Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Moderate
Ecosystems: npm
Packages: express-hbs
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ3eHAtaHd3Zi02NTN2
Insecure template handling in express-hbsEcosystems: npm
Packages: express-hbs
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: @nextcloud/dialogs
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWczZnEtM3YzZy1taDMy
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in @nextcloud/dialogsEcosystems: npm
Packages: @nextcloud/dialogs
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: yarn
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhqeGMtNDYyeC14Nzdq
TOCTOU Race Condition in YarnEcosystems: npm
Packages: yarn
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1mZmZnLWN3YzkteHZqN84AA5rI
mongo-express Cross-site Request Forgery vulnerabilityEcosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: fullpage.js
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: about 2 years ago
GSA_kwCzR0hTQS1oM2NxLWo5NTctdmh4Z806uQ
Cross-site Scripting in fullpage.jsEcosystems: npm
Packages: fullpage.js
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: paypal-adaptive
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYzcjItM2ZwNC1ycDQ2
Prototype pollution in paypal-adaptiveEcosystems: npm
Packages: paypal-adaptive
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: fastify-multipart
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5ZjgtZ3FqZi1tNzVq
Uncontrolled Resource Consumption in fastify-multipartEcosystems: npm
Packages: fastify-multipart
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: serve-lite
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qOHg3LXFjdzQteHg4Nc4AAxM5
Cross-site Scripting (XSS) in serve-liteEcosystems: npm
Packages: serve-lite
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
GSA_kwCzR0hTQS12cjh4LTc0cG0tNnZqN84AA7cq
Uptime Kuma's authenticated path traversal via plugin repository name may lead to unavailability or data lossEcosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Moderate
Ecosystems: npm
Packages: jikes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNwcDItcTY2eC1mcTQ0
Directory Traversal in jikesEcosystems: npm
Packages: jikes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 3 months ago
GSA_kwCzR0hTQS05ZjI0LWpxaG0tamZjd84AA5Vf
fetch(url) leads to a memory leak in undiciEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: trailing-slash
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmaHItNjJ4cC0yZnAy
Open Redirect in trailing-slashEcosystems: npm
Packages: trailing-slash
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: reveal.js
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ2d3gtbXdwOC1maDQ0
Cross-site Scripting in reveal.jsEcosystems: npm
Packages: reveal.js
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: @antfu/utils
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: 12 months ago
GSA_kwCzR0hTQS1wMmZoLTJoMjMtNmdyZ84AAzhQ
antfu/utils vulnerable to prototype pollutionEcosystems: npm
Packages: @antfu/utils
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: 12 months ago
Moderate
Ecosystems: npm
Packages: lightning-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdtY2gtY20ycC05cXc5
Cross-site Scripting in lightning-serverEcosystems: npm
Packages: lightning-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: @hapi/boom
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJnZ3EtdmZjcC1nd2hq
Cross-Site Scripting in @hapi/boomEcosystems: npm
Packages: @hapi/boom
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @backstage/techdocs-common
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB3aGYtMzl4Zy00cnh3
Script injectionEcosystems: npm
Packages: @backstage/techdocs-common
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: tileserver-gl
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmcjgtbXdwcC04aDlw
Cross-site scripting in TileServer GLEcosystems: npm
Packages: tileserver-gl
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: almost 3 years ago
Moderate
Ecosystems: nuget, packagist, npm
Packages: TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 6 months ago
GSA_kwCzR0hTQS12NjI2LXI3NzQtajdmOM4AA3Mj
TinyMCE vulnerable to mutation Cross-site Scripting via special characters in unescaped text nodesEcosystems: nuget, packagist, npm
Packages: TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: json-pointer
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdtZzQtdzN3NS14NXBj
Prototype pollution in json-pointerEcosystems: npm
Packages: json-pointer
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: @atlaskit/editor-core
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1Y2gtdzc4Zi14aDQ0
Cross-site scripting in @atlaskit/editor-coreEcosystems: npm
Packages: @atlaskit/editor-core
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 18 days ago
GSA_kwCzR0hTQS1naHI1LWNoM3AtdmNyNs4AA7Xa
ejs lacks certain pollution protectionEcosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 18 days ago
Moderate
Ecosystems: npm
Packages: bootstrap-select
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjODItbXAzMy1yODU0
Cross-site scripting in bootstrap-selectEcosystems: npm
Packages: bootstrap-select
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: jose, jose-node-esm-runtime, jose-node-cjs-runtime
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: 2 months ago
GSA_kwCzR0hTQS1oaGh2LXE1N2ctODgycc4AA502
jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintextEcosystems: npm
Packages: jose, jose-node-esm-runtime, jose-node-cjs-runtime
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: 2 months ago
Moderate
Ecosystems: npm
Packages: diagram-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmdzQteGg4My0zajZx
Cross-Site Scripting in diagram-jsEcosystems: npm
Packages: diagram-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @keystone-6/auth
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 11 months ago
GSA_kwCzR0hTQS1qcXhyLXZqdnYtODk5bc4AAz2U
@keystone-6/auth Open Redirect vulnerabilityEcosystems: npm
Packages: @keystone-6/auth
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: workerd
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 1 year ago
GSA_kwCzR0hTQS04dng2LTY5dmctYzQ2Zs4AAzT_
Buffer under-read in workerdEcosystems: npm
Packages: workerd
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: grunt-gh-pages
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJyajMtcW1oOC03MnBm
grunt-gh-pages before 0.10.0 may allow unencrypted GitHub credentials to be written to a log fileEcosystems: npm
Packages: grunt-gh-pages
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: bson
Source: GitHub Advisory Database
Blast Radius: 31.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRqd3AtdmZ2Zi02NTdw
Deserialization of Untrusted Data in bsonEcosystems: npm
Packages: bson
Source: GitHub Advisory Database
Blast Radius: 31.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: saml2-js
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVwNXctajNnNy13NHd2
Authentication bypass via incorrect XML canonicalization and DOM traversal in saml2-jsEcosystems: npm
Packages: saml2-js
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: almost 5 years ago
Moderate
Ecosystems: packagist, npm
Packages: drupal/drupal, drupal/core, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJneDYtcmpqNC1jMzg4
ckeditor4 vulnerable to cross-site scriptingEcosystems: packagist, npm
Packages: drupal/drupal, drupal/core, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: gatsby
Source: GitHub Advisory Database
Blast Radius: 21.7
Published: 11 months ago
GSA_kwCzR0hTQS1jNmY4LThyMjUtYzRnY84AAzxd
Gatsby develop server has Local File Inclusion vulnerabilityEcosystems: npm
Packages: gatsby
Source: GitHub Advisory Database
Blast Radius: 21.7
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: openmct
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: 6 months ago
GSA_kwCzR0hTQS12OGZjLXF4dmotZjNtZ84AA3BP
NASA Open MCT Cross Site Scripting vulnerabilityEcosystems: npm
Packages: openmct
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: jodit
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: 8 months ago
GSA_kwCzR0hTQS05NXhyLWNxNmgtdndyM84AA18A
Jodit Editor vulnerable to cross-site scriptingEcosystems: npm
Packages: jodit
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: 8 months ago
Moderate
Ecosystems: npm
Packages: mapshaper
Source: GitHub Advisory Database
Blast Radius: 14.4
Published: 3 months ago
GSA_kwCzR0hTQS04bTM2LTYycnctOW14d84AA5Pv
mapshaper Path Traversal vulnerabilityEcosystems: npm
Packages: mapshaper
Source: GitHub Advisory Database
Blast Radius: 14.4
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: vega-functions, vega
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 1 year ago
GSA_kwCzR0hTQS13NW0zLXhoNzUtbXA1Nc4AAx6f
Vega has Cross-site Scripting vulnerability in `lassoAppend` functionEcosystems: npm
Packages: vega-functions, vega
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: simditor
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: about 2 years ago
GSA_kwCzR0hTQS1wOXdqLXdycm0tODRtNc4AAQs7
Simditor XSS VulnerabilityEcosystems: npm
Packages: simditor
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo1YzItaG00Ni13cDVj
Privilege escalation: all users can access Admin-level API keysEcosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: serialize-javascript
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5cnYtam1tZi00cGd4
Cross-Site Scripting in serialize-javascriptEcosystems: npm
Packages: serialize-javascript
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: jspreadsheet-ce
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 1 year ago
GSA_kwCzR0hTQS1xODJoLXE0N2otZjQ5Ms4AAxuf
Cross-site Scripting in jspreadsheetEcosystems: npm
Packages: jspreadsheet-ce
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: vega
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1jcDQ3LXIyNTgtcTYyNs4AAx6k
Vega vulnerable to arbitrary code execution when clicking href linksEcosystems: npm
Packages: vega
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdweDctN3hqeC1oeG04
Marked vulnerable to XSS from data URIsEcosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: mel-spintax
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xam03LTU1dnYtM2M1Zs4AAxDO
mel-spintax has Inefficient Regular Expression ComplexityEcosystems: npm
Packages: mel-spintax
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: express-validators
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmMngtcnFjOC1ncmZx
Regular expression deinal of service in express-validatorsEcosystems: npm
Packages: express-validators
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: tesseract.js
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgzcngtYzhjci02ajhx
Insecure Default Configuration in tesseract.jsEcosystems: npm
Packages: tesseract.js
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: call
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg0ZnYtcHJyYy01Z2dy
Route Validation Bypass in callEcosystems: npm
Packages: call
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 3 months ago
GSA_kwCzR0hTQS1tdzJjLXZ4NmotbWc3Ns4AA5JL
CKEditor4 Cross-site Scripting vulnerability in samples with enabled the preview featureEcosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: @aws-crypto/client-node, @aws-crypto/client-browser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0NXAtdzkzMy1qeGgz
Improper Verification of Cryptographic Signature in aws-encryption-sdk-javascriptEcosystems: npm
Packages: @aws-crypto/client-node, @aws-crypto/client-browser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: backbone
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo2cDItY3gzdy02amNw
Cross-Site Scripting in backboneEcosystems: npm
Packages: backbone
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: strapi-plugin-content-manager
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF2cDUtbW03di00ZjM2
Cross-site Scripting in StrapiEcosystems: npm
Packages: strapi-plugin-content-manager
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: angular-jwt
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: about 2 years ago
GSA_kwCzR0hTQS12bTJwLWY1ajQtbWo2Z84AAWcv
Auth0 angular-jwt misinterprets allowlist as regexEcosystems: npm
Packages: angular-jwt
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: pkg
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: 3 months ago
GSA_kwCzR0hTQS0yMnIzLTl3NTUtY2o1NM4AA5Lq
Pkg Local Privilege EscalationEcosystems: npm
Packages: pkg
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: total.js
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcycDUtMnI2Zy1mbTZ2
Moderate severity vulnerability that affects total.jsEcosystems: npm
Packages: total.js
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: react-native-document-picker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1wbWdtLWgzY2MtbTRoas4AA5Va
React Native Document Picker Directory Traversal vulnerabilityEcosystems: npm
Packages: react-native-document-picker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: valine
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAyYzQtZ3hwNC1qM3hw
Denial of service in ValineEcosystems: npm
Packages: valine
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: joplin
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 11 months ago
GSA_kwCzR0hTQS03Z3J3LXhmeDYtcWh4Ns4AA0Jx
Joplin Cross-site Scripting vulnerabilityEcosystems: npm
Packages: joplin
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: parse-server-push-adapter
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: 12 months ago
GSA_kwCzR0hTQS1teGhnLXJ2d3gteDk5M84AAzbC
Invalid push request payload crashes Parse ServerEcosystems: npm
Packages: parse-server-push-adapter
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: 12 months ago
Moderate
Ecosystems: packagist, npm
Packages: contao/core, contao-components/mediaelement, mediaelement
Source: GitHub Advisory Database
Blast Radius: 32.3
Published: almost 2 years ago
GSA_kwCzR0hTQS0yNzd3LXFweHItMjU0Oc4AAc12
MediaElement Vulnerable to Reflected XSSEcosystems: packagist, npm
Packages: contao/core, contao-components/mediaelement, mediaelement
Source: GitHub Advisory Database
Blast Radius: 32.3
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: forms
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1NmYtZ3J2My1ncGZy
Regular expression denial of service in formsEcosystems: npm
Packages: forms
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: almost 1 year ago
GSA_kwCzR0hTQS1wNWdjLWM1ODQtamo2ds4AAzXv
vm2 vulnerable to Inspect ManipulationEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: almost 1 year ago
Moderate
Ecosystems: npm
Packages: docsify
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtbTktYzJmeC1jN200
Docsify XSS VulnerabilityEcosystems: npm
Packages: docsify
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: isomorphic-git
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZneHEtcDQ5Zi1xdzk5
Directory Traversal in isomorphic-gitEcosystems: npm
Packages: isomorphic-git
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: deepmergefn
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZqNzItbXdyai1tMnhx
Prototype Pollution in deepmergefnEcosystems: npm
Packages: deepmergefn
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: object-path
Source: GitHub Advisory Database
Blast Radius: 33.5
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYzOXAtOTZxZy1jOHJm
Prototype Pollution in object-pathEcosystems: npm
Packages: object-path
Source: GitHub Advisory Database
Blast Radius: 33.5
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: serve
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVyYzQtOHFxaC12cTdm
vercel/serve allows access to restricted files if filename is URL encoded.Ecosystems: npm
Packages: serve
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 2 years ago
GSA_kwCzR0hTQS1tMmgyLTI2NGYtZjQ4Ns3X3A
angular vulnerable to regular expression denial of service (ReDoS)Ecosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: @aws-cdk/aws-eks, aws-cdk-lib
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: 11 months ago
GSA_kwCzR0hTQS1yeDI4LXIyM3AtMnFjM84AAz8q
AWS CDK EKS overly permissive trust policiesEcosystems: npm
Packages: @aws-cdk/aws-eks, aws-cdk-lib
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: insight-api
Source: GitHub Advisory Database
Blast Radius: 6.5
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThwMnAtcDhtZy14M2N3
Insight API transaction broadcast endpoint can result in Full Path DisclosureEcosystems: npm
Packages: insight-api
Source: GitHub Advisory Database
Blast Radius: 6.5
Published: about 6 years ago
Moderate
Ecosystems: npm
Packages: m-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdteHYteGYycS02ajht
Cross-Site Scripting in m-serverEcosystems: npm
Packages: m-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: about 2 years ago
GSA_kwCzR0hTQS00ZmM0LTRwNWctNnc4Oc0zNg
Cross-site Scripting in CKEditor4Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: valine
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhocnAtcW04OC14anIz
Valine HTML InjectionEcosystems: npm
Packages: valine
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: critters
Source: GitHub Advisory Database
Blast Radius: 32.1
Published: 9 months ago
GSA_kwCzR0hTQS1jeDNqLXFxeGotOTU5N84AA1Qs
Critters Cross-site Scripting VulnerabilityEcosystems: npm
Packages: critters
Source: GitHub Advisory Database
Blast Radius: 32.1
Published: 9 months ago
Moderate
Ecosystems: npm
Packages: transpile
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd4cmotZjVycC1qNTVo
Uncontrolled Resource Consumption in transpileEcosystems: npm
Packages: transpile
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: joplin
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqd3AtN3YzZy05OXBq
Cross-site Request Forgery (CSRF) in joplinEcosystems: npm
Packages: joplin
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: hono
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 5 months ago
GSA_kwCzR0hTQS1mNmd2LWhoOGotcTh2cc4AA3yc
Named path parameters can be overridden in TrieRouterEcosystems: npm
Packages: hono
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 5 months ago
Moderate
Ecosystems: npm
Packages: hbs
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmNWMtcnBmNC04NnA4
Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbsEcosystems: npm
Packages: hbs
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: jointjs
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: over 2 years ago
GSA_kwCzR0hTQS1mM3BwLTMycWMtMzZ3NM0V8A
Prototype Pollution in jointjsEcosystems: npm
Packages: jointjs
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: exceljs
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJqMmotOHJydi0yNjRn
Cross-Site Scripting in exceljsEcosystems: npm
Packages: exceljs
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: millisecond
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1tNDg5LXhyMzUtZmp4cs0V8w
Regular Expression Denial of Service in millisecondEcosystems: npm
Packages: millisecond
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: serve-here.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS00NDQ4LXJjODItZmNyN80V8g
Path Traversal in serve-here.jsEcosystems: npm
Packages: serve-here.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: @fastify/passport
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: about 1 year ago
GSA_kwCzR0hTQS0yY2NmLWZmcmotbTRxd84AAy6-
CSRF token fixation in fastify-passportEcosystems: npm
Packages: @fastify/passport
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: over 2 years ago
GSA_kwCzR0hTQS02NXA3LXBqajgtZ2dtcs0V-w
Member account takeoverEcosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: over 2 years ago
Moderate
Ecosystems: maven, npm
Packages: org.webjars.npm:xlsx, xlsx
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2Y3ItdnhtOC0yOTNt
Denial of Service in SheetsJS ProEcosystems: maven, npm
Packages: org.webjars.npm:xlsx, xlsx
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: dompurify
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: 6 months ago
GSA_kwCzR0hTQS04aGdnLXh4bTUtMzg3M84AA3ID
DOMPurify Open Redirect vulnerabilityEcosystems: npm
Packages: dompurify
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: prismjs
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 2 years ago
GSA_kwCzR0hTQS1ocWhwLTVwODMtaHg5Ns0Vzg
prismjs Regular Expression Denial of Service vulnerabilityEcosystems: npm
Packages: prismjs
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1tY3FtLTZmZjQtNTNxeM4AArjX
Cross-site Scripting in StrapiEcosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: apostrophe
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: over 2 years ago
GSA_kwCzR0hTQS00cjljLWpnaGMtY3g1bc0W8Q
Cross-site Scripting in apostropheEcosystems: npm
Packages: apostrophe
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: bootbox
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3bWctaDVyMy1odzg4
Cross-Site Scripting in bootboxEcosystems: npm
Packages: bootbox
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZqY2otNWcyci12eHFj
Pandao editor.md vulnerable to XSS in IMG attributesEcosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: 4 months ago
GSA_kwCzR0hTQS1maDM4LTlmZ3ItNDU0d84AA4mG
Cross-site Scripting in GhostEcosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: 4 months ago
Moderate
Ecosystems: npm
Packages: statichttpserver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJqNXgtNTZwNi1oajZ4
Path Traversal in statichttpserverEcosystems: npm
Packages: statichttpserver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: @strapi/plugin-content-manager
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: 8 months ago
GSA_kwCzR0hTQS1tMjg0LTg1bWYtY2dyY84AA12s
Strapi's field level permissions not being respected in relationship titleEcosystems: npm
Packages: @strapi/plugin-content-manager
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: 8 months ago
Moderate
Ecosystems: npm
Packages: markdown-it
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 2 years ago
GSA_kwCzR0hTQS02dmZjLXF2M2YtdnI2Y80hTA
Uncontrolled Resource Consumption in markdown-itEcosystems: npm
Packages: markdown-it
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: @strapi/utils, @strapi/admin, @strapi/plugin-content-manager
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 8 months ago
GSA_kwCzR0hTQS12OGdnLTRtcTItODhxNM4AA12r
Strapi may leak sensitive user information, user reset password, tokens via content-manager viewsEcosystems: npm
Packages: @strapi/utils, @strapi/admin, @strapi/plugin-content-manager
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 8 months ago
Moderate
Ecosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: over 2 years ago
GSA_kwCzR0hTQS1tMnIzLTg0OTItdng1Oc0WMw
Denial of Service (DoS) in mongo-expressEcosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: http-live-simulator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhncDItY2M0ci03dmY2
Denial of Service in http-live-simulatorEcosystems: npm
Packages: http-live-simulator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: edge.js
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: over 2 years ago
GSA_kwCzR0hTQS01NXI5LTdtZjgtbTM4Ms0V7w
Cross-site Scripting in edge.jsEcosystems: npm
Packages: edge.js
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: serve-index
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2MzMteDV2di1ocXdj
Cross-Site Scripting in serve-indexEcosystems: npm
Packages: serve-index
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: nodebb-plugin-blog-comments
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzbTUtYzg4ci1janZ2
XSS due to lack of CSRF validation for replying/publishingEcosystems: npm
Packages: nodebb-plugin-blog-comments
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: inert
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0eHAtMzZjMy1mN21y
Hidden Directories Always Served in inertEcosystems: npm
Packages: inert
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Statistics
Advisories: 18,745
Packages: 8,373
Repositories: 1,401
Ecosystems: 12
Packages: 8,373
Repositories: 1,401
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
18
sequelize
16
next
15
swagger-ui
14
tinymce
14
ghost
14
strapi
13
joplin
13
ckeditor4
13
undici
12
vm2
12
nodebb
11
handlebars
11
marked
11
angular
11
nocodb
10
@evershop/evershop
9
serve
9
next-auth
9
TinyMCE
9
tinymce/tinymce
9
node-forge
8
urijs
8
jsrsasign
8
express-cart
8
editor.md
8
validator
8
npm
8
@strapi/strapi
8
url-parse
8
tar
8
steal
8
systeminformation
8
bootstrap
8
matrix-js-sdk
8
org.webjars.npm:jquery
8
jquery
8
jquery-rails
8
total.js
7
sanitize-html
7
uptime-kuma
7
jquery-ui
7
matrix-appservice-irc
7
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
snyk-broker
7
jQuery
7
shescape
7
lodash
7
matrix-react-sdk
7
hermes-engine
7
hapi
7
safe-eval
6
aaptjs
6
rsshub
6
parse-url
6
prismjs
5
lodash-es
5
total4
5
openpgp
5
public
5
ejs
5
mongoose
5
vite
5
dojo
5
sweetalert2
5
yarn
5
vditor
5
ua-parser-js
5
rendertron
5
@strapi/plugin-users-permissions
5
xlsx
5
keystone
5
safer-eval
4
muhammara
4
remarkable
4
ecstatic
4
axios
4
convert-svg-core
4
hummus
4
simple-git
4
engine.io
4
jsonwebtoken
4
realms-shim
4
ws
4
fastify
4
katex
4
dompurify
4
apostrophe
4
vega
4
auth0-js
4
materialize-css
4
@keystone-6/core
4
moment
4
mongo-express
4
valine
4
mermaid
4
auth0-lock
4
@backstage/plugin-scaffolder-backend
4
awsiotsdk
4
aws-iot-device-sdk-v2
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
apollo-server-core
4
meshcentral
4
glance
4
mysql2
4
generator-jhipster
4
follow-redirects
4
simple-markdown
4
qs
4
node-red-dashboard
3
notevil
3
org.webjars.npm:xlsx
3
object-path
3
loader-utils
3
ses
3
passport-wsfed-saml2
3
js-yaml
3
n8n
3
grunt
3
jspdf
3
locutus
3
codecov
3
jointjs
3
dns-sync
3
mysql
3
wrangler
3
yapi-vendor
3
@frangoteam/fuxa
3
ftp-srv
3
renovate
3
blamer
3
bootstrap
3
@ckeditor/ckeditor5-markdown-gfm
3
raneto
3
tough-cookie
3
froala-editor
3
highcharts
3
localhost-now
3
mixme
3
connect
3
jose
3
socket.io-file
3
fast-xml-parser
3
browserify-shim
3
slpjs
3
feathers-sequelize
3
protobufjs
3
http-live-simulator
3
uap-core
3
xmldom
3
m-server
3
keycloak-connect
3
@strapi/utils
3
@cubejs-backend/api-gateway
3
nodemailer
3
slp-validate
3
apollo-server
3
node-opcua
3
postcss
3
socket.io-parser
3
jquery-validation
3
@backstage/techdocs-common
3
node-ipc
3
mathjs
3
node-jose
3
parsel
3
@uppy/companion
3
nadesiko3
3
convict
3
dojox
3
simplehttpserver
3
fuxa-server
3
mxgraph
3
statics-server
3
stimulsoft-dashboards-js
3
express-fileupload
3
node-fetch
3
xdLocalStorage
3
@hapi/subtext
3
subtext
3
@apollo/server
3
json-pointer
3
immer
3
serialize-to-js
3
buttle
3
typeorm
3
lodash.defaultsdeep
3
@vrite/sdk
3
@commercial/subtext
3
json-ptr
3
@sveltejs/kit
3
snyk
3
@soketi/soketi
3
ids-enterprise
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/directus/directus
17
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/nodejs/undici
12
https://github.com/NodeBB/NodeBB
11
https://github.com/vercel/next.js
11
https://github.com/jquery/jquery
10
https://github.com/keystonejs/keystone
10
https://github.com/nextauthjs/next-auth
10
https://github.com/nocodb/nocodb
10
https://github.com/evershopcommerce/evershop
9
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/apollographql/apollo-server
8
https://github.com/pandao/editor.md
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/digitalbazaar/forge
8
https://github.com/twbs/bootstrap
7
https://github.com/unshiftio/url-parse
7
https://github.com/lodash/lodash
7
https://github.com/louislam/uptime-kuma
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/ericcornelissen/shescape
7
https://github.com/jquery/jquery-ui
6
https://github.com/eclipse-theia/theia
6
https://github.com/DIYgod/RSSHub
6
https://github.com/ionicabizau/parse-url
6
https://github.com/shenzhim/aaptjs
6
https://github.com/panva/jose
6
https://github.com/totaljs/framework
6
https://github.com/npm/node-tar
6
https://github.com/facebook/hermes
6
https://github.com/apostrophecms/sanitize-html
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/npm/cli
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/vitejs/vite
5
https://github.com/markedjs/marked
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/vega/vega
5
https://github.com/follow-redirects/follow-redirects
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/mrvautin/expressCart
4
https://github.com/npm/npm
4
https://github.com/steveukx/git-js
4
https://github.com/xCss/Valine
4
https://github.com/KaTeX/KaTeX
4
https://github.com/sidorares/node-mysql2
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/PrismJS/prism
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/axios/axios
4
https://github.com/yarnpkg/yarn
4
https://github.com/Dogfalo/materialize
4
https://github.com/hapijs/hapi
4
https://github.com/angular/angular.js
4
https://github.com/mde/ejs
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/medialize/uri.js
4
https://github.com/medialize/URI.js
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/balderdashy/sails
4
https://github.com/socketio/engine.io
4
https://github.com/fastify/fastify
4
https://github.com/auth0/lock
4
https://github.com/highcharts/highcharts
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/neocotic/convert-svg
3
https://github.com/hapijs/subtext
3
https://github.com/sveltejs/kit
3
https://github.com/libxmljs/libxmljs
3
https://github.com/nodejs/llhttp
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/beerpwn/CVE
3
https://github.com/node-opcua/node-opcua
3
https://github.com/immerjs/immer
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/transloadit/uppy
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/mermaid-js/mermaid
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/renovatebot/renovate
3
https://github.com/nasa/openmct
3
https://github.com/n8n-io/n8n
3
https://github.com/facebook/react
3
https://github.com/moment/moment
3
https://github.com/mongodb/js-bson
3
https://github.com/docsifyjs/docsify
3
https://github.com/dojo/dojo
3
https://github.com/dojo/dojox
3
https://github.com/mongo-express/mongo-express
3
https://github.com/mozilla/node-convict
3
https://github.com/dwisiswant0/advisory
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/nodemailer/nodemailer
3
https://github.com/soketi/soketi
3
https://github.com/socketio/socket.io-parser
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/Marak/colors.js
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/chjj/marked
3
https://github.com/cisco/node-jose
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/mariocasciaro/object-path
3
https://github.com/simpleledger/slpjs
3
https://github.com/clientIO/joint
3
https://github.com/gruntjs/grunt
3
https://github.com/cure53/DOMPurify
3
https://github.com/salesforce/tough-cookie
3
https://github.com/node-fetch/node-fetch
3
https://github.com/zeit/next.js
3
https://github.com/vriteio/vrite
3
https://github.com/webpack/loader-utils
3
https://github.com/jarofghosts/glance
3
https://github.com/typeorm/typeorm
3
https://github.com/adaltas/node-mixme
3
https://github.com/ua-parser/uap-core
3
https://github.com/websockets/ws
3
https://github.com/xmldom/xmldom
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/josdejong/mathjs
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/Automattic/mongoose
3
https://github.com/vanessa219/vditor
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/YMFE/yapi
3
https://github.com/shelljs/shelljs
2
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/mathjax/MathJax
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/codecov/codecov-node
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/vvakame/fs-git
2
https://github.com/peerigon/angular-expressions
2
https://github.com/ahdinosaur/set-in
2
https://github.com/peterbraden/node-opencv
2
https://github.com/jcubic/jquery.terminal
2
https://github.com/cronvel/tree-kit
2
https://github.com/mysqljs/mysql
2
https://github.com/cube-js/cube.js
2
https://github.com/adobe/css-tools
2
https://github.com/snyk/cli
2
https://github.com/Finastra/ssr-pages
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jonschlinkert/merge-deep
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/markdown-it/markdown-it
2
https://github.com/aFarkas/lazysizes
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/marudor/libxmljs2
2
https://github.com/jonschlinkert/set-value
2
https://github.com/vivaxy/here
2
https://github.com/jameswlane/status-board
2
https://github.com/endojs/endo
2
https://github.com/Agoric/realms-shim
2
https://github.com/jsuites/jsuites
2
https://github.com/webpack-contrib/webpack-bundle-analyzer
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/dfinity/agent-js
2