Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Moderate
Ecosystems: npm
Packages: @backstage/plugin-scaffolder-backend
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: over 2 years ago
GSA_kwCzR0hTQS1wdnY4LThmeDktaDY3M80WlQ
Path Traversal in @backstage/plugin-scaffolder-backendEcosystems: npm
Packages: @backstage/plugin-scaffolder-backend
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: teddy
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: over 2 years ago
GSA_kwCzR0hTQS01ZjM4LTlqdzItNnI2aM0WZQ
Cross-site Scripting in teddyEcosystems: npm
Packages: teddy
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: passport-oauth2
Source: GitHub Advisory Database
Blast Radius: 24.9
Published: over 2 years ago
GSA_kwCzR0hTQS1mNzk0LXI2eGMtaGYzds0WCQ
Improper Access Control in passport-oauth2Ecosystems: npm
Packages: passport-oauth2
Source: GitHub Advisory Database
Blast Radius: 24.9
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: preact
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNnNDgtOWhoMi14Nm14
HTML Injection in preactEcosystems: npm
Packages: preact
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: ws
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZmYzgtNGd4NC12Njkz
ReDoS in Sec-Websocket-Protocol headerEcosystems: npm
Packages: ws
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: concat-with-sourcemaps
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4djMtaDc2Mi1jY3h2
Out-of-bounds Read in concat-with-sourcemapsEcosystems: npm
Packages: concat-with-sourcemaps
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: mootools
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg2aHgtN2doMy0zcTk4
Prototype Pollution in mootoolsEcosystems: npm
Packages: mootools
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: curly-bracket-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJxZjgtOGM4OS1tdzI5
Cross-site Scripting in curly-bracket-parserEcosystems: npm
Packages: curly-bracket-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: urijs
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5Z3YtaDh3Zi1jZzhy
URIjs Vulnerable to Hostname spoofing via backslashes in URLEcosystems: npm
Packages: urijs
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: react-bootstrap-table
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI1ODktdzZ4Zi05ODNy
Cross-site scripting in react-bootstrap-tableEcosystems: npm
Packages: react-bootstrap-table
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: matrix-appservice-bridge
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM1ZzQtcXgzYy12amh4
Automatic room upgrade handling can be used maliciously to bridge a room non-consentuallyEcosystems: npm
Packages: matrix-appservice-bridge
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: keystone
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjdjYtZ3Z4My1tNTRt
Cross-Site Scripting in keystoneEcosystems: npm
Packages: keystone
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: @backstage/plugin-techdocs
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdnOTYtZjh3ci1wODlm
Script injectionEcosystems: npm
Packages: @backstage/plugin-techdocs
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: koa-remove-trailing-slashes
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI3NzMtcG13My1mNG1y
Open Redirect in koa-remove-trailing-slashesEcosystems: npm
Packages: koa-remove-trailing-slashes
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: react-native-fast-image
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4aGctcTljOC1yajMy
Credential leak in react-native-fast-imageEcosystems: npm
Packages: react-native-fast-image
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: hosted-git-info
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzZjgtMmgzMi1mNGNq
Regular Expression Denial of Service in hosted-git-infoEcosystems: npm
Packages: hosted-git-info
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: @absolunet/kafe
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhncGYtOTdjNS03NGZj
Regular expression denial of service in @absolunet/kafeEcosystems: npm
Packages: @absolunet/kafe
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: jose-node-cjs-runtime
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2Y3ctZjY4dy04aDho
Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtimeEcosystems: npm
Packages: jose-node-cjs-runtime
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: jspdf
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNxNmYtOGdyeC1wcjR2
Cross-site scripting in jspdfEcosystems: npm
Packages: jspdf
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: is-my-json-valid
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRocGYtM3dxNy01cnBy
Regular expression deinal of service (ReDoS) in is-my-json-validEcosystems: npm
Packages: is-my-json-valid
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: portprocesses
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZtNjctN3ZtZy02NnZt
Arbitrary Command Injection in portprocessesEcosystems: npm
Packages: portprocesses
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: @theia/console
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN3ZzktYzljci1wNWZx
Improper Neutralization of Input in Theia consoleEcosystems: npm
Packages: @theia/console
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: ftp-srv
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBtdzQtamd4eC1wY3E5
File System Bounds EscapeEcosystems: npm
Packages: ftp-srv
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: socket.io
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4d2YtNHJxaC12OGcz
CORS misconfiguration in socket.ioEcosystems: npm
Packages: socket.io
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: react-native-webview
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM2ajMteHhmNy00cHFn
Android WebView Universal Cross-site ScriptingEcosystems: npm
Packages: react-native-webview
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczNzUtdmpyMi0zZzd3
Cross-Site Scripting in glanceEcosystems: npm
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: node-sass
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2NjItMjRjci01OGN4
Denial of Service in node-sassEcosystems: npm
Packages: node-sass
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: morris.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ3eDUtNWZxai1qdjk4
Cross-Site Scripting in morris.jsEcosystems: npm
Packages: morris.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: arcanist
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc3dzktdm01bS00OHE4
Downloads Resources over HTTP in arcanistEcosystems: npm
Packages: arcanist
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: bitty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1bWgtaHE2aC13aHh2
Directory Traversal in bittyEcosystems: npm
Packages: bitty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: jsrender
Source: GitHub Advisory Database
Blast Radius: 17.1
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI4N3ctNDdtOC0yMncz
Template Injection in jsrenderEcosystems: npm
Packages: jsrender
Source: GitHub Advisory Database
Blast Radius: 17.1
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM2M2gtdmo2cS0zY21q
Rosetta-Flash JSONP Vulnerability in hapiEcosystems: npm
Packages: hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: jquery-ujs
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZxcWotcng0dy1yM2Nq
CSRF Vulnerability in jquery-ujsEcosystems: npm
Packages: jquery-ujs
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: class-transformer
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZncDMtaDNqai1wcng0
Prototype pollution in class-transformerEcosystems: npm
Packages: class-transformer
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: npm-registry-fetch
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWptcW0tZjJneC00Zmp2
Sensitive information exposure through logs in npm-registry-fetchEcosystems: npm
Packages: npm-registry-fetch
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5bXEtanBoNi05bWht
Arbitrary file read via window-open IPC in ElectronEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 25.7
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1ocDYtcHhoOC1yNjc1
Cross site scripting in AngularEcosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 25.7
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: @nozbe/watermelondb
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM4ZjktbTI5Ny02cTln
DoS via malicious record IDs in WatermelonDBEcosystems: npm
Packages: @nozbe/watermelondb
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: almost 4 years ago
Moderate
Ecosystems: maven, rubygems, nuget, npm
Packages: org.webjars.npm:jquery, jquery-rails, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 104.9
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0bTMtMmo3aC1mN3h3
Cross-Site Scripting in jqueryEcosystems: maven, rubygems, nuget, npm
Packages: org.webjars.npm:jquery, jquery-rails, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 104.9
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: @nuxt/devalue
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY2NzctODNwcC1mODYy
Cross-Site Scripting in @nuxt/devalueEcosystems: npm
Packages: @nuxt/devalue
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: almost 5 years ago
Moderate
Ecosystems: rubygems, maven, nuget, npm
Packages: jquery-rails, org.webjars.npm:jquery, jquery
Source: GitHub Advisory Database
Blast Radius: 118.7
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd4cjQteGpqNS01cHgy
Potential XSS vulnerability in jQueryEcosystems: rubygems, maven, nuget, npm
Packages: jquery-rails, org.webjars.npm:jquery, jquery
Source: GitHub Advisory Database
Blast Radius: 118.7
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: https-proxy-agent
Source: GitHub Advisory Database
Blast Radius: 37.8
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBjNXAtaDhwZi1tdndw
Machine-In-The-Middle in https-proxy-agentEcosystems: npm
Packages: https-proxy-agent
Source: GitHub Advisory Database
Blast Radius: 37.8
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: @fraction/oasis
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo0MzgtNDVoYy12amht
CSRF and DNS Rebinding in OasisEcosystems: npm
Packages: @fraction/oasis
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: minimist
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZoOTUtcm1nci02dzRt
Prototype Pollution in minimistEcosystems: npm
Packages: minimist
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: knockout
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZjamoteGYyci1td3Zj
XSS in knockoutEcosystems: npm
Packages: knockout
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: node-red
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh3NjUteGpjNS05dzc5
Cross-Site Scripting in node-redEcosystems: npm
Packages: node-red
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: cookie-signature
Source: GitHub Advisory Database
Blast Radius: 29.1
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkydm0td2ZtNS1teHZ2
cookie-signature Timing AttackEcosystems: npm
Packages: cookie-signature
Source: GitHub Advisory Database
Blast Radius: 29.1
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: pannellum
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01MngtMjlwcS13M3Z2
Pannellum Cross-Site Scripting due to data not being sanitized for URIs or vbscriptEcosystems: npm
Packages: pannellum
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: status-board
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg4NjQtcmhtdy01bTZm
Status Board vulnerable to Cross-Site Scripting before v1.1.82Ecosystems: npm
Packages: status-board
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh3M2otZzk4My04amg1
Sensitive Data Exposure in parse-serverEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: mobile-icon-resizer
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW14anIteG1jZy1mZzd3
Arbitrary Code Injection in mobile-icon-resizerEcosystems: npm
Packages: mobile-icon-resizer
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: sql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmOTMtcnY0cC14NGp3
SQL Injection in sqlEcosystems: npm
Packages: sql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: express-brute
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk4NHAteHE5bS00cmp3
Rate Limiting Bypass in express-bruteEcosystems: npm
Packages: express-brute
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: tunnel-agent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjN3Ytd3hjdy1qNDcy
Memory Exposure in tunnel-agentEcosystems: npm
Packages: tunnel-agent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: maven, nuget, npm, pypi, rubygems
Packages: org.webjars.npm:jquery, jQuery, jquery, django, jquery-rails
Source: GitHub Advisory Database
Blast Radius: 135.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZjM2otYzY0bS1xaGdx
XSS in jQuery as used in Drupal, Backdrop CMS, and other productsEcosystems: maven, nuget, npm, pypi, rubygems
Packages: org.webjars.npm:jquery, jQuery, jquery, django, jquery-rails
Source: GitHub Advisory Database
Blast Radius: 135.8
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: simple-markdown
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFqM2YtOWdtcS1md3Y1
Cross-Site Scripting in simple-markdownEcosystems: npm
Packages: simple-markdown
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: about 5 years ago
Moderate
Ecosystems: rubygems, npm, nuget
Packages: twitter-bootstrap-rails, bootstrap-sass, bootstrap, bootstrap.sass, Bootstrap.Less
Source: GitHub Advisory Database
Blast Radius: 99.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2M20tOGZwOC1tajk5
Bootstrap Vulnerable to Cross-Site ScriptingEcosystems: rubygems, npm, nuget
Packages: twitter-bootstrap-rails, bootstrap-sass, bootstrap, bootstrap.sass, Bootstrap.Less
Source: GitHub Advisory Database
Blast Radius: 99.3
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: public
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY0OWMteDQ0aC00cTd2
Tnantoka/public XSS VulnerabilityEcosystems: npm
Packages: public
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: rendertron
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4OG0tOTUzdy04cjJj
rendertron XSS vulnerabilityEcosystems: npm
Packages: rendertron
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: over 5 years ago
Moderate
Ecosystems: packagist, npm
Packages: typo3/cms, typo3/cms-core, bootstrap
Source: GitHub Advisory Database
Blast Radius: 58.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqN20tZzUzbS03NjM4
Bootstrap Cross-site Scripting vulnerabilityEcosystems: packagist, npm
Packages: typo3/cms, typo3/cms-core, bootstrap
Source: GitHub Advisory Database
Blast Radius: 58.1
Published: over 5 years ago
Moderate
Ecosystems: rubygems, npm
Packages: mapbox-rails, mapbox.js
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE2OXAtNWg3NC13MzZm
Content Injection via TileJSON Name in mapbox.jsEcosystems: rubygems, npm
Packages: mapbox-rails, mapbox.js
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdnOTYtMzkzMy1qMnc1
Cross-Site Scripting in sanitize-htmlEcosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: tough-cookie
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFodjktNzI4ci02anFn
ReDoS via long string of semicolons in tough-cookieEcosystems: npm
Packages: tough-cookie
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: protobufjs
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2MmYtYzJ3Zy1tOGM4
Denial of Service in protobufjsEcosystems: npm
Packages: protobufjs
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: docsify
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: almost 2 years ago
GSA_kwCzR0hTQS01aDd4LTY4d2otamh3Y84AAoCk
Docsify vulnerable to cross-site scripting due to mishandled encodingEcosystems: npm
Packages: docsify
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTltNmotZmNnNS0yNDQy
Path traversal in url-parseEcosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF3OTYtbW0yZy1jOG03
Next.js has cross site scripting (XSS) vulnerability via the 404 or 500 /_error pageEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: fastify-static
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: over 2 years ago
GSA_kwCzR0hTQS1wNnZnLXA4MjYtcXAzds0WKg
URL Redirection to Untrusted Site ('Open Redirect') in fastify-staticEcosystems: npm
Packages: fastify-static
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: froala-editor
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgyMzYtZzVnaC12cTZj
DOM-based cross-site scripting in Froala EditorEcosystems: npm
Packages: froala-editor
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ3N2ctanE5bS0zcTl2
Unauthorized File Access in glanceEcosystems: npm
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: smart-extend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY4aDMtcnFybS00N3Y5
Prototype Pollution in smart-extendEcosystems: npm
Packages: smart-extend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @adobe/css-tools
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: 9 months ago
GSA_kwCzR0hTQS1ocHg0LXI4NmctNWpyZ84AA1jW
@adobe/css-tools Regular Expression Denial of Service (ReDOS) while Parsing CSSEcosystems: npm
Packages: @adobe/css-tools
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: 9 months ago
Moderate
Ecosystems: npm
Packages: crypto-js
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: 11 months ago
GSA_kwCzR0hTQS0zdzN3LXB4bW0tMncyas4AAzxu
crypto-js uses insecure random numbersEcosystems: npm
Packages: crypto-js
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: nteract
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS02anZnLWhwMjUtNDJmNs4AA5rD
Nteract Remote Code Execution vulnerabilityEcosystems: npm
Packages: nteract
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: 5 days ago
GSA_kwCzR0hTQS1nNjVoLTM1ZjMteDJ3M84AA74v
Directus Lacks Session Tokens InvalidationEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: 5 days ago
Moderate
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: 5 days ago
GSA_kwCzR0hTQS1wOHYzLW02NDMtNHhxeM4AA74s
Directus allows redacted data extraction on the API through "alias"Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: 5 days ago
Moderate
Ecosystems: npm
Packages: shiba
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1qcjY0LXBnZ3Itajh4as4AAXiq
Shiba vulnerable to XSS leading to code executionEcosystems: npm
Packages: shiba
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: connect
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: about 2 years ago
GSA_kwCzR0hTQS02dzYyLTgzZzYtcmZoas3gfw
Node Connect Reflected Cross-Site Scripting in Sencha Labs Connect middlewareEcosystems: npm
Packages: connect
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwanAtN3JwMi05YzNm
Moderate severity vulnerability that affects validatorEcosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: @node-saml/node-saml
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 9 months ago
GSA_kwCzR0hTQS12eDhtLTZmaHctcGNjd84AA1aW
@node-saml/node-saml's validatePostRequestAsync does not include checkTimestampsValidityErrorEcosystems: npm
Packages: @node-saml/node-saml
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 9 months ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: about 2 years ago
GSA_kwCzR0hTQS1mbXZtLXg4bXYtNDdtas0s0Q
Improper CSP in Image Optimization API for Next.js versions between 10.0.0 and 12.1.0Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: snyk-broker
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl4djItNTQ4eC01aDc5
Arbitrary File Read in Snyk BrokerEcosystems: npm
Packages: snyk-broker
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: snyk-broker
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJmbXAtN3h3Zi13dndy
Arbitrary File Read in Snyk BrokerEcosystems: npm
Packages: snyk-broker
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: mxgraph
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: over 1 year ago
GSA_kwCzR0hTQS1qNHJ2LXByOWctcThqds4AAvP8
mxGraph vulnerable to cross-site scripting in setTooltips functionEcosystems: npm
Packages: mxgraph
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: sockjs
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhoOHYtam1oMy05NDM3
Cross-site scripting in SocksJS-nodeEcosystems: npm
Packages: sockjs
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: jose
Source: GitHub Advisory Database
Blast Radius: 28.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4ZjUtaGZxYy1qZ2No
Padding Oracle Attack due to Observable Timing Discrepancy in joseEcosystems: npm
Packages: jose
Source: GitHub Advisory Database
Blast Radius: 28.0
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: oils
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS12Mjc5LXYyeG0td2hxOc4AAwaQ
Oils JS vulnerable to Open RedirectEcosystems: npm
Packages: oils
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: simplehttpserver
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpyaGotMmozcS14ZjN2
Stored Cross-Site Scripting in simplehttpserverEcosystems: npm
Packages: simplehttpserver
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNqN20taG1oMy05am1w
Cross-Site Scripting in sanitize-htmlEcosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: concat-stream
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc3NHItZmZ2ci01cTlm
Memory Exposure in concat-streamEcosystems: npm
Packages: concat-stream
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: packagist, npm
Packages: ckeditor/ckeditor, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 3 months ago
GSA_kwCzR0hTQS1mcTZoLTRnOHYtcXF2bc4AA5JK
CKEditor4 Cross-site Scripting vulnerability caused by incorrect CDATA detectionEcosystems: packagist, npm
Packages: ckeditor/ckeditor, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: about 2 years ago
GSA_kwCzR0hTQS1qZjVyLThobTItZjg3Ms0uHQ
url-parse incorrectly parses hostname / protocol due to unstripped leading control characters.Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: 12 months ago
GSA_kwCzR0hTQS05cHJtLWpxd3gtNDV4Oc4AAzkR
Phishing attack vulnerability by uploading malicious HTML fileEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: 12 months ago
Moderate
Ecosystems: maven, npm
Packages: org.webjars.npm:xlsx, xlsx
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5NzMtOTc4ai0yYzNw
Denial of Service in SheetJS ProEcosystems: maven, npm
Packages: org.webjars.npm:xlsx, xlsx
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: html-parse-stringify2, html-parse-stringify
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0NXEtM2ZnNi00OG03
html-parse-stringify and html-parse-stringify2 vulnerable to Regular expression denial of service (ReDoS)Ecosystems: npm
Packages: html-parse-stringify2, html-parse-stringify
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: @angular/core
Source: GitHub Advisory Database
Blast Radius: 31.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1jNzV2LTJ2cTgtODc4Zs4AArP4
Cross site scripting in AngularEcosystems: npm
Packages: @angular/core
Source: GitHub Advisory Database
Blast Radius: 31.8
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: 2 months ago
GSA_kwCzR0hTQS1mcjN3LTJwMjItNnc3cM4AA572
URL Redirection to Untrusted Site in OAuth2/OpenID in directusEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: 2 months ago
Moderate
Ecosystems: npm
Packages: statics-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWoyN2otNHc2bS04ZmM0
Path Traversal in statics-serverEcosystems: npm
Packages: statics-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: @excalidraw/excalidraw
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: about 1 month ago
GSA_kwCzR0hTQS1tNjRxLTRqcWgtZjcyZs4AA7KT
Stored Cross-site Scripting (XSS) in excalidraw's web embed componentEcosystems: npm
Packages: @excalidraw/excalidraw
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: about 1 month ago
Moderate
Ecosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1MmctNmpoeC01ODZw
Denial of Service in handlebarsEcosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
18
sequelize
16
next
15
swagger-ui
14
tinymce
14
ghost
14
strapi
13
joplin
13
ckeditor4
13
undici
12
vm2
12
nodebb
11
handlebars
11
marked
11
angular
11
nocodb
10
@evershop/evershop
9
serve
9
next-auth
9
TinyMCE
9
tinymce/tinymce
9
node-forge
8
urijs
8
jsrsasign
8
express-cart
8
editor.md
8
validator
8
npm
8
@strapi/strapi
8
url-parse
8
tar
8
steal
8
systeminformation
8
bootstrap
8
matrix-js-sdk
8
org.webjars.npm:jquery
8
jquery
8
jquery-rails
8
total.js
7
sanitize-html
7
uptime-kuma
7
jquery-ui
7
jquery-ui-rails
7
matrix-appservice-irc
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
snyk-broker
7
jQuery
7
shescape
7
lodash
7
matrix-react-sdk
7
hermes-engine
7
hapi
7
safe-eval
6
aaptjs
6
rsshub
6
parse-url
6
lodash-es
5
total4
5
openpgp
5
sweetalert2
5
public
5
ejs
5
prismjs
5
vite
5
mongoose
5
dojo
5
yarn
5
vditor
5
ua-parser-js
5
@strapi/plugin-users-permissions
5
rendertron
5
xlsx
5
keystone
5
safer-eval
4
muhammara
4
remarkable
4
convert-svg-core
4
axios
4
hummus
4
simple-git
4
engine.io
4
jsonwebtoken
4
realms-shim
4
ws
4
fastify
4
katex
4
dompurify
4
apostrophe
4
vega
4
auth0-js
4
@keystone-6/core
4
materialize-css
4
moment
4
mongo-express
4
valine
4
mermaid
4
auth0-lock
4
@backstage/plugin-scaffolder-backend
4
qs
4
ecstatic
4
simple-markdown
4
generator-jhipster
4
mysql2
4
meshcentral
4
aws-iot-device-sdk-v2
4
glance
4
apollo-server-core
4
awsiotsdk
4
follow-redirects
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
ses
3
loader-utils
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
notevil
3
object-path
3
passport-wsfed-saml2
3
js-yaml
3
grunt
3
jspdf
3
n8n
3
locutus
3
jointjs
3
codecov
3
feathers-sequelize
3
mysql
3
wrangler
3
yapi-vendor
3
@frangoteam/fuxa
3
ftp-srv
3
renovate
3
blamer
3
bootstrap
3
@ckeditor/ckeditor5-markdown-gfm
3
raneto
3
tough-cookie
3
froala-editor
3
highcharts
3
localhost-now
3
mixme
3
connect
3
jose
3
socket.io-file
3
fast-xml-parser
3
browserify-shim
3
slpjs
3
dns-sync
3
protobufjs
3
http-live-simulator
3
uap-core
3
xmldom
3
m-server
3
keycloak-connect
3
@strapi/utils
3
@cubejs-backend/api-gateway
3
nodemailer
3
slp-validate
3
apollo-server
3
node-opcua
3
postcss
3
jquery-validation
3
socket.io-parser
3
@backstage/techdocs-common
3
node-ipc
3
mathjs
3
node-jose
3
parsel
3
@uppy/companion
3
nadesiko3
3
convict
3
dojox
3
simplehttpserver
3
fuxa-server
3
mxgraph
3
statics-server
3
stimulsoft-dashboards-js
3
express-fileupload
3
node-fetch
3
xdLocalStorage
3
@hapi/subtext
3
subtext
3
@apollo/server
3
json-pointer
3
immer
3
serialize-to-js
3
buttle
3
typeorm
3
lodash.defaultsdeep
3
@vrite/sdk
3
@commercial/subtext
3
json-ptr
3
@sveltejs/kit
3
snyk
3
@soketi/soketi
3
ids-enterprise
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/directus/directus
17
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/nodejs/undici
12
https://github.com/NodeBB/NodeBB
11
https://github.com/vercel/next.js
11
https://github.com/jquery/jquery
10
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/nocodb/nocodb
10
https://github.com/evershopcommerce/evershop
9
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/apollographql/apollo-server
8
https://github.com/pandao/editor.md
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/digitalbazaar/forge
8
https://github.com/twbs/bootstrap
7
https://github.com/unshiftio/url-parse
7
https://github.com/lodash/lodash
7
https://github.com/louislam/uptime-kuma
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/ericcornelissen/shescape
7
https://github.com/jquery/jquery-ui
6
https://github.com/facebook/hermes
6
https://github.com/DIYgod/RSSHub
6
https://github.com/npm/node-tar
6
https://github.com/panva/jose
6
https://github.com/totaljs/framework
6
https://github.com/shenzhim/aaptjs
6
https://github.com/ionicabizau/parse-url
6
https://github.com/eclipse-theia/theia
6
https://github.com/vitejs/vite
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/markedjs/marked
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/npm/cli
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/vega/vega
5
https://github.com/follow-redirects/follow-redirects
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/xCss/Valine
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/mrvautin/expressCart
4
https://github.com/hapijs/hapi
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/PrismJS/prism
4
https://github.com/sidorares/node-mysql2
4
https://github.com/steveukx/git-js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/axios/axios
4
https://github.com/KaTeX/KaTeX
4
https://github.com/auth0/lock
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/socketio/engine.io
4
https://github.com/balderdashy/sails
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/yarnpkg/yarn
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/angular/angular.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/npm/npm
4
https://github.com/Dogfalo/materialize
4
https://github.com/nodejs/llhttp
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/highcharts/highcharts
3
https://github.com/neocotic/convert-svg
3
https://github.com/sveltejs/kit
3
https://github.com/node-fetch/node-fetch
3
https://github.com/libxmljs/libxmljs
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/beerpwn/CVE
3
https://github.com/immerjs/immer
3
https://github.com/node-opcua/node-opcua
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/transloadit/uppy
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/nodemailer/nodemailer
3
https://github.com/n8n-io/n8n
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/dwisiswant0/advisory
3
https://github.com/mozilla/node-convict
3
https://github.com/mongo-express/mongo-express
3
https://github.com/dojo/dojox
3
https://github.com/dojo/dojo
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/facebook/react
3
https://github.com/moment/moment
3
https://github.com/nasa/openmct
3
https://github.com/renovatebot/renovate
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/mermaid-js/mermaid
3
https://github.com/salesforce/tough-cookie
3
https://github.com/cure53/DOMPurify
3
https://github.com/gruntjs/grunt
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/clientIO/joint
3
https://github.com/simpleledger/slpjs
3
https://github.com/mariocasciaro/object-path
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/cisco/node-jose
3
https://github.com/chjj/marked
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/socketio/socket.io-parser
3
https://github.com/soketi/soketi
3
https://github.com/hapijs/subtext
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/webpack/loader-utils
3
https://github.com/ua-parser/uap-core
3
https://github.com/adaltas/node-mixme
3
https://github.com/typeorm/typeorm
3
https://github.com/zeit/next.js
3
https://github.com/websockets/ws
3
https://github.com/vriteio/vrite
3
https://github.com/xmldom/xmldom
3
https://github.com/jarofghosts/glance
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/Automattic/mongoose
3
https://github.com/vanessa219/vditor
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/jsuites/jsuites
2
https://github.com/mathjax/MathJax
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/jameswlane/status-board
2
https://github.com/shelljs/shelljs
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/vvakame/fs-git
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/peerigon/angular-expressions
2
https://github.com/peterbraden/node-opencv
2
https://github.com/ahdinosaur/set-in
2
https://github.com/josdejong/jsoneditor
2
https://github.com/cronvel/tree-kit
2
https://github.com/karma-runner/karma
2
https://github.com/snyk/cli
2
https://github.com/Finastra/ssr-pages
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/marudor/libxmljs2
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/jcubic/jquery.terminal
2
https://github.com/endojs/endo
2
https://github.com/vivaxy/here
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/mysqljs/mysql
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/dfinity/agent-js
2
https://github.com/mozilla/pdf.js
2