z3ctY2Y2cs4AAtvo
Eclipse Californium denial of service (DoS) via Datagram Transport Layer Security (DTLS) handshake on parameter mismatchEcosystems: maven
Packages: org.eclipse.californium:californium-core
Source: GitHub Advisory Database
Published: 10 months ago
Low
Ecosystems: maven
Packages: org.wildfly:wildfly-parent
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYyd3gtamo2Ni0yaHA3
Cross-site Scripting in WildflyEcosystems: maven
Packages: org.wildfly:wildfly-parent
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.cxf:cxf-core
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS0zdzM3LTVwM3AtanY5Ms4AAwSK
Apache CXF vulnerable to Exposure of Sensitive InformationEcosystems: maven
Packages: org.apache.cxf:cxf-core
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: maven
Packages: cn.hutool:hutool-json
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS13aGdoLWcyNGMtM2o1cc4AAwSQ
hutool-json stack overflow vulnerabilityEcosystems: maven
Packages: cn.hutool:hutool-json
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:config-file-provider
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS1xN3hnLWhoM3EtaGM2OM4AAoNx
XML External Entity Reference vulnerability in Jenkins Config File Provider PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:config-file-provider
Source: GitHub Advisory Database
Published: about 1 year ago
Low
Ecosystems: maven
Packages: cn.hutool:hutool-json
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1meHJjLWhnNmotNnYzeM4AAwSH
hutool-json vulnerable to memory exhaustionEcosystems: maven
Packages: cn.hutool:hutool-json
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: maven
Packages: org.opennms:opennms
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWptdjQtNzN2Mi1wdmdj
Cross-site Scripting in OpenNMS HorizonEcosystems: maven
Packages: org.opennms:opennms
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.apache.james:javax-mail-extension
Source: GitHub Advisory Database
Published: 2 months ago
GSA_kwCzR0hTQS13N3I2LXY0ajctaDk0d84AAygm
Apache James server's JMX management service vulnerable to privilege escalation by local userEcosystems: maven
Packages: org.apache.james:javax-mail-extension
Source: GitHub Advisory Database
Published: 2 months ago
High
Ecosystems: npm
Packages: port-killer
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI1NDgtcTc0Ni14NXg2
Code injection in port-killerEcosystems: npm
Packages: port-killer
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: maven
Packages: org.jenkins-ci.plugins:promoted-builds
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS01Y3h3LTh2NjUtNzZ2Zs4AAoE1
CSRF vulnerability in Jenkins promoted builds PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:promoted-builds
Source: GitHub Advisory Database
Published: about 1 year ago
High
Ecosystems: maven
Packages: io.jenkins.plugins:artifact-repository-parameter
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS1nYzg3LXF3bXYtN3g5eM4AAnqT
Stored XSS vulnerability in Jenkins Artifact Repository Parameter PluginEcosystems: maven
Packages: io.jenkins.plugins:artifact-repository-parameter
Source: GitHub Advisory Database
Published: about 1 year ago
High
Ecosystems: maven
Packages: org.opennms:opennms
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJycTUtNjhobS1oNGo4
Cross-Site Request Forgery in OpenNMS HorizonEcosystems: maven
Packages: org.opennms:opennms
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.biouno:uno-choice
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS00ZjZ4LWc1dmgtOGptNc4AAnpw
Stored XSS vulnerability in Jenkins Active Choices PluginEcosystems: maven
Packages: org.biouno:uno-choice
Source: GitHub Advisory Database
Published: about 1 year ago
High
Ecosystems: maven
Packages: io.jenkins.plugins:tics
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS14bXc1LTQ1djktcHhxeM4AAnOd
XSS vulnerability in Jenkins TICS PluginEcosystems: maven
Packages: io.jenkins.plugins:tics
Source: GitHub Advisory Database
Published: about 1 year ago
Low
Ecosystems: maven
Packages: de.tracetronic.jenkins.plugins:ecutest
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS1xdmpyLXg4ZnctaGdods4AAnOn
Credentials stored in plain text by Jenkins TraceTronic ECU-TEST PluginEcosystems: maven
Packages: de.tracetronic.jenkins.plugins:ecutest
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNjcnItOXZtZy04NjR2
Improper Input Validation in Active RecordEcosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 5 years ago
High
Ecosystems: rubygems
Packages: thumbshooter
Source: GitHub Advisory Database
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmcWotY2c3OS1mMnB2
Thumbshooter vulnerable to Code InjectionEcosystems: rubygems
Packages: thumbshooter
Source: GitHub Advisory Database
Published: over 5 years ago
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
433
tensorflow-cpu
387
tensorflow-gpu
384
org.jenkins-ci.main:jenkins-core
163
pimcore/pimcore
100
org.apache.tomcat:tomcat
78
microweber/microweber
75
com.fasterxml.jackson.core:jackson-databind
69
Microsoft.ChakraCore
67
actionpack
57
github.com/usememos/memos
55
thorsten/phpmyfaq
54
moodle/moodle
53
apache-airflow
45
ansible
44
org.apache.struts:struts2-core
43
django
42
shopware/platform
41
rdiffweb
40
typo3/cms-core
39
Pillow
39
org.keycloak:keycloak-core
39
com.thoughtworks.xstream:xstream
37
showdoc/showdoc
36
shopware/core
32
librenms/librenms
31
opencv-contrib-python
30
opencv-python
30
snipe/snipe-it
29
github.com/answerdev/answer
29
nokogiri
28
org.apache.nifi:nifi
28
concrete5/concrete5
27
org.springframework:spring-core
27
io.undertow:undertow-core
26
Plone
26
openssl-src
26
matrix-synapse
25
com.liferay.portal:release.portal.bom
25
rubygems-update
25
net.mingsoft:ms-mcms
25
activerecord
24
craftcms/cms
24
parse-server
24
org.elasticsearch:elasticsearch
23
dolibarr/dolibarr
22
org.xwiki.platform:xwiki-platform-oldcore
22
apache-superset
22
org.apache.tomcat.embed:tomcat-embed-core
22
remdex/livehelperchat
22
gogs.io/gogs
22
org.jenkins-ci.plugins:script-security
21
org.apache.solr:solr-core
21
org.springframework.security:spring-security-core
21
org.eclipse.jetty:jetty-server
21
rack
20
org.apache.openmeetings:openmeetings-parent
20
typo3/cms
19
electron
19
froxlor/froxlor
19
github.com/argoproj/argo-cd
19
com.vaadin:vaadin-bom
19
github.com/hashicorp/nomad
18
org.keycloak:keycloak-parent
18
mautic/core
18
shopware/shopware
18
pocketmine/pocketmine-mp
18
silverstripe/framework
18
baserproject/basercms
17
org.bouncycastle:bcprov-jdk14
17
sequelize
17
cakephp/cakephp
17
org.apache.activemq:activemq-client
17
@openzeppelin/contracts-upgradeable
16
marked
16
org.bouncycastle:bcprov-jdk15
16
org.apache.geode:geode-core
16
yetiforce/yetiforce-crm
16
vyper
16
drupal/core
16
rusqlite
16
@openzeppelin/contracts
15
grumpydictator/firefly-iii
15
Django
15
github.com/ethereum/go-ethereum
15
org.apache.jspwiki:jspwiki-main
15
francoisjacquet/rosariosis
15
nilsteampassnet/teampass
15
org.apache.cxf:cxf
14
swagger-ui
14
github.com/rancher/rancher
14
symfony/symfony
14
strapi
14
org.apache.dubbo:dubbo
14
wasmtime
13
helm.sh/helm/v3
13
tribalsystems/zenario
13
notebook
13
Microsoft.AspNetCore.App.Runtime.linux-x64
13
Microsoft.AspNetCore.App.Runtime.osx-x64
13
puppet
13
Microsoft.AspNetCore.App.Runtime.win-arm
13
Microsoft.AspNetCore.App.Runtime.win-x64
13
Microsoft.AspNetCore.App.Runtime.win-x86
13
Microsoft.AspNetCore.App.Runtime.linux-arm64
13
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
13
Microsoft.AspNetCore.App.Runtime.linux-arm
13
handlebars
13
github.com/hashicorp/vault
13
k8s.io/kubernetes
13
publify_core
13
pyftpdlib
13
nova
13
github.com/goharbor/harbor
13
github.com/argoproj/argo-cd/v2
12
github.com/docker/docker
12
rails-html-sanitizer
12
ezsystems/ezpublish-kernel
12
golang.org/x/net
12
phpmailer/phpmailer
12
github.com/hashicorp/consul
12
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
12
ckb
12
getkirby/cms
12
forkcms/forkcms
12
openmage/magento-lts
12
next
12
actionview
12
activesupport
12
rails
12
getgrav/grav
12
org.apache.tika:tika-core
12
onionshare-cli
11
org.jenkins-ci.plugins.workflow:workflow-cps
11
feehi/feehicms
11
org.jenkins-ci.plugins:git
11
github.com/containerd/containerd
11
org.apache.cxf:cxf-core
11
org.apache.hadoop:hadoop-common
11
org.apache.hadoop:hadoop-main
11
github.com/opencontainers/runc
11
intelliants/subrion
11
modoboa
11
fat_free_crm
11
calibreweb
11
org.apache.jspwiki:jspwiki-war
11
github.com/mattermost/mattermost-server/v6
11
DotNetNuke.Core
11
prestashop/prestashop
10
github.com/cilium/cilium
10
org.apache.camel:camel-core
10
vm2
10
ghost
10
com.vaadin:flow-server
10
Microsoft.AspNetCore.App.Runtime.win-arm64
10
Microsoft.NETCore.App
10
Microsoft.AspNetCore.All
10
twisted
10
org.xwiki.platform:xwiki-platform-web
10
contao/core-bundle
10
angular
10
ckeditor4
10
october/system
10
tinymce
10
org.apache.ranger:ranger
10
org.xwiki.platform:xwiki-platform-web-templates
9
opencv-contrib-python-headless
9
opencv-python-headless
9
centreon/centreon
9
org.apache.xmlgraphics:batik
9
io.jenkins:configuration-as-code
9
code.gitea.io/gitea
9
org.apache.hive:hive
9
directus
9
concrete5/core
9
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
9
passenger
9
jquery
9
waitress
9
kevinpapst/kimai2
9
cobbler
9
puma
9
validator
9
github.com/grafana/grafana
9
serve
9
org.jenkins-ci.plugins:email-ext
8
ssddanbrown/bookstack
8
ezsystems/ezplatform-kernel
8
funadmin/funadmin
8
github.com/traefik/traefik/v2
8
kiwitcms
8
org.apache.tapestry:tapestry-core
8
Microsoft.AspNetCore.App.Runtime.linux-musl-arm
8
Microsoft.AspNetCore.App
8
OctoPrint
8
alextselegidis/easyappointments
8
codeigniter4/framework
8
nodebb
8
url-parse
8
matrix-js-sdk
8
urijs
8
steal
8
topthink/framework
8
jquery-ui
8
deno
8
pyload-ng
8
sylius/sylius
8
org.apache.shiro:shiro-core
8
org.apache.poi:poi
8
org.apache.tika:tika
8
next-auth
8
org.yaml:snakeyaml
8
org.apache.commons:commons-compress
8
github.com/kubeedge/kubeedge
8
npm
8
org.apache.karaf:apache-karaf
8
mysql:mysql-connector-java
8
wwbn/avideo
8
org.jboss.resteasy:resteasy-client
8
org.apache.pdfbox:pdfbox
8
elefant/cms
8
facturascripts/facturascripts
8
impresscms/impresscms
8
org.keycloak:keycloak-services
8
org.apache.hive:hive-exec
8
node-forge
8
glance
8
github.com/nats-io/nats-server/v2
8
org.apache.kylin:kylin
8
org.apache.ozone:ozone-main
8
editor.md
8
github.com/pomerium/pomerium
8
wagtail
8
keystone
8
cryptography
8
org.apache.zeppelin:zeppelin
7
Flask-AppBuilder
7
org.springframework:spring-webmvc
7
com.xuxueli:xxl-job
7
org.apache.archiva:archiva
7
github.com/go-gitea/gitea
7
io.jenkins.plugins:cavisson-ns-nd-integration
7
org.opennms:opennms
7
Microsoft.NETCore.App.Runtime.linux-arm64
7
org.jenkins-ci.plugins:subversion
7
tar
7
github.com/cri-o/cri-o
7
github.com/mattermost/mattermost-server
7
total.js
7
org.igniterealtime.openfire:parent
7
pillow
7
systeminformation
7
october/cms
7
feehi/cms
7
org.apache.atlas:atlas-common
7
org.apache.santuario:xmlsec
7
org.craftercms:crafter-studio
7
jsrsasign
7
Microsoft.NETCore.App.Runtime.linux-musl-arm64
7
org.jruby:jruby-stdlib
7
io.jenkins.blueocean:blueocean
7
Microsoft.NETCore.App.Runtime.linux-musl-x64
7
Microsoft.NETCore.App.Runtime.linux-x64
7
Microsoft.NETCore.App.Runtime.win-x64
7
Microsoft.NETCore.App.Runtime.win-x86
7
Microsoft.NETCore.App.Runtime.osx-x64
7
Microsoft.NETCore.App.Runtime.win-arm64
7
Microsoft.NETCore.App.Runtime.win-arm
7
Microsoft.NETCore.App.Runtime.linux-arm
7
org.postgresql:postgresql
7
org.apache.logging.log4j:log4j-core
7
pysaml2
7
com.jflyfox:jflyfox_jfinal
7
golang.org/x/crypto
7
laravel/framework
7
OPCFoundation.NetStandard.Opc.Ua.Core
7
october/backend
7
numpy
7
keystone
7
snyk-broker
7
hapi
7
org.apache.httpcomponents:httpclient
7
org.apache.druid:druid
7
bootstrap
7
urllib3
7
hermes-engine
7
hyper
7
org.apache.spark:spark-core_2.11
7
smarty/smarty
7
org.apache.cxf:apache-cxf
7
jQuery
7
mlflow
7
wallabag/wallabag
7
undici
7
lodash
7
org.apache.james:james-server
7
org.jeecgframework.boot:jeecg-boot-base
7
github.com/google/fscrypt
7
io.atomix:atomix
7
org.apache.hive:hive-service
7