Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Moderate
Ecosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
GSA_kwCzR0hTQS1ncHFxLTk1MnEtNTMyN80Wtg
XSS in the `of` option of the `.position()` util in jquery-uiEcosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: striptags
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF4ZzUtMnFmZi1wNDly
Passing in a non-string 'html' argument can lead to unsanitized outputEcosystems: npm
Packages: striptags
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: almost 3 years ago
Moderate
Ecosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: over 2 years ago
GSA_kwCzR0hTQS01aDlnLXg1cnYtMjV3Z80WrQ
Cross-site scripting vulnerability in TinyMCEEcosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: over 2 years ago
GSA_kwCzR0hTQS1tcGptLXY5OTctYzRoNM0WiQ
Electron's sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage APIEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: x-data-spreadsheet
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: over 1 year ago
GSA_kwCzR0hTQS14NWN3LTg0M2YtcjM2Ns4AAujc
x-data-spreadsheet through 1.1.9 vulnerable to Cross-site ScriptingEcosystems: npm
Packages: x-data-spreadsheet
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @ckeditor/ckeditor5-link
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd2cHgtOTQ1OS13M21q
Cross-Site Scripting in @ckeditor/ckeditor5-linkEcosystems: npm
Packages: @ckeditor/ckeditor5-link
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: jsoneditor
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: over 2 years ago
GSA_kwCzR0hTQS1oaGZnLTZoZmMtcnZ4bc0WBg
Regular Expression Denial of Service in jsoneditorEcosystems: npm
Packages: jsoneditor
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: html-janitor
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4NDYtd2hyai03M3Y1
Bypassing Sanitization using DOM clobbering in html-janitorEcosystems: npm
Packages: html-janitor
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgzZzMtMzM0Zi1xNmg0
Pandao editor.md vulnerable to DOM XSSEcosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: simplemde
Source: GitHub Advisory Database
Blast Radius: 21.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdnODUtcDZqNy1ncDN3
SimpleMDE XSS VulnerabilityEcosystems: npm
Packages: simplemde
Source: GitHub Advisory Database
Blast Radius: 21.3
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: expo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1yd3g5LXdxajgtdnI3N84AAluo
Expo on iOS is insecure due incorrect security attribute applicationEcosystems: npm
Packages: expo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: @github/paste-markdown
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdwZmotNGo2Zy1jNHc5
Clipboard-based DOM-XSSEcosystems: npm
Packages: @github/paste-markdown
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: path-parse
Source: GitHub Advisory Database
Blast Radius: 33.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhqNDgtNDJ2ci14M3Y5
Regular Expression Denial of Service in path-parseEcosystems: npm
Packages: path-parse
Source: GitHub Advisory Database
Blast Radius: 33.3
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: over 1 year ago
GSA_kwCzR0hTQS1mNzcyLTY2ZzgtcTVoM84AAuFo
Nodejs ‘undici’ vulnerable to CRLF Injection via Content-TypeEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @actions/core
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 1 year ago
GSA_kwCzR0hTQS03cjNoLW01ajYtM3E0Ms4AAuFm
@actions/core has Delimiter Injection Vulnerability in exportVariableEcosystems: npm
Packages: @actions/core
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: apollo-server-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS0yZnZ2LXF4cnEtN2pxNs4AAuFi
apollo-server-core vulnerable to URL-based XSS attack affecting IE11 on default landing pageEcosystems: npm
Packages: apollo-server-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: phin
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 1 month ago
GSA_kwCzR0hTQS14NTY1LTMycXAtbTN2Zs4AA67m
phin may include sensitive headers in subsequent requests after redirectEcosystems: npm
Packages: phin
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 1 month ago
Moderate
Ecosystems: npm
Packages: mermaid
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRmNngtNDlnMi05OWZt
Cross-site Scripting in MermaidEcosystems: npm
Packages: mermaid
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: summernote
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 1 month ago
GSA_kwCzR0hTQS00d2gzLTN3ZjItMzltOc4AA66A
Summernote vulnerable to cross-site scriptingEcosystems: npm
Packages: summernote
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 1 month ago
Moderate
Ecosystems: npm
Packages: renovate
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY3eDMtN2h3Ny1wY2pn
Renovate vulnerable to leakage of temporary repository tokens into Pull Request commentsEcosystems: npm
Packages: renovate
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: @ckeditor/ckeditor5-html-embed, @ckeditor/ckeditor5-html-support, @ckeditor/ckeditor5-markdown-gfm
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: almost 2 years ago
GSA_kwCzR0hTQS00MndxLXJjaDgtNmY2as4AAt2p
CKEditor5 cross-site scripting vulnerability caused by the editor instance destroying processEcosystems: npm
Packages: @ckeditor/ckeditor5-html-embed, @ckeditor/ckeditor5-html-support, @ckeditor/ckeditor5-markdown-gfm
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: @strapi/strapi
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00dm04LWo5NWYtajZ2Nc4AAtYF
Strapi 4.1.12 Cross-site Scripting via crafted fileEcosystems: npm
Packages: @strapi/strapi
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: sds
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN4bTMtMjg0cC1xYzR2
Prototype Pollution in sdsEcosystems: npm
Packages: sds
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: yargs-parser
Source: GitHub Advisory Database
Blast Radius: 35.2
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5cGMtMjk5cC12eGdw
yargs-parser Vulnerable to Prototype PollutionEcosystems: npm
Packages: yargs-parser
Source: GitHub Advisory Database
Blast Radius: 35.2
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: almost 2 years ago
GSA_kwCzR0hTQS0zY3ZyLTgyMnItcnFjY84AAtkH
undici before v5.8.0 vulnerable to CRLF injection in request headersEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: vmd
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBmcjMtODdxMy02NXJj
Cross-site Scripting in vmdEcosystems: npm
Packages: vmd
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: ajv
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY4OGctY2dtdy12NXh3
Prototype Pollution in AjvEcosystems: npm
Packages: ajv
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: kill-by-port
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tNGYtNDdjaC1mN2h4
Arbitrary code execution in kill-by-portEcosystems: npm
Packages: kill-by-port
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: @thi.ng/egf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJqNDQtZ3BqYy0yOXI3
[thi.ng/egf] Potential arbitrary code execution of `#gpg`-tagged property valuesEcosystems: npm
Packages: @thi.ng/egf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: netmask
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBjaDUtd2hnOS1xcjJy
netmask npm package mishandles octal input dataEcosystems: npm
Packages: netmask
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: strapi-admin
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzZnAtZm1ydi1mNXB4
Uncontrolled Resource Consumption in strapiEcosystems: npm
Packages: strapi-admin
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: angular-http-server
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRydmctOTU1dy1oNjhx
Path Traversal in angular-http-serverEcosystems: npm
Packages: angular-http-server
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: es6-crawler-detect
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp4ZzYtZmh3Yy05djlj
Regular Expression Denial of Service (ReDoS) in es6-crawler-detectEcosystems: npm
Packages: es6-crawler-detect
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: react-dev-utils
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVxNm0tM2g2NS13NTN4
react-dev-utils OS Command Injection in function `getProcessForPort`Ecosystems: npm
Packages: react-dev-utils
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: botframework-connector
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ2Y2otaHZmdy03ZjJ2
botframework-connector vulnerable to Improper AuthenticationEcosystems: npm
Packages: botframework-connector
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: @solid/identity-token-verifier
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhtaDktcmc2Zi1qM21y
Verification flaw in Solid identity-token-verifierEcosystems: npm
Packages: @solid/identity-token-verifier
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: @progfay/scrapbox-parser
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlmaHctcjQycC01Yzdy
Regular expression Denial of Service in @progfay/scrapbox-parserEcosystems: npm
Packages: @progfay/scrapbox-parser
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: rsshub
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1qdnh4LXY0NXAtdjV2Zs4AAs7J
Denial of Service (DoS) vulnerability in RSSHubEcosystems: npm
Packages: rsshub
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2ZjgtaDJxaC0zN205
IPC messages delivered to the wrong frame in ElectronEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @finastra/nestjs-proxy
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
GSA_kwCzR0hTQS03N212LTRyZzctcjhxds4AArtT
Potential Sensitive Cookie Exposure in NPM Packages @finastra/nestjs-proxy, @ffdc/nestjs-proxyEcosystems: npm
Packages: @finastra/nestjs-proxy
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: @finastra/nestjs-proxy
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1qNTYyLWMzY3ctM3A1Z84AArtS
Potential Authorization Header Exposure in NPM Packages @finastra/nestjs-proxy, @ffdc/nestjs-proxyEcosystems: npm
Packages: @finastra/nestjs-proxy
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: @backstage/techdocs-common, @backstage/plugin-techdocs-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00anFjLWp2aDItcHhnOc4AArtF
Path traversal for local publishers in TechDocs backendEcosystems: npm
Packages: @backstage/techdocs-common, @backstage/plugin-techdocs-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: almost 2 years ago
GSA_kwCzR0hTQS03N3hjLWhqdjgtd3c5N84AArqt
AutoUpdater module fails to validate certain nested components of the bundleEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: bl
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBwN2gtNTNneC1teDdy
Remote Memory Exposure in blEcosystems: npm
Packages: bl
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: sandbox
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZtNGotNHhobS14cHd4
Sandbox Breakout / Arbitrary Code Execution in sandboxEcosystems: npm
Packages: sandbox
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @materializecss/materialize, materialize-css
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3NTItZjRnZi05NGdj
Materialize-css vulnerable to Cross-site Scripting in autocomplete componentEcosystems: npm
Packages: @materializecss/materialize, materialize-css
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: semantic-release
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: almost 2 years ago
GSA_kwCzR0hTQS14MnBnLW1qaHItMm01eM4AAreR
Exposure of Sensitive Information to an Unauthorized Actor in semantic-releaseEcosystems: npm
Packages: semantic-release
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: sync-exec
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM4aDgteDY5Ny1naDhx
Tmp files readable by other users in sync-execEcosystems: npm
Packages: sync-exec
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: gitbook
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVoNXItMjNyNC1tODdo
Cross-Site Scripting in gitbookEcosystems: npm
Packages: gitbook
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: bittorrent-dht
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3ZzQtMzZqcC01djNt
Remote Memory Disclosure in bittorrent-dhtEcosystems: npm
Packages: bittorrent-dht
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: jpeg-js
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc3cTktcDNqcS1mbWht
Uncontrolled resource consumption in jpeg-jsEcosystems: npm
Packages: jpeg-js
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzNmgtcnF2OC04cTcz
GraphQL: Security breach on Viewer queryEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: cassproject
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03cWN4LTRwMzItcWNteM4AArM_
Missing Cryptographic Step in cassprojectEcosystems: npm
Packages: cassproject
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: bootstrap-table
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 2 years ago
GSA_kwCzR0hTQS1ncnc1LWc5aDItd3BnOM4AAX61
Cross-site Scripting in bootstrap-tableEcosystems: npm
Packages: bootstrap-table
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZxNzctN3A3ci04M3Jq
Directory Traversal in Next.jsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: auth0-lock
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: almost 2 years ago
GSA_kwCzR0hTQS03d3c2LTc1ZmotamNqN84AAqwb
Cross-site Scripting in Auth0 LockEcosystems: npm
Packages: auth0-lock
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: almost 2 years ago
Moderate
Ecosystems: rubygems, npm
Packages: user_agent_parser, uap-core
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNtY3gteGhyOC0zdzlw
Denial of Service in uap-core when processing crafted User-Agent stringsEcosystems: rubygems, npm
Packages: user_agent_parser, uap-core
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: dojox
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnOTctd3c3aC01bWpy
XSS in dojox due to insufficient escape in dojox.xmpp.util.xmlEncodeEcosystems: npm
Packages: dojox
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 4 years ago
Moderate
Ecosystems: maven, npm
Packages: org.webjars.npm:dset, dset
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: about 2 years ago
GSA_kwCzR0hTQS0yM3d4LWNneHEtdnB3eM3X4Q
Prototype Pollution in dsetEcosystems: maven, npm
Packages: org.webjars.npm:dset, dset
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: auth0-lock
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXcycGYtZzZyOC1wZzIy
auth0-lock vulnerable to XSS via unsanitized placeholder propertyEcosystems: npm
Packages: auth0-lock
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4ZjUtd3h3cC1tN2c5
Open Redirect in Next.jsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: rgb2hex
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY1cDgtM2htNC1oOWg4
Denial of Service in rgb2hexEcosystems: npm
Packages: rgb2hex
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: underscore.string
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYycDYtNG1wNy0zcjl2
Regular Expression Denial of Service in underscore.stringEcosystems: npm
Packages: underscore.string
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: lutils-merge
Source: GitHub Advisory Database
Blast Radius: 3.5
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY3cXctNXB2Zy1tbXdw
Prototype Pollution in lutils-mergeEcosystems: npm
Packages: lutils-merge
Source: GitHub Advisory Database
Blast Radius: 3.5
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: urijs
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: about 2 years ago
GSA_kwCzR0hTQS1nNjk0LW04dnEtZ3Y5aM04KA
URL Confusion When Scheme Not Supplied in medialize/uri.jsEcosystems: npm
Packages: urijs
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcyZnYtcWdqNi0ydzJw
Cross-site Scripting in NodeBBEcosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: engine.io-client
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyNG0taGp3ai00M3A4
Insecure Defaults Allow MITM Over TLS in engine.io-clientEcosystems: npm
Packages: engine.io-client
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: shout
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI2cTctZzU3di1teGNw
HTML Injection in shoutEcosystems: npm
Packages: shout
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: uri-js
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMzM3ctcnhqMy1mNTVy
Regular Expression Denial Of Service in uri-jsEcosystems: npm
Packages: uri-js
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4NHEtNmpmdi04aDlo
Path Traversal in glanceEcosystems: npm
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: superagent
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgyMjUtNmN2ci04cHFw
superagent vulnerable to zip bomb attacksEcosystems: npm
Packages: superagent
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: html-janitor
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhmajQtOTZmNy02cjVn
Cross-Site Scripting in html-janitorEcosystems: npm
Packages: html-janitor
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: over 5 years ago
Moderate
Ecosystems: rubygems, npm
Packages: mapbox-rails, mapbox.js
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFyMjgtN2o2cC05aG12
Content Injection via TileJSON attribute in mapbox.jsEcosystems: rubygems, npm
Packages: mapbox-rails, mapbox.js
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: node-forge
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 2 years ago
GSA_kwCzR0hTQS0ycjJjLWc2M3ItdmNjcs00Kg
Improper Verification of Cryptographic Signature in `node-forge`Ecosystems: npm
Packages: node-forge
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 2 years ago
Moderate
Ecosystems: npm, rubygems
Packages: bootstrap
Source: GitHub Advisory Database
Blast Radius: 63.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdtdnItNXgyZy13ZmM4
Bootstrap Cross-site Scripting vulnerabilityEcosystems: npm, rubygems
Packages: bootstrap
Source: GitHub Advisory Database
Blast Radius: 63.7
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: sysend
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 2 years ago
GSA_kwCzR0hTQS00dnZnLXg4NnAtbXZxY80ymA
Leaking of user information on Cross-Domain communication in sysendEcosystems: npm
Packages: sysend
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 2 years ago
Moderate
Ecosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdjbTItOWM4OS13bWZt
Cross-site Scripting in jquery-uiEcosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS04Y2Y3LTMyZ3ctd3IzM84AAwgf
jsonwebtoken unrestricted key type could lead to legacy keys usageEcosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: over 1 year ago
GSA_kwCzR0hTQS1oanJmLTJtNjgtNTk1Oc4AAwgh
jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMACEcosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: over 1 year ago
GSA_kwCzR0hTQS1xd3BoLTQ5NTItN3hyNs4AAwgg
jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()Ecosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: liquidjs
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: over 1 year ago
GSA_kwCzR0hTQS00NXJtLTI4OTMtNWY0Oc4AAwgi
liquidjs may leak properties of a prototypeEcosystems: npm
Packages: liquidjs
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: node-json2html
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 1 year ago
GSA_kwCzR0hTQS03OW1wLWN4cDQtOXA2cs4AAwo2
Json2html vulnerable to cross-site scriptingEcosystems: npm
Packages: node-json2html
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: mercurius
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 1 year ago
GSA_kwCzR0hTQS1jbThoLXE5MnYteGNmY84AAw1D
mercurius has Uncaught Exception when using subscriptionsEcosystems: npm
Packages: mercurius
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: vditor
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: about 1 year ago
GSA_kwCzR0hTQS12Zm1wLTk5OTktNndxas4AAxwh
Vditor Cross-site Scripting vulnerabilityEcosystems: npm
Packages: vditor
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: baremetrics-calendar
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 1 year ago
GSA_kwCzR0hTQS00NjVmLW14eGgtZ3JjNM4AAxwo
Baremetrics date range picker vulnerable to Cross-site ScriptingEcosystems: npm
Packages: baremetrics-calendar
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: keycloak-connect
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 1 year ago
GSA_kwCzR0hTQS01OWZxLTcyN2otaG0zZs4AAx6i
keycloak-connect contains Open redirect vulnerability in the Node.js adapterEcosystems: npm
Packages: keycloak-connect
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: about 1 year ago
GSA_kwCzR0hTQS04NzhtLTNnNnEtNTk0cc4AAx7E
OpenZeppelin Contracts contains Incorrect CalculationEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @nestjs/core
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 1 year ago
GSA_kwCzR0hTQS00anB2LThyNTctcHY3as4AAx8Q
@nestjs/core vulnerable to Information Exposure via StreamableFile pipeEcosystems: npm
Packages: @nestjs/core
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @cypress/request, request
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 1 year ago
GSA_kwCzR0hTQS1wOHA3LXgyODgtMjhnNs4AAyJl
Server-Side Request Forgery in RequestEcosystems: npm
Packages: @cypress/request, request
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: matrix-js-sdk
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: about 1 year ago
GSA_kwCzR0hTQS02ZzY3LXEzOWctcjc5cc4AAyyO
matrix-js-sdk vulnerable to invisible eavesdropping in group callsEcosystems: npm
Packages: matrix-js-sdk
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: posthog-js
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: 12 months ago
GSA_kwCzR0hTQS04Nzc1LTVod3Ytd3I2ds4AAzbF
Potential for cross-site scripting in PostHog-jsEcosystems: npm
Packages: posthog-js
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: 12 months ago
Moderate
Ecosystems: npm
Packages: highlight.run
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: 12 months ago
GSA_kwCzR0hTQS05cXBqLXFxMnItNW1jY84AAzew
html inputs of type password recorded in plaintext when converted to text inputsEcosystems: npm
Packages: highlight.run
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: 12 months ago
Moderate
Ecosystems: npm
Packages: proxy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
GSA_kwCzR0hTQS1tajZwLTNwYzktd2Y1bc4AAzhf
proxy denial of service vulnerabilityEcosystems: npm
Packages: proxy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
Moderate
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: 12 months ago
GSA_kwCzR0hTQS01aDN4LTl3dnEtdzRtMs4AAzvg
OpenZeppelin Contracts's governor proposal creation may be blocked by frontrunningEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: 12 months ago
Moderate
Ecosystems: npm
Packages: fast-xml-parser
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: 11 months ago
GSA_kwCzR0hTQS14M2NjLXgzOXAtNDJxeM4AAzz_
fast-xml-parser vulnerable to Prototype Pollution through tag or attribute nameEcosystems: npm
Packages: fast-xml-parser
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 2 years ago
GSA_kwCzR0hTQS05YzIyLXB3eHctcDZoeM0bQg
OpenZeppelin Contracts initializer reentrancy may lead to double initializationEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 2 years ago
Moderate
Ecosystems: pypi, npm, maven
Packages: awsiotsdk, aws-iot-device-sdk-v2, software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: over 2 years ago
GSA_kwCzR0hTQS1qM2Y3LTdybWMtNndxas0YEQ
Improper certificate management in AWS IoT Device SDK v2Ecosystems: pypi, npm, maven
Packages: awsiotsdk, aws-iot-device-sdk-v2, software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: @sap-cloud-sdk/core
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 2 years ago
GSA_kwCzR0hTQS1ncDJmLTI1NG0tcmgzMs0W9A
Unauthorized access to data in @sap-cloud-sdk/coreEcosystems: npm
Packages: @sap-cloud-sdk/core
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: json-ptr
Source: GitHub Advisory Database
Blast Radius: 22.8
Published: over 2 years ago
GSA_kwCzR0hTQS04Z3dqLThoeGMtMjg1d80W4g
Prototype Pollution in json-ptrEcosystems: npm
Packages: json-ptr
Source: GitHub Advisory Database
Blast Radius: 22.8
Published: over 2 years ago
Moderate
Ecosystems: rubygems, maven, nuget, npm
Packages: jquery-ui-rails, org.webjars.npm:jquery-ui, jQuery.UI.Combined, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
GSA_kwCzR0hTQS05Z2ozLWh3cDUtcG13Y80WtQ
XSS in the `altField` option of the Datepicker widget in jquery-uiEcosystems: rubygems, maven, nuget, npm
Packages: jquery-ui-rails, org.webjars.npm:jquery-ui, jQuery.UI.Combined, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
18
sequelize
16
next
15
swagger-ui
14
tinymce
14
ghost
14
strapi
13
joplin
13
ckeditor4
13
undici
12
vm2
12
nodebb
11
handlebars
11
marked
11
angular
11
nocodb
10
@evershop/evershop
9
serve
9
next-auth
9
TinyMCE
9
tinymce/tinymce
9
node-forge
8
urijs
8
jsrsasign
8
express-cart
8
editor.md
8
validator
8
npm
8
@strapi/strapi
8
url-parse
8
tar
8
steal
8
systeminformation
8
bootstrap
8
matrix-js-sdk
8
org.webjars.npm:jquery
8
jquery
8
jquery-rails
8
total.js
7
sanitize-html
7
uptime-kuma
7
jquery-ui
7
jquery-ui-rails
7
matrix-appservice-irc
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
snyk-broker
7
jQuery
7
shescape
7
lodash
7
matrix-react-sdk
7
hermes-engine
7
hapi
7
safe-eval
6
aaptjs
6
rsshub
6
parse-url
6
lodash-es
5
total4
5
openpgp
5
sweetalert2
5
public
5
ejs
5
prismjs
5
vite
5
mongoose
5
dojo
5
yarn
5
vditor
5
ua-parser-js
5
@strapi/plugin-users-permissions
5
rendertron
5
xlsx
5
keystone
5
safer-eval
4
muhammara
4
remarkable
4
convert-svg-core
4
axios
4
hummus
4
simple-git
4
engine.io
4
jsonwebtoken
4
realms-shim
4
ws
4
fastify
4
katex
4
dompurify
4
apostrophe
4
vega
4
auth0-js
4
@keystone-6/core
4
materialize-css
4
moment
4
mongo-express
4
valine
4
mermaid
4
auth0-lock
4
@backstage/plugin-scaffolder-backend
4
qs
4
ecstatic
4
simple-markdown
4
generator-jhipster
4
mysql2
4
meshcentral
4
aws-iot-device-sdk-v2
4
glance
4
apollo-server-core
4
awsiotsdk
4
follow-redirects
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
ses
3
loader-utils
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
notevil
3
object-path
3
passport-wsfed-saml2
3
js-yaml
3
grunt
3
jspdf
3
n8n
3
locutus
3
jointjs
3
codecov
3
feathers-sequelize
3
mysql
3
wrangler
3
yapi-vendor
3
@frangoteam/fuxa
3
ftp-srv
3
renovate
3
blamer
3
bootstrap
3
@ckeditor/ckeditor5-markdown-gfm
3
raneto
3
tough-cookie
3
froala-editor
3
highcharts
3
localhost-now
3
mixme
3
connect
3
jose
3
socket.io-file
3
fast-xml-parser
3
browserify-shim
3
slpjs
3
dns-sync
3
protobufjs
3
http-live-simulator
3
uap-core
3
xmldom
3
m-server
3
keycloak-connect
3
@strapi/utils
3
@cubejs-backend/api-gateway
3
nodemailer
3
slp-validate
3
apollo-server
3
node-opcua
3
postcss
3
jquery-validation
3
socket.io-parser
3
@backstage/techdocs-common
3
node-ipc
3
mathjs
3
node-jose
3
parsel
3
@uppy/companion
3
nadesiko3
3
convict
3
dojox
3
simplehttpserver
3
fuxa-server
3
mxgraph
3
statics-server
3
stimulsoft-dashboards-js
3
express-fileupload
3
node-fetch
3
xdLocalStorage
3
@hapi/subtext
3
subtext
3
@apollo/server
3
json-pointer
3
immer
3
serialize-to-js
3
buttle
3
typeorm
3
lodash.defaultsdeep
3
@vrite/sdk
3
@commercial/subtext
3
json-ptr
3
@sveltejs/kit
3
snyk
3
@soketi/soketi
3
ids-enterprise
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/directus/directus
17
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/nodejs/undici
12
https://github.com/NodeBB/NodeBB
11
https://github.com/vercel/next.js
11
https://github.com/jquery/jquery
10
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/nocodb/nocodb
10
https://github.com/evershopcommerce/evershop
9
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/apollographql/apollo-server
8
https://github.com/pandao/editor.md
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/digitalbazaar/forge
8
https://github.com/twbs/bootstrap
7
https://github.com/unshiftio/url-parse
7
https://github.com/lodash/lodash
7
https://github.com/louislam/uptime-kuma
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/ericcornelissen/shescape
7
https://github.com/jquery/jquery-ui
6
https://github.com/facebook/hermes
6
https://github.com/DIYgod/RSSHub
6
https://github.com/npm/node-tar
6
https://github.com/panva/jose
6
https://github.com/totaljs/framework
6
https://github.com/shenzhim/aaptjs
6
https://github.com/ionicabizau/parse-url
6
https://github.com/eclipse-theia/theia
6
https://github.com/vitejs/vite
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/markedjs/marked
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/npm/cli
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/vega/vega
5
https://github.com/follow-redirects/follow-redirects
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/xCss/Valine
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/mrvautin/expressCart
4
https://github.com/hapijs/hapi
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/PrismJS/prism
4
https://github.com/sidorares/node-mysql2
4
https://github.com/steveukx/git-js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/axios/axios
4
https://github.com/KaTeX/KaTeX
4
https://github.com/auth0/lock
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/socketio/engine.io
4
https://github.com/balderdashy/sails
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/yarnpkg/yarn
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/angular/angular.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/npm/npm
4
https://github.com/Dogfalo/materialize
4
https://github.com/nodejs/llhttp
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/highcharts/highcharts
3
https://github.com/neocotic/convert-svg
3
https://github.com/sveltejs/kit
3
https://github.com/node-fetch/node-fetch
3
https://github.com/libxmljs/libxmljs
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/beerpwn/CVE
3
https://github.com/immerjs/immer
3
https://github.com/node-opcua/node-opcua
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/transloadit/uppy
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/nodemailer/nodemailer
3
https://github.com/n8n-io/n8n
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/dwisiswant0/advisory
3
https://github.com/mozilla/node-convict
3
https://github.com/mongo-express/mongo-express
3
https://github.com/dojo/dojox
3
https://github.com/dojo/dojo
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/facebook/react
3
https://github.com/moment/moment
3
https://github.com/nasa/openmct
3
https://github.com/renovatebot/renovate
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/mermaid-js/mermaid
3
https://github.com/salesforce/tough-cookie
3
https://github.com/cure53/DOMPurify
3
https://github.com/gruntjs/grunt
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/clientIO/joint
3
https://github.com/simpleledger/slpjs
3
https://github.com/mariocasciaro/object-path
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/cisco/node-jose
3
https://github.com/chjj/marked
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/socketio/socket.io-parser
3
https://github.com/soketi/soketi
3
https://github.com/hapijs/subtext
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/webpack/loader-utils
3
https://github.com/ua-parser/uap-core
3
https://github.com/adaltas/node-mixme
3
https://github.com/typeorm/typeorm
3
https://github.com/zeit/next.js
3
https://github.com/websockets/ws
3
https://github.com/vriteio/vrite
3
https://github.com/xmldom/xmldom
3
https://github.com/jarofghosts/glance
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/Automattic/mongoose
3
https://github.com/vanessa219/vditor
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/jsuites/jsuites
2
https://github.com/mathjax/MathJax
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/jameswlane/status-board
2
https://github.com/shelljs/shelljs
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/vvakame/fs-git
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/peerigon/angular-expressions
2
https://github.com/peterbraden/node-opencv
2
https://github.com/ahdinosaur/set-in
2
https://github.com/josdejong/jsoneditor
2
https://github.com/cronvel/tree-kit
2
https://github.com/karma-runner/karma
2
https://github.com/snyk/cli
2
https://github.com/Finastra/ssr-pages
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/marudor/libxmljs2
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/jcubic/jquery.terminal
2
https://github.com/endojs/endo
2
https://github.com/vivaxy/here
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/mysqljs/mysql
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/dfinity/agent-js
2
https://github.com/mozilla/pdf.js
2