Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Moderate
Ecosystems: npm
Packages: semver
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 11 months ago
GSA_kwCzR0hTQS1jMnFmLXJ4amotcXFnd84AAz95
semver vulnerable to Regular Expression Denial of ServiceEcosystems: npm
Packages: semver
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: metro4
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: over 1 year ago
GSA_kwCzR0hTQS02MzNyLXI0cDgtcHczd84AAvPU
Cross site scripting in Metro UIEcosystems: npm
Packages: metro4
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: git
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: about 2 years ago
GSA_kwCzR0hTQS05Z3FyLXhwODYtZjg3aM0z9Q
Code injection in npm gitEcosystems: npm
Packages: git
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: argencoders-notevil, notevil
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: about 2 years ago
GSA_kwCzR0hTQS04ZzRtLWNqbTItOTZ3cc0z7w
Sandbox escape in notevil and argencoders-notevilEcosystems: npm
Packages: argencoders-notevil, notevil
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: nanoid
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: over 2 years ago
GSA_kwCzR0hTQS1xcnBtLXAyaDctaHJ2Ms0jtQ
Exposure of Sensitive Information to an Unauthorized Actor in nanoidEcosystems: npm
Packages: nanoid
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkzZjMtMjNycS1wamZw
npm CLI exposing sensitive information through logsEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS12NHYyLThoODgtNjVxas4AA3W6
Attribute Injection leading to XSS(Cross-Site-Scripting)Ecosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: bodymen
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: about 2 years ago
GSA_kwCzR0hTQS12aHhjLWZobTUtcWNwOc0z8g
Prototype Pollution in bodymenEcosystems: npm
Packages: bodymen
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: about 2 years ago
Moderate
Ecosystems: pypi, npm, maven
Packages: awsiotsdk, aws-iot-device-sdk-v2, software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: over 2 years ago
GSA_kwCzR0hTQS05NGpxLXE1djItNzZ3as0YGQ
Improper certificate management in AWS IoT Device SDK v2Ecosystems: pypi, npm, maven
Packages: awsiotsdk, aws-iot-device-sdk-v2, software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: 6 months ago
GSA_kwCzR0hTQS12NjR3LTQ5eHctcXE4Oc4AA3R1
Possible user mocking that bypasses basic authenticationEcosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: strapi-plugin-protected-populate
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
GSA_kwCzR0hTQS02aDY3LTkzNHItODJnN84AA3RQ
Bypass of field access control in strapi-plugin-protected-populateEcosystems: npm
Packages: strapi-plugin-protected-populate
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: vditor
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: about 2 years ago
GSA_kwCzR0hTQS1wcTM3LTRjNGctdjM4Y80y1g
Cross-site Scripting in vditorEcosystems: npm
Packages: vditor
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: polaris-website
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdocmgtOWo0cS1nN3Bo
CSRF Vulnerability in polaris-websiteEcosystems: npm
Packages: polaris-website
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: @braintree/sanitize-url
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: about 1 year ago
GSA_kwCzR0hTQS1xOGdnLXZqNm0taGdtas4AAxy7
@braintree/sanitize-url Cross-site Scripting vulnerabilityEcosystems: npm
Packages: @braintree/sanitize-url
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @novnc/novnc
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ5cnYtZzd3NS1tOHh4
Cross-Site Scripting in @novnc/novncEcosystems: npm
Packages: @novnc/novnc
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: mysql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ2cTYtNTVndi1qeDlm
SQL Injection in mysqlEcosystems: npm
Packages: mysql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: openwhisk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzbWotbWMzOC1xODk0
Remote Memory Exposure in openwhiskEcosystems: npm
Packages: openwhisk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJqNXYtZmM3NC1qOXEy
Cross-Site Scripting in editor.mdEcosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: puppeteer
Source: GitHub Advisory Database
Blast Radius: 33.5
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMyZ3AtODZwNC01OTM1
Use-After-Free in puppeteerEcosystems: npm
Packages: puppeteer
Source: GitHub Advisory Database
Blast Radius: 33.5
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: converse.js
Source: GitHub Advisory Database
Blast Radius: 5.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5NzMtMnFjYy1wNzh4
User Impersonation in converse.jsEcosystems: npm
Packages: converse.js
Source: GitHub Advisory Database
Blast Radius: 5.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIycTktaHFtNS1taG1j
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5OTItMmdtai05eHhq
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: valine
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: about 2 years ago
GSA_kwCzR0hTQS02eHZxLTJnajgtNDI3Ns04pA
Cross site scripting in valineEcosystems: npm
Packages: valine
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: textangular
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: about 1 year ago
GSA_kwCzR0hTQS03aDR3LTZwOTgtcjN3eM4AAxwe
textAngular Cross-site Scripting vulnerabilityEcosystems: npm
Packages: textangular
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: quill
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4OG0tOXFnNS0zNXBx
Reverse Tabnabbing in quillEcosystems: npm
Packages: quill
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: ibm_db
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA3N2gtaHY2Zy1mbWZw
Sensitive Data Exposure in ibm_dbEcosystems: npm
Packages: ibm_db
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: saml2-js
Source: GitHub Advisory Database
Blast Radius: 23.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1mY3AtMzR4dy1wNTd4
Authentication Bypass in saml2-jsEcosystems: npm
Packages: saml2-js
Source: GitHub Advisory Database
Blast Radius: 23.4
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: node-weakauras-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2bXItNm04OS12Z2oz
Buffer Overflow in node-weakauras-parserEcosystems: npm
Packages: node-weakauras-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: vite
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: over 1 year ago
GSA_kwCzR0hTQS1tdjQ4LWhjdmgtOGpqOM4AAuGt
Vitejs Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's serviceEcosystems: npm
Packages: vite
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: mobiledoc-kit
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 1 year ago
GSA_kwCzR0hTQS1odzJwLXhxaHEtM21qZs4AAuYz
Cross site scripting in mobiledoc-kitEcosystems: npm
Packages: mobiledoc-kit
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: translate
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 2 months ago
GSA_kwCzR0hTQS04ODJqLTR2ajUtN3Ztas4AA6O1
Cache Poisoning VulnerabilityEcosystems: npm
Packages: translate
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 2 months ago
Moderate
Ecosystems: npm
Packages: strapi-plugin-ezforms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS04bWdxLTZyMnEtODJ3Oc4AAui5
Captcha Bypass in strapi-plugin-ezformsEcosystems: npm
Packages: strapi-plugin-ezforms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: postcss
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3ajktaDVtcC0zcG0z
Regular Expression Denial of Service in postcssEcosystems: npm
Packages: postcss
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: katex
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: about 2 months ago
GSA_kwCzR0hTQS1mOTh3LTdjeHItZmYyaM4AA6Ra
KaTeX's `\includegraphics` does not escape filenameEcosystems: npm
Packages: katex
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: about 2 months ago
Moderate
Ecosystems: npm
Packages: helmet-csp
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMzbTgteDNjZy1xbTJj
Configuration Override in helmet-cspEcosystems: npm
Packages: helmet-csp
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: 11 months ago
GSA_kwCzR0hTQS13cHJ2LTkzcjQtamoycM4AAz8m
OpenZeppelin Contracts using MerkleProof multiproofs may allow proving arbitrary leaves for specific treesEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: @scandipwa/magento-scripts
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUycXAtZ3d3aC1xcmc0
Missing Handler in @scandipwa/magento-scriptsEcosystems: npm
Packages: @scandipwa/magento-scripts
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: simple-markdown
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR4ZjktcGd2di14eDY3
Regular Expression Denial of Service in simple-markdownEcosystems: npm
Packages: simple-markdown
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: lemonldap-ng-handler
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg0NHgtcjg0dy04djY3
Lack of URL normalization may lead to authorization bypass when URL access rules are usedEcosystems: npm
Packages: lemonldap-ng-handler
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: tableexport.jquery.plugin
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: about 2 years ago
GSA_kwCzR0hTQS1qNjM2LWNycDMtbTU4NM053w
Cross-site Scripting in tableexport.jquery.pluginEcosystems: npm
Packages: tableexport.jquery.plugin
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: @shopify/koa-shopify-auth
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpxaDctdzVwci1jcjU2
Cross-site scripting in @shopify/koa-shopify-authEcosystems: npm
Packages: @shopify/koa-shopify-auth
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: tarteaucitronjs
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: 10 months ago
GSA_kwCzR0hTQS1mNDRtLTY1aDMtOTl2Y84AA0kQ
tarteaucitron.js vulnerable to Cross-site ScriptingEcosystems: npm
Packages: tarteaucitronjs
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: 10 months ago
Moderate
Ecosystems: npm
Packages: renovate
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM2cmgtZ2dwci1qM2dq
Renovate vulnerable to Azure DevOps token leakage in logsEcosystems: npm
Packages: renovate
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: mirador
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnd20tcHY5aC1xNW03
Potential XSS in jQuery dependency in MiradorEcosystems: npm
Packages: mirador
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 1 year ago
GSA_kwCzR0hTQS1wMmpoLTQ0cWotcGYyds4AAvz_
Exfiltration of hashed SMB credentials on Windows via file:// redirectEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: ckeditor-wordcount-plugin
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: 10 months ago
GSA_kwCzR0hTQS1xOXc0LXc2NjctcXFqNM4AA0if
ckeditor-wordcount-plugin vulnerable to Cross-site Scripting in Source Mode of EditorEcosystems: npm
Packages: ckeditor-wordcount-plugin
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: 10 months ago
Moderate
Ecosystems: npm
Packages: color-string
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI1N3Ytdmo0cC0zdzJo
Regular Expression Denial of Service (ReDOS)Ecosystems: npm
Packages: color-string
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: kibana
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ocDVmLXFxcnctYzhnas4AArHz
Kibana Sensitive Data DisclosureEcosystems: npm
Packages: kibana
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: webtorrent
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqaDQtZmN2My13aHBx
Cross-Site Scripting in webtorrentEcosystems: npm
Packages: webtorrent
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: grunt
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: about 2 years ago
GSA_kwCzR0hTQS1qMzgzLTM1cG0tYzVoNM06qQ
Path Traversal in GruntEcosystems: npm
Packages: grunt
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: base64url
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2ZzgtcHdxMi14ajdx
Out-of-bounds Read in base64urlEcosystems: npm
Packages: base64url
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @eivifj/dot
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdmd3EteGM1Ny1mcTd2
eivindfjeldstad-dot contains prototype pollution vulnerabilityEcosystems: npm
Packages: @eivifj/dot
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: about 2 years ago
GSA_kwCzR0hTQS1mOXdnLTVmNDYtY2ptd80_pg
NextAuth.js default redirect callback vulnerable to open redirectsEcosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: @evershop/evershop
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: 5 months ago
GSA_kwCzR0hTQS00d3JtLXFtcTItNWZqeM4AA3pc
Directory Traversal in evershopEcosystems: npm
Packages: @evershop/evershop
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: 5 months ago
Moderate
Ecosystems: npm
Packages: jsonpointer
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: over 2 years ago
GSA_kwCzR0hTQS0yODJmLXFxZ20tYzM0cc0W4w
Prototype Pollution in node-jsonpointerEcosystems: npm
Packages: jsonpointer
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: dojo
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA4MmctMnhwcC1tNXIz
Cross-Site Scripting in dojoEcosystems: npm
Packages: dojo
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @yaireo/tagify
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 2 years ago
GSA_kwCzR0hTQS1weHBmLXYzNzYtN3h4Nc1RKw
tagify can pass a malicious placeholder to initiate the cross-site scripting (XSS) payloadEcosystems: npm
Packages: @yaireo/tagify
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg1NnAtYzhjZy1xNDM1
Open Redirect in Next.js versionsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: vite
Source: GitHub Advisory Database
Blast Radius: 33.9
Published: 5 months ago
GSA_kwCzR0hTQS05MnIzLW0ybWctcGo5N84AA3lD
Vite XSS vulnerability in `server.transformIndexHtml` via URL payloadEcosystems: npm
Packages: vite
Source: GitHub Advisory Database
Blast Radius: 33.9
Published: 5 months ago
Moderate
Ecosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: about 1 year ago
GSA_kwCzR0hTQS01cDg0LW1taDktcHhncs4AAyhy
Pandao Editor.md vulnerable to cross-site scripting (XSS) in editor parameterEcosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: config-shield
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc4aDQtdnc4Zi1ydnZq
Improper Control of Dynamically-Managed Code Resources in config-shieldEcosystems: npm
Packages: config-shield
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: 10 months ago
GSA_kwCzR0hTQS1nZ2dtLTY2cmgtcHA5OM4AA046
Incorrect Permission Checking for GraphQL SubscriptionsEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: 10 months ago
Moderate
Ecosystems: npm
Packages: apollo-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS0ycDNjLXAzcXctNjlyNM4AAvS5
The graphql-upload library included in Apollo Server 2 is vulnerable to CSRF mutationsEcosystems: npm
Packages: apollo-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: angular-ui-notification
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 11 months ago
GSA_kwCzR0hTQS1tcmNqLTVxeHItdmhwMs4AA0Jz
angular-ui-notification Cross-site Scripting vulnerabilityEcosystems: npm
Packages: angular-ui-notification
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: @evershop/evershop
Source: GitHub Advisory Database
Blast Radius: 6.1
Published: 5 months ago
GSA_kwCzR0hTQS0yeGNqLTU1N2MtaGY4cs4AA3pd
Cross-site Scripting in evershopEcosystems: npm
Packages: @evershop/evershop
Source: GitHub Advisory Database
Blast Radius: 6.1
Published: 5 months ago
Moderate
Ecosystems: npm
Packages: cross-env.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3aHEtM2hyai12NnY1
cross-env.js is malwareEcosystems: npm
Packages: cross-env.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: easyquick
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThoNTUtNDlqbS03Mzl4
Directory Traversal in easyquickEcosystems: npm
Packages: easyquick
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: apostrophe
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5N2ctNG14Ny01cDJw
Open Redirect in apostropheEcosystems: npm
Packages: apostrophe
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: passport
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12OTIzLXczeDgtd2g2Oc4AAtEm
Passport vulnerable to session regeneration when a users logs in or outEcosystems: npm
Packages: passport
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: cyberchef
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpwNnIteGNqai01aDdy
Cross-Site Scripting in cyberchefEcosystems: npm
Packages: cyberchef
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: proxy.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFqNzMtdjY4OC13cXhm
Hijacked Environment Variables in proxy.jsEcosystems: npm
Packages: proxy.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: fastify-csrf
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJjNHEtOW02OS1ncXA4
Lack of protection against cookie tossing attacks in fastify-csrfEcosystems: npm
Packages: fastify-csrf
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: json-pointer
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 2 years ago
GSA_kwCzR0hTQS12NXZnLWc3cnEtMzYzd80W4Q
Prototype Pollution in json-pointerEcosystems: npm
Packages: json-pointer
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: @evershop/evershop
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: 5 months ago
GSA_kwCzR0hTQS03NDQzLTU5NjItd3A0cs4AA3pf
Directory Traversal in evershopEcosystems: npm
Packages: @evershop/evershop
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: 5 months ago
Moderate
Ecosystems: npm
Packages: nodemailer
Source: GitHub Advisory Database
Blast Radius: 33.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3cWYtZ2NxbS03MzUz
Header injection in nodemailerEcosystems: npm
Packages: nodemailer
Source: GitHub Advisory Database
Blast Radius: 33.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: matrix-react-sdk
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3OTYtZ2M5ai02M3J2
File upload local preview can run embedded scripts after user interactionEcosystems: npm
Packages: matrix-react-sdk
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: stellar-sdk
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZjZ2gtaGpwdy1xM2dx
Utils.readChallengeTx does not verify the server account signatureEcosystems: npm
Packages: stellar-sdk
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZqNTktZjZjMy0zdnc0
Command Injection in systeminformationEcosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: markdown-nice
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: over 1 year ago
GSA_kwCzR0hTQS00NjJyLXd4dm0tanZ4aM4AAus8
Markdown-Nice v1.8.22 vulnerable to Cross-site ScriptingEcosystems: npm
Packages: markdown-nice
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: anchorme
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0d3EtcnZtcS03N3g3
Cross-site scripting in anchormeEcosystems: npm
Packages: anchorme
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: snyk-broker
Source: GitHub Advisory Database
Blast Radius: 1.3
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ1aHctMjl4Ny05eDk1
Arbitrary File Read in Snyk BrokerEcosystems: npm
Packages: snyk-broker
Source: GitHub Advisory Database
Blast Radius: 1.3
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: dasafio
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh4ajMtNzI1OC13NHEy
Directory Traversal in dasafioEcosystems: npm
Packages: dasafio
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: hekto
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFtbTkteDVnci00Z2Zt
Open Redirect in hektoEcosystems: npm
Packages: hekto
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: jser-stat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3NHAtaDRnbS0zdzI2
Downloads Resources over HTTP in jser-statEcosystems: npm
Packages: jser-stat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: follow-redirects
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: 2 months ago
GSA_kwCzR0hTQS1jeGpoLXBxd3AtOG1mcM4AA6AJ
follow-redirects' Proxy-Authorization header kept across hostsEcosystems: npm
Packages: follow-redirects
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: 2 months ago
Moderate
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 25.5
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM4OGctandwZy14Nmo0
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 25.5
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: multi-ini
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3bXEtaDJyOS1yaDJt
Prototype pollution in multi-iniEcosystems: npm
Packages: multi-ini
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjNmctZ2dyYy1xcTRy
Cross-Site Scripting in sanitize-htmlEcosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: @backstage/plugin-catalog-backend, @backstage/catalog-model, @backstage/core-components
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: about 1 year ago
GSA_kwCzR0hTQS03aHY4LTNmcjktajJods4AAxo8
Cross site scripting Vulnerability in backstage Software CatalogEcosystems: npm
Packages: @backstage/plugin-catalog-backend, @backstage/catalog-model, @backstage/core-components
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: bootstrap
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNtZ3AtZng5My05eHY1
XSS vulnerability that affects bootstrapEcosystems: npm
Packages: bootstrap
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: remarkable
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM2bTQtNnY2bS00dnBy
Cross-site Scripting in remarkableEcosystems: npm
Packages: remarkable
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: m-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5OWctNnE2dy03djk0
m-server Vulnerable to Directory TraversalEcosystems: npm
Packages: m-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: almost 2 years ago
GSA_kwCzR0hTQS1xMm14LWo0eDItMmg3NM4AArBA
URL Redirection to Untrusted Site ('Open Redirect') in next-authEcosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: find-my-way
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpncmgtNW0zaC05YzVm
Web Cache Poisoning in find-my-wayEcosystems: npm
Packages: find-my-way
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: code-server
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 2 years ago
GSA_kwCzR0hTQS0yZ3AzLTZjOXAtanA3d83lKQ
Cross site scripting in code-serverEcosystems: npm
Packages: code-server
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: extend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFybWMtZmo0NS1xZmMy
Prototype Pollution in extendEcosystems: npm
Packages: extend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: jquery-file-upload
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: about 2 years ago
GSA_kwCzR0hTQS00M3g5LTdoZnYtbXhyZs0u_g
jQuery-Upload-File XSS in fileNameStrEcosystems: npm
Packages: jquery-file-upload
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: @strapi/database, @strapi/utils, @strapi/strapi
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 10 months ago
GSA_kwCzR0hTQS1jaG1yLXJnMmYtOWptZs4AA04b
Making all attributes on a content-type public without noticing itEcosystems: npm
Packages: @strapi/database, @strapi/utils, @strapi/strapi
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 10 months ago
Moderate
Ecosystems: npm
Packages: video.js
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBwN20tNmo4My1tN3I2
Cross-site Scripting in video.jsEcosystems: npm
Packages: video.js
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: @npmcli/git
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4d20teDU1My14MzU5
Arbitrary Command Injection due to Improper Command SanitizationEcosystems: npm
Packages: @npmcli/git
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Statistics
Advisories: 18,752
Packages: 8,375
Repositories: 1,401
Ecosystems: 12
Packages: 8,375
Repositories: 1,401
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
18
sequelize
16
next
15
swagger-ui
14
tinymce
14
ghost
14
strapi
13
joplin
13
ckeditor4
13
undici
12
vm2
12
nodebb
11
handlebars
11
marked
11
angular
11
nocodb
10
@evershop/evershop
9
serve
9
next-auth
9
TinyMCE
9
tinymce/tinymce
9
node-forge
8
urijs
8
jsrsasign
8
express-cart
8
editor.md
8
validator
8
npm
8
@strapi/strapi
8
url-parse
8
tar
8
steal
8
systeminformation
8
bootstrap
8
matrix-js-sdk
8
org.webjars.npm:jquery
8
jquery
8
jquery-rails
8
total.js
7
sanitize-html
7
uptime-kuma
7
jquery-ui
7
matrix-appservice-irc
7
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
snyk-broker
7
jQuery
7
shescape
7
lodash
7
matrix-react-sdk
7
hermes-engine
7
hapi
7
safe-eval
6
aaptjs
6
rsshub
6
parse-url
6
prismjs
5
lodash-es
5
total4
5
openpgp
5
public
5
ejs
5
mongoose
5
vite
5
dojo
5
sweetalert2
5
yarn
5
vditor
5
ua-parser-js
5
rendertron
5
@strapi/plugin-users-permissions
5
xlsx
5
keystone
5
safer-eval
4
muhammara
4
remarkable
4
ecstatic
4
axios
4
convert-svg-core
4
hummus
4
simple-git
4
engine.io
4
jsonwebtoken
4
realms-shim
4
ws
4
fastify
4
katex
4
dompurify
4
apostrophe
4
vega
4
auth0-js
4
materialize-css
4
@keystone-6/core
4
moment
4
mongo-express
4
valine
4
mermaid
4
auth0-lock
4
@backstage/plugin-scaffolder-backend
4
awsiotsdk
4
aws-iot-device-sdk-v2
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
apollo-server-core
4
meshcentral
4
glance
4
mysql2
4
generator-jhipster
4
follow-redirects
4
simple-markdown
4
qs
4
node-red-dashboard
3
notevil
3
org.webjars.npm:xlsx
3
object-path
3
loader-utils
3
ses
3
passport-wsfed-saml2
3
js-yaml
3
n8n
3
grunt
3
jspdf
3
locutus
3
codecov
3
jointjs
3
dns-sync
3
mysql
3
wrangler
3
yapi-vendor
3
@frangoteam/fuxa
3
ftp-srv
3
renovate
3
blamer
3
bootstrap
3
@ckeditor/ckeditor5-markdown-gfm
3
raneto
3
tough-cookie
3
froala-editor
3
highcharts
3
localhost-now
3
mixme
3
connect
3
jose
3
socket.io-file
3
fast-xml-parser
3
browserify-shim
3
slpjs
3
feathers-sequelize
3
protobufjs
3
http-live-simulator
3
uap-core
3
xmldom
3
m-server
3
keycloak-connect
3
@strapi/utils
3
@cubejs-backend/api-gateway
3
nodemailer
3
slp-validate
3
apollo-server
3
node-opcua
3
postcss
3
socket.io-parser
3
jquery-validation
3
@backstage/techdocs-common
3
node-ipc
3
mathjs
3
node-jose
3
parsel
3
@uppy/companion
3
nadesiko3
3
convict
3
dojox
3
simplehttpserver
3
fuxa-server
3
mxgraph
3
statics-server
3
stimulsoft-dashboards-js
3
express-fileupload
3
node-fetch
3
xdLocalStorage
3
@hapi/subtext
3
subtext
3
@apollo/server
3
json-pointer
3
immer
3
serialize-to-js
3
buttle
3
typeorm
3
lodash.defaultsdeep
3
@vrite/sdk
3
@commercial/subtext
3
json-ptr
3
@sveltejs/kit
3
snyk
3
@soketi/soketi
3
ids-enterprise
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/directus/directus
17
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/nodejs/undici
12
https://github.com/NodeBB/NodeBB
11
https://github.com/vercel/next.js
11
https://github.com/jquery/jquery
10
https://github.com/keystonejs/keystone
10
https://github.com/nextauthjs/next-auth
10
https://github.com/nocodb/nocodb
10
https://github.com/evershopcommerce/evershop
9
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/apollographql/apollo-server
8
https://github.com/pandao/editor.md
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/digitalbazaar/forge
8
https://github.com/twbs/bootstrap
7
https://github.com/unshiftio/url-parse
7
https://github.com/lodash/lodash
7
https://github.com/louislam/uptime-kuma
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/ericcornelissen/shescape
7
https://github.com/jquery/jquery-ui
6
https://github.com/eclipse-theia/theia
6
https://github.com/DIYgod/RSSHub
6
https://github.com/ionicabizau/parse-url
6
https://github.com/shenzhim/aaptjs
6
https://github.com/panva/jose
6
https://github.com/totaljs/framework
6
https://github.com/npm/node-tar
6
https://github.com/facebook/hermes
6
https://github.com/apostrophecms/sanitize-html
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/npm/cli
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/vitejs/vite
5
https://github.com/markedjs/marked
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/vega/vega
5
https://github.com/follow-redirects/follow-redirects
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/mrvautin/expressCart
4
https://github.com/npm/npm
4
https://github.com/steveukx/git-js
4
https://github.com/xCss/Valine
4
https://github.com/KaTeX/KaTeX
4
https://github.com/sidorares/node-mysql2
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/PrismJS/prism
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/axios/axios
4
https://github.com/yarnpkg/yarn
4
https://github.com/Dogfalo/materialize
4
https://github.com/hapijs/hapi
4
https://github.com/angular/angular.js
4
https://github.com/mde/ejs
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/medialize/uri.js
4
https://github.com/medialize/URI.js
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/balderdashy/sails
4
https://github.com/socketio/engine.io
4
https://github.com/fastify/fastify
4
https://github.com/auth0/lock
4
https://github.com/highcharts/highcharts
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/neocotic/convert-svg
3
https://github.com/hapijs/subtext
3
https://github.com/sveltejs/kit
3
https://github.com/libxmljs/libxmljs
3
https://github.com/nodejs/llhttp
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/beerpwn/CVE
3
https://github.com/node-opcua/node-opcua
3
https://github.com/immerjs/immer
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/transloadit/uppy
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/mermaid-js/mermaid
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/renovatebot/renovate
3
https://github.com/nasa/openmct
3
https://github.com/n8n-io/n8n
3
https://github.com/facebook/react
3
https://github.com/moment/moment
3
https://github.com/mongodb/js-bson
3
https://github.com/docsifyjs/docsify
3
https://github.com/dojo/dojo
3
https://github.com/dojo/dojox
3
https://github.com/mongo-express/mongo-express
3
https://github.com/mozilla/node-convict
3
https://github.com/dwisiswant0/advisory
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/nodemailer/nodemailer
3
https://github.com/soketi/soketi
3
https://github.com/socketio/socket.io-parser
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/Marak/colors.js
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/chjj/marked
3
https://github.com/cisco/node-jose
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/mariocasciaro/object-path
3
https://github.com/simpleledger/slpjs
3
https://github.com/clientIO/joint
3
https://github.com/gruntjs/grunt
3
https://github.com/cure53/DOMPurify
3
https://github.com/salesforce/tough-cookie
3
https://github.com/node-fetch/node-fetch
3
https://github.com/zeit/next.js
3
https://github.com/vriteio/vrite
3
https://github.com/webpack/loader-utils
3
https://github.com/jarofghosts/glance
3
https://github.com/typeorm/typeorm
3
https://github.com/adaltas/node-mixme
3
https://github.com/ua-parser/uap-core
3
https://github.com/websockets/ws
3
https://github.com/xmldom/xmldom
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/josdejong/mathjs
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/Automattic/mongoose
3
https://github.com/vanessa219/vditor
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/YMFE/yapi
3
https://github.com/shelljs/shelljs
2
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/mathjax/MathJax
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/codecov/codecov-node
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/vvakame/fs-git
2
https://github.com/peerigon/angular-expressions
2
https://github.com/ahdinosaur/set-in
2
https://github.com/peterbraden/node-opencv
2
https://github.com/jcubic/jquery.terminal
2
https://github.com/cronvel/tree-kit
2
https://github.com/mysqljs/mysql
2
https://github.com/cube-js/cube.js
2
https://github.com/adobe/css-tools
2
https://github.com/snyk/cli
2
https://github.com/Finastra/ssr-pages
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jonschlinkert/merge-deep
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/markdown-it/markdown-it
2
https://github.com/aFarkas/lazysizes
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/marudor/libxmljs2
2
https://github.com/jonschlinkert/set-value
2
https://github.com/vivaxy/here
2
https://github.com/jameswlane/status-board
2
https://github.com/endojs/endo
2
https://github.com/Agoric/realms-shim
2
https://github.com/jsuites/jsuites
2
https://github.com/webpack-contrib/webpack-bundle-analyzer
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/dfinity/agent-js
2