Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Moderate
Ecosystems: maven, npm
Packages: org.webjars.npm:xlsx, xlsx
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN4OWYtNzRoNC0yZnFy
Denial of Service in SheetJS ProEcosystems: maven, npm
Packages: org.webjars.npm:xlsx, xlsx
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: @sentry/nextjs
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: 6 months ago
GSA_kwCzR0hTQS0ycm1yLXh3OG0tMjJxOc4AA3B6
Sentry Next.js vulnerable to SSRF via Next.js SDK tunnel endpointEcosystems: npm
Packages: @sentry/nextjs
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: @snyk/snyk-cocoapods-plugin, snyk-docker-plugin, snyk-gradle-plugin, @snyk/snyk-hex-plugin, snyk-python-plugin, snyk-sbt-plugin, snyk-mvn-plugin, snyk
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: over 1 year ago
GSA_kwCzR0hTQS00eDZnLTNjbXgtdzc2cs4AAwGD
Snyk plugins vulnerable to Command InjectionEcosystems: npm
Packages: @snyk/snyk-cocoapods-plugin, snyk-docker-plugin, snyk-gradle-plugin, @snyk/snyk-hex-plugin, snyk-python-plugin, snyk-sbt-plugin, snyk-mvn-plugin, snyk
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: pomelo
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR4NnYtcndoNC01NWp3
Pomelo allows external control of critical state dataEcosystems: npm
Packages: pomelo
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: sexstatic
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFmaDItNmY3cS1ncjg2
Cross-Site Scripting in sexstaticEcosystems: npm
Packages: sexstatic
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: codemirror
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRndzMtOGY3Ny1mNzJj
Regular expression denial of service in codemirrorEcosystems: npm
Packages: codemirror
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwOTMtZ2N4NS00dzUy
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU1MnctcnFnOC1neHht
Moderate severity vulnerability that affects validatorEcosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: sharp
Source: GitHub Advisory Database
Blast Radius: 34.1
Published: almost 2 years ago
GSA_kwCzR0hTQS1ncDk1LXBwdjUtM2pjNc4AArTZ
sharp vulnerable to Command Injection in post-installation over build environmentEcosystems: npm
Packages: sharp
Source: GitHub Advisory Database
Blast Radius: 34.1
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: apexcharts
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0NmotOGhtNi1oOG1t
XSS in apexchartsEcosystems: npm
Packages: apexcharts
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: @fastify/csrf-protection
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: about 1 year ago
GSA_kwCzR0hTQS1xcmdmLTlncGMtdnJ4d84AAy5b
Bypass of CSRF protection in the presence of predictable userInfoEcosystems: npm
Packages: @fastify/csrf-protection
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: gitbook
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1od2dwLWM2NTMtNjY4NM4AAi3k
GitBook allows Cross-site Scripting via a local .md file.Ecosystems: npm
Packages: gitbook
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: nodemailer
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: 3 months ago
GSA_kwCzR0hTQS05aDZnLXByMjgtN2NxcM4AA4-p
nodemailer ReDoS when trying to send a specially crafted emailEcosystems: npm
Packages: nodemailer
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: node-red-dashboard
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhnNTktbTd3eC04NTNx
Cross-site Scripting in node-red-dashboardEcosystems: npm
Packages: node-red-dashboard
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: node-fetch
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: almost 2 years ago
GSA_kwCzR0hTQS12cDU2LTZnMjYtNjgyN84AAtwJ
node-fetch Inefficient Regular Expression ComplexityEcosystems: npm
Packages: node-fetch
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: jsx-slack
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: over 2 years ago
GSA_kwCzR0hTQS1ocDY4LXhodmoteDZqNs0gsg
jsx-slack insufficient patch for CVE-2021-43838 ReDoSEcosystems: npm
Packages: jsx-slack
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: @excalidraw/excalidraw
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 19 days ago
GSA_kwCzR0hTQS1tNjRxLTRqcWgtZjcyZs4AA7KT
Stored Cross-site Scripting (XSS) in excalidraw's web embed componentEcosystems: npm
Packages: @excalidraw/excalidraw
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 19 days ago
Moderate
Ecosystems: npm
Packages: plotly.js
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJmcXYtaDNyNS1tNHZm
Cross Site Scripting (XSS) in plotly.jsEcosystems: npm
Packages: plotly.js
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 25.5
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRmOW0tcHh3aC02OGhn
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 25.5
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @vendure/core
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: 6 months ago
GSA_kwCzR0hTQS13bTYzLTc2MjctY2gzM84AA3P1
@vendure/core's insecure currencyCode handling allows wrong payment amountsEcosystems: npm
Packages: @vendure/core
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: braft-editor
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: 9 months ago
GSA_kwCzR0hTQS1qZnJmLXZ2NTQtajJqZ84AA1QU
Margox Braft-Editor Cross-site Scripting VulnerabilityEcosystems: npm
Packages: braft-editor
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: 9 months ago
Moderate
Ecosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 30.1
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmNXAtODdjaC1neHcy
Marked ReDoS due to email addresses being evaluated in quadratic timeEcosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 30.1
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: sey
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS13anBjLWNndncteHgyM80atw
Prototype Pollution in seyEcosystems: npm
Packages: sey
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: fsa
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNwOTQtdmo5Ny1mbTRx
OS Command Injection in fsaEcosystems: npm
Packages: fsa
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: selectize-plugin-a11y
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjcHctNzNmMi13NTht
Cross-Site Scripting in selectize-plugin-a11yEcosystems: npm
Packages: selectize-plugin-a11y
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: remult
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: 11 months ago
GSA_kwCzR0hTQS03aGgzLTN4NjQtdjJnOc4AAz9x
When setting EntityOptions.apiPrefilter to a function, the filter is not applied to API requests for a resource by IdEcosystems: npm
Packages: remult
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: 11 months ago
Moderate
Ecosystems: packagist, npm
Packages: drupal/drupal, ckeditor-dev, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 2 years ago
GSA_kwCzR0hTQS1nNzhoLXBmNjUtNDZyds4AATTf
Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)Ecosystems: packagist, npm
Packages: drupal/drupal, ckeditor-dev, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: fast-string-search
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1obXFnLXA4ZjgtM3Fyd84AArtt
Out-of-bounds Read in fast-string-searchEcosystems: npm
Packages: fast-string-search
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI1eHctcTk4OC04MjZt
Remote Memory Exposure in mongooseEcosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @nextcloud/dialogs
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWczZnEtM3YzZy1taDMy
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in @nextcloud/dialogsEcosystems: npm
Packages: @nextcloud/dialogs
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: zmarkdown
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1tZjc0LXFxN3ctNmo3ds4AA5C2
Zmarkdown Server-Side Request Forgery (SSRF) in remark-download-imagesEcosystems: npm
Packages: zmarkdown
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: docsify
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwcWgtNDZxai12d2N3
Cross-site Scripting in docsifyEcosystems: npm
Packages: docsify
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: open-graph
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0NTItNnJmYy12cnZ4
Prototype Pollution in open-graphEcosystems: npm
Packages: open-graph
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: jodit
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: over 1 year ago
GSA_kwCzR0hTQS00Mmh4LXZyeHgtNXI2ds4AAvAf
Jodit Editor vulnerable to Cross-site ScriptingEcosystems: npm
Packages: jodit
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: openmct
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: 6 months ago
GSA_kwCzR0hTQS00Zzg4LTRoZ20tbTk5eM4AA3BK
NASA Open MCT Cross Site Request Forgery (CSRF) vulnerabilityEcosystems: npm
Packages: openmct
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: serialize-javascript
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5cnYtam1tZi00cGd4
Cross-Site Scripting in serialize-javascriptEcosystems: npm
Packages: serialize-javascript
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: matrix-appservice-irc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 25 days ago
GSA_kwCzR0hTQS13bTR3LTdoMnEtM3BmN84AA67l
Matrix IRC Bridge truncated content of messages can be leakedEcosystems: npm
Packages: matrix-appservice-irc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 25 days ago
Moderate
Ecosystems: npm
Packages: axios
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3MnYtcTIzNS12cDk5
Axios vulnerable to Server-Side Request ForgeryEcosystems: npm
Packages: axios
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzcjQtNW14cC1jN2c1
parse-server new anonymous user session acts as if it's created with passwordEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: express-validators
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmMngtcnFjOC1ncmZx
Regular expression deinal of service in express-validatorsEcosystems: npm
Packages: express-validators
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: domokeeper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyNjctNzhqci1qOTRw
Local File Inclusion in domokeeperEcosystems: npm
Packages: domokeeper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: packagist, npm
Packages: typo3/cms, typo3/cms-core, ckeditor
Source: GitHub Advisory Database
Blast Radius: 45.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc2OHgtdnZxcS1wdncz
Ckeditor XSS VulnerabilityEcosystems: packagist, npm
Packages: typo3/cms, typo3/cms-core, ckeditor
Source: GitHub Advisory Database
Blast Radius: 45.9
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: hono
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 5 months ago
GSA_kwCzR0hTQS1mNmd2LWhoOGotcTh2cc4AA3yc
Named path parameters can be overridden in TrieRouterEcosystems: npm
Packages: hono
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 5 months ago
Moderate
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: 9 months ago
GSA_kwCzR0hTQS1nNHZwLW02ODItcXFtcM4AA1Qt
OpenZeppelin Contracts vulnerable to Improper Escaping of OutputEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: 9 months ago
Moderate
Ecosystems: npm
Packages: diagram-js-direct-editing
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4cjItMng5NC0ycTY3
Cross-Site Scripting in diagram-js-direct-editingEcosystems: npm
Packages: diagram-js-direct-editing
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @ensdomains/ens-contracts
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: 9 months ago
GSA_kwCzR0hTQS1ycnh2LXE4bTQtd2NoM84AA0_N
.eth registrar controller can shorten the duration of registered namesEcosystems: npm
Packages: @ensdomains/ens-contracts
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: 9 months ago
Moderate
Ecosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01N3AtcDY3aC1tcTc0
Command Injection Vulnerability in systeminformationEcosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: deep-parse-json
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: over 1 year ago
GSA_kwCzR0hTQS1mZjlqLXB3eGctcTVwMs4AAvsz
deep-parse-json vulnerable to Prototype PollutionEcosystems: npm
Packages: deep-parse-json
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: matrix-appservice-irc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS0zcG1qLWpxcXAtMm1qM84AA1Dg
matrix-appservice-irc IRC command injection via admin commands containing newlinesEcosystems: npm
Packages: matrix-appservice-irc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Moderate
Ecosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTljdzItanFwNS03eDM5
Multiple Content Injection Vulnerabilities in markedEcosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 2 years ago
GSA_kwCzR0hTQS14cmpmLXBodnYtcjR2cs0vLg
Command injection in strapiEcosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: @highlightjs/cdn-assets, highlight.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd3d3Ytdmgzdi04OWNx
ReDOS vulnerabities: multiple grammarsEcosystems: npm
Packages: @highlightjs/cdn-assets, highlight.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: snyk-broker
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg3bTItNmc5OS04NHc1
Arbitrary File Read in Snyk BrokerEcosystems: npm
Packages: snyk-broker
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: highlight.js
Source: GitHub Advisory Database
Blast Radius: 33.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmcmMtN3I3Yy13OW14
Prototype Pollution in highlight.jsEcosystems: npm
Packages: highlight.js
Source: GitHub Advisory Database
Blast Radius: 33.9
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: mergify
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmOTUtdzVoNS1mcTg2
Prototype Pollution in mergifyEcosystems: npm
Packages: mergify
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: larvitbase-www
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg4aDktZmM2di1qY3c3
Unintended Require in larvitbase-wwwEcosystems: npm
Packages: larvitbase-www
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: about 2 years ago
GSA_kwCzR0hTQS1mbXZtLXg4bXYtNDdtas0s0Q
Improper CSP in Image Optimization API for Next.js versions between 10.0.0 and 12.1.0Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: @finastra/ssr-pages
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: about 2 years ago
GSA_kwCzR0hTQS03ZjYzLWg2ZzMtN2N3bc0vhw
Cross Site Scripting (XSS) in @finastra/ssr-pagesEcosystems: npm
Packages: @finastra/ssr-pages
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: hexo-theme-anzhiyu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS04MmpmLThmMjQteHE5bc4AA5t8
hexo-theme-anzhiyu Cross-site Scripting vulnerabilityEcosystems: npm
Packages: hexo-theme-anzhiyu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Moderate
Ecosystems: npm
Packages: smoothie
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 1 year ago
GSA_kwCzR0hTQS1nNjYyLXFxNDUtcHB3bc4AAwd8
Smoothie vulnerable to Cross-site Scripting when tooltipLabel or strokeStyle are controlled by usersEcosystems: npm
Packages: smoothie
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: froala-editor
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: over 2 years ago
GSA_kwCzR0hTQS1jcTZ3LXc1cmotcDl4OM0WNg
Cross-site Scripting in Froala EditorEcosystems: npm
Packages: froala-editor
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: react-devtools-core
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: 7 months ago
GSA_kwCzR0hTQS1yeHJjLXJndjQtanB2eM4AA2j_
React Developer Tools extension Improper Authorization vulnerabilityEcosystems: npm
Packages: react-devtools-core
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: 7 months ago
Moderate
Ecosystems: nuget, npm, packagist
Packages: TinyMCE, tinymce, tinymce/tinymce
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 1 month ago
GSA_kwCzR0hTQS01MzU5LXB2ZjItcHc3OM4AA6Td
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elementsEcosystems: nuget, npm, packagist
Packages: TinyMCE, tinymce, tinymce/tinymce
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 1 month ago
Moderate
Ecosystems: npm
Packages: tinymce
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZydjgtdjR3OC1mOTVo
Cross-site scripting vulnerability in TinyMCEEcosystems: npm
Packages: tinymce
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: paypal-ipn
Source: GitHub Advisory Database
Blast Radius: 10.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2OTgtcjRobS13OTRw
Validation Bypass in paypal-ipnEcosystems: npm
Packages: paypal-ipn
Source: GitHub Advisory Database
Blast Radius: 10.8
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: tesseract.js
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgzcngtYzhjci02ajhx
Insecure Default Configuration in tesseract.jsEcosystems: npm
Packages: tesseract.js
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 5 years ago
Moderate
Ecosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 1 month ago
GSA_kwCzR0hTQS00MzhjLTM5NzUtNXgzZs4AA6Te
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframesEcosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 1 month ago
Moderate
Ecosystems: npm
Packages: bracket-template
Source: GitHub Advisory Database
Blast Radius: 20.5
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4OG0tNmdoOC05ajM2
bracket-template vulnerable to reflected XSSEcosystems: npm
Packages: bracket-template
Source: GitHub Advisory Database
Blast Radius: 20.5
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS05OXZjLXh3OGotcGhqbc4AA5M7
Ghost has possible Cross-site Scripting issueEcosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: msgpack5
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdtanctNDlwNC1wY2Zt
Prototype poisoningEcosystems: npm
Packages: msgpack5
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: markdown-it
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 2 years ago
GSA_kwCzR0hTQS02dmZjLXF2M2YtdnI2Y80hTA
Uncontrolled Resource Consumption in markdown-itEcosystems: npm
Packages: markdown-it
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: react
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc1M3ctNTJ4Yy0yajg1
Cross-Site Scripting in reactEcosystems: npm
Packages: react
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: joplin
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZyN3gtaGM4bS05ODVy
Cross-site Scripting in JoplinEcosystems: npm
Packages: joplin
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @shopify/hydrogen
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: almost 2 years ago
GSA_kwCzR0hTQS02ajIyLXd2OGctODk0Zs4AAga8
Potential Cross-site Scripting vulnerability in HydrogenEcosystems: npm
Packages: @shopify/hydrogen
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: xo-server, xo-web
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ncnZtLWdjcWYtZ2g4cc4AApGy
Xen Orchestra Mishandles AuthorizationEcosystems: npm
Packages: xo-server, xo-web
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: shelljs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS02NGc3LW12dzYtdjlxas0jWA
Improper Privilege Management in shelljsEcosystems: npm
Packages: shelljs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: node-notifier
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmdzktZnEzMi13djVw
OS Command Injection in node-notifierEcosystems: npm
Packages: node-notifier
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: mxgraph
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: almost 2 years ago
GSA_kwCzR0hTQS14bTU5LWp2eG0tY3Azds4AAhJL
mxGraph vulnerable to cross-site scripting in color fieldEcosystems: npm
Packages: mxgraph
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: mquery
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ1cTItMzRyZi1tcjk0
Code Injection in mqueryEcosystems: npm
Packages: mquery
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: airbrake
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1NngtY3AzcS00N3Zn
Insecure Default Configuration in airbrakeEcosystems: npm
Packages: airbrake
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: express
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: about 1 month ago
GSA_kwCzR0hTQS1ydjk1LTg5NmgtYzJ2Y84AA6Rd
Express.js Open Redirect in malformed URLsEcosystems: npm
Packages: express
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: about 1 month ago
Moderate
Ecosystems: npm
Packages: ecstatic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjODQtM2c0NC13ZjJx
Denial of Service in ecstaticEcosystems: npm
Packages: ecstatic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: bodymen
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThoODQtOGo0Zi1wOTdx
Injection in bodymenEcosystems: npm
Packages: bodymen
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: about 3 years ago
Moderate
Ecosystems: maven, nuget, rubygems, npm
Packages: org.webjars.npm:jquery, jQuery, jquery-rails, jquery
Source: GitHub Advisory Database
Blast Radius: 118.7
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpwY3EtY2d3Ni12NGo2
Potential XSS vulnerability in jQueryEcosystems: maven, nuget, rubygems, npm
Packages: org.webjars.npm:jquery, jQuery, jquery-rails, jquery
Source: GitHub Advisory Database
Blast Radius: 118.7
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: matrix-react-sdk
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNnNTctcDY5ci0zbTdw
Improper file handling in matrix-react-sdkEcosystems: npm
Packages: matrix-react-sdk
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: about 2 years ago
Moderate
Ecosystems: maven, npm
Packages: org.primefaces:primefaces, primefaces
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ3NWYtN2M2Yy0zdm12
Cross-site Scripting in PrimeFacesEcosystems: maven, npm
Packages: org.primefaces:primefaces, primefaces
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: nocodb
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 8 months ago
GSA_kwCzR0hTQS14cnBtLWhjY2ctMjh4N84AA1_d
Improper Input Validation in nocodbEcosystems: npm
Packages: nocodb
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 8 months ago
Moderate
Ecosystems: nuget, maven, rubygems, npm
Packages: jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui-rails, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhwY2YtOHZmOS1xNGdq
jQuery-UI vulnerable to Cross-site Scripting in dialog closeTextEcosystems: nuget, maven, rubygems, npm
Packages: jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui-rails, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 34.1
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2MnctaDlqbS1tcWpn
Prototype Pollution in systeminformationEcosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 34.1
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: mversion
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZtOHAtNGZ4ai1wZ2My
OS Command Injection in mversionEcosystems: npm
Packages: mversion
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: markdown-it-decorate
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1yaGY1LTIzNzgtM3czd84AAtea
markdown-it-decorate vulnerable to cross-site scripting (XSS)Ecosystems: npm
Packages: markdown-it-decorate
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: graphql
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: 8 months ago
GSA_kwCzR0hTQS05cHY3LXZmdm0tNnZyN84AA19X
graphql Uncontrolled Resource Consumption vulnerabilityEcosystems: npm
Packages: graphql
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: 8 months ago
Moderate
Ecosystems: npm
Packages: matrix-js-sdk
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
GSA_kwCzR0hTQS0yM2NtLXg2ajctNmhxM80Vvw
matrix-js-sdk can be tricked into disclosing E2EE room keys to a participating homeserverEcosystems: npm
Packages: matrix-js-sdk
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
Moderate
Ecosystems: maven, rubygems, nuget, npm
Packages: org.webjars.npm:jquery, jquery-rails, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01Nzl2LW1wM3YtcnJ3Nc4AATnF
jQuery vulnerable to Cross-Site Scripting (XSS)Ecosystems: maven, rubygems, nuget, npm
Packages: org.webjars.npm:jquery, jquery-rails, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4bTIteGoycS1xZ3Bq
receiving subscription objects with deleted sessionEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: merge-deep2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qMjhxLXA4d3ctY3A4N80auw
Prototype Pollution in merge-deep2.Ecosystems: npm
Packages: merge-deep2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: ezseed-transmission
Source: GitHub Advisory Database
Blast Radius: 1.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA3ODgtcmozNy0zNTd3
Insecure Defaults Leads to Potential MITM in ezseed-transmissionEcosystems: npm
Packages: ezseed-transmission
Source: GitHub Advisory Database
Blast Radius: 1.3
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: statics-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zOTN4LWZyNTktcjhmZ84AARAN
statics-server Cross-site Scripting vulnerabilityEcosystems: npm
Packages: statics-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: stimulsoft-dashboards-js
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: 3 months ago
GSA_kwCzR0hTQS05Y2dmLXB4d3EtMmNwd84AA5ET
Stimulsoft Dashboard.JS Cross Site Scripting vulnerabilityEcosystems: npm
Packages: stimulsoft-dashboards-js
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: wrangler
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: 4 months ago
GSA_kwCzR0hTQS1jZnBoLTRxcWgtdzgyOM4AA4Lg
Arbitrary remote file read in Wrangler dev serverEcosystems: npm
Packages: wrangler
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: 4 months ago
Statistics
Advisories: 18,389
Packages: 8,298
Repositories: 1,394
Ecosystems: 12
Packages: 8,298
Repositories: 1,394
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
16
sequelize
16
ghost
14
tinymce
14
swagger-ui
14
next
13
joplin
13
strapi
13
ckeditor4
13
vm2
12
undici
12
handlebars
11
nodebb
11
angular
11
marked
11
@evershop/evershop
9
serve
9
tinymce/tinymce
9
TinyMCE
9
jquery
9
next-auth
9
org.webjars.npm:jquery
9
jquery-rails
9
matrix-js-sdk
8
tar
8
node-forge
8
systeminformation
8
steal
8
npm
8
jQuery
8
@strapi/strapi
8
bootstrap
8
validator
8
urijs
8
express-cart
8
editor.md
8
jsrsasign
8
url-parse
8
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
shescape
7
sanitize-html
7
matrix-appservice-irc
7
hapi
7
jquery-ui
7
nocodb
7
lodash
7
uptime-kuma
7
total.js
7
matrix-react-sdk
7
hermes-engine
7
snyk-broker
7
parse-url
6
safe-eval
6
rsshub
6
aaptjs
6
ua-parser-js
5
rendertron
5
vditor
5
keystone
5
sweetalert2
5
prismjs
5
dojo
5
openpgp
5
ejs
5
yarn
5
mongoose
5
public
5
xlsx
5
total4
5
vite
5
lodash-es
5
@strapi/plugin-users-permissions
5
mongo-express
4
vega
4
valine
4
glance
4
moment
4
apostrophe
4
dompurify
4
safer-eval
4
@keystone-6/core
4
@backstage/plugin-scaffolder-backend
4
meshcentral
4
simple-markdown
4
axios
4
hummus
4
muhammara
4
remarkable
4
katex
4
jsonwebtoken
4
qs
4
follow-redirects
4
ws
4
engine.io
4
materialize-css
4
convert-svg-core
4
apollo-server-core
4
realms-shim
4
fastify
4
ecstatic
4
auth0-lock
4
auth0-js
4
simple-git
4
mysql2
4
awsiotsdk
4
aws-iot-device-sdk-v2
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
generator-jhipster
4
mermaid
4
@strapi/utils
3
typeorm
3
keycloak-connect
3
xmldom
3
locutus
3
m-server
3
apollo-server
3
@cubejs-backend/api-gateway
3
code-server
3
@sequelize/core
3
nodemailer
3
mysql
3
postcss
3
wrangler
3
node-opcua
3
slp-validate
3
feathers-sequelize
3
jspdf
3
dns-sync
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
mathjs
3
grunt
3
passport-wsfed-saml2
3
codecov
3
jointjs
3
node-jose
3
node-ipc
3
js-yaml
3
loader-utils
3
@backstage/techdocs-common
3
jquery-validation
3
n8n
3
object-path
3
protobufjs
3
http-live-simulator
3
notevil
3
ses
3
uap-core
3
socket.io-parser
3
froala-editor
3
docsify
3
tough-cookie
3
raneto
3
jose-node-cjs-runtime
3
jose-node-esm-runtime
3
ids-enterprise
3
@materializecss/materialize
3
libxmljs
3
sails
3
parsel
3
@uppy/companion
3
@ckeditor/ckeditor5-markdown-gfm
3
nadesiko3
3
convict
3
bootstrap
3
dojox
3
blamer
3
simplehttpserver
3
buttle
3
slpjs
3
@commercial/subtext
3
serialize-to-js
3
lodash.defaultsdeep
3
browserify-shim
3
fast-xml-parser
3
socket.io-file
3
@vrite/sdk
3
jose
3
snyk
3
connect
3
mixme
3
@soketi/soketi
3
json-ptr
3
localhost-now
3
openmct
3
highcharts
3
@sveltejs/kit
3
fuxa-server
3
ftp-srv
3
xdLocalStorage
3
bin-links
3
node-fetch
3
@apollo/server
3
subtext
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/sequelize/sequelize
16
https://github.com/directus/directus
15
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/nodejs/undici
12
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/jquery/jquery
11
https://github.com/NodeBB/NodeBB
11
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/evershopcommerce/evershop
9
https://github.com/vercel/next.js
9
https://github.com/pandao/editor.md
8
https://github.com/digitalbazaar/forge
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/apollographql/apollo-server
8
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/nocodb/nocodb
7
https://github.com/unshiftio/url-parse
7
https://github.com/ericcornelissen/shescape
7
https://github.com/louislam/uptime-kuma
7
https://github.com/twbs/bootstrap
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/lodash/lodash
7
https://github.com/npm/node-tar
6
https://github.com/totaljs/framework
6
https://github.com/eclipse-theia/theia
6
https://github.com/DIYgod/RSSHub
6
https://github.com/facebook/hermes
6
https://github.com/jquery/jquery-ui
6
https://github.com/ionicabizau/parse-url
6
https://github.com/panva/jose
6
https://github.com/shenzhim/aaptjs
6
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/vitejs/vite
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/markedjs/marked
5
https://github.com/npm/cli
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/vega/vega
5
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/angular/angular.js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/sidorares/node-mysql2
4
https://github.com/npm/npm
4
https://github.com/steveukx/git-js
4
https://github.com/socketio/engine.io
4
https://github.com/KaTeX/KaTeX
4
https://github.com/axios/axios
4
https://github.com/PrismJS/prism
4
https://github.com/xCss/Valine
4
https://github.com/mrvautin/expressCart
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/follow-redirects/follow-redirects
4
https://github.com/balderdashy/sails
4
https://github.com/Dogfalo/materialize
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/auth0/lock
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/yarnpkg/yarn
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/hapijs/hapi
4
https://github.com/node-opcua/node-opcua
3
https://github.com/hapijs/subtext
3
https://github.com/transloadit/uppy
3
https://github.com/nodemailer/nodemailer
3
https://github.com/node-fetch/node-fetch
3
https://github.com/facebook/react
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/highcharts/highcharts
3
https://github.com/nodejs/llhttp
3
https://github.com/sveltejs/kit
3
https://github.com/immerjs/immer
3
https://github.com/beerpwn/CVE
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/libxmljs/libxmljs
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/renovatebot/renovate
3
https://github.com/moment/moment
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/dojo/dojo
3
https://github.com/dojo/dojox
3
https://github.com/mongo-express/mongo-express
3
https://github.com/mozilla/node-convict
3
https://github.com/dwisiswant0/advisory
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/n8n-io/n8n
3
https://github.com/nasa/openmct
3
https://github.com/neocotic/convert-svg
3
https://github.com/soketi/soketi
3
https://github.com/socketio/socket.io-parser
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/chjj/marked
3
https://github.com/cisco/node-jose
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/mariocasciaro/object-path
3
https://github.com/simpleledger/slpjs
3
https://github.com/clientIO/joint
3
https://github.com/gruntjs/grunt
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/cure53/DOMPurify
3
https://github.com/salesforce/tough-cookie
3
https://github.com/mermaid-js/mermaid
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/zeit/next.js
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/websockets/ws
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/webpack/loader-utils
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jarofghosts/glance
3
https://github.com/adaltas/node-mixme
3
https://github.com/ua-parser/uap-core
3
https://github.com/vriteio/vrite
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/vanessa219/vditor
3
https://github.com/Automattic/mongoose
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/xmldom/xmldom
3
https://github.com/typeorm/typeorm
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/shelljs/shelljs
2
https://github.com/mathjax/MathJax
2
https://github.com/jsuites/jsuites
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/vvakame/fs-git
2
https://github.com/peerigon/angular-expressions
2
https://github.com/ahdinosaur/set-in
2
https://github.com/peterbraden/node-opencv
2
https://github.com/josdejong/jsoneditor
2
https://github.com/mysqljs/mysql
2
https://github.com/cronvel/tree-kit
2
https://github.com/snyk/cli
2
https://github.com/karma-runner/karma
2
https://github.com/Finastra/ssr-pages
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/marudor/libxmljs2
2
https://github.com/vivaxy/here
2
https://github.com/endojs/endo
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/jameswlane/status-board
2
https://github.com/amitmerchant1990/electron-markdownify
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mozilla/nunjucks
2
https://github.com/dfinity/agent-js
2
https://github.com/mithunsatheesh/node-rules
2