Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Critical
Ecosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0N2otaGM2eC1oM3Fx
Remote Code Execution Vulnerability in NPM mongo-expressEcosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: dotty
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1YzkteDlqNi04N3Fw
Prototype pollution in dottyEcosystems: npm
Packages: dotty
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @seal-security/mongoose-fixed
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1yYzR2LTk5Y3ItcGpjbc4AA2gY
Prototype Pollution in ali-security/mongooseEcosystems: npm
Packages: @seal-security/mongoose-fixed
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
Ecosystems: npm
Packages: baobab
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 1 year ago
GSA_kwCzR0hTQS13dnIyLXE4Nm0tNndocM4AAwzO
Baobab vulnerable to Prototype PollutionEcosystems: npm
Packages: baobab
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: deepref
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS03YzdnLTcycTctNHhobc0WbA
Prototype pollution vulnerability in 'deepref'Ecosystems: npm
Packages: deepref
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: libnested
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: over 2 years ago
GSA_kwCzR0hTQS0zcjl4LW1qcm0tMjcyNc0WaQ
Prototype pollution vulnerability in 'libnested'Ecosystems: npm
Packages: libnested
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: mx-nested-menu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4aHctMzdnNi0zZ3c0
Malicious Package in mx-nested-menuEcosystems: npm
Packages: mx-nested-menu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: https-proxy-agent
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThnN3AtNzRoOC1oZzQ4
Denial of Service in https-proxy-agentEcosystems: npm
Packages: https-proxy-agent
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: over 1 year ago
GSA_kwCzR0hTQS05dzVqLTRtd3YtMndqOM4AAxNC
Remote code execution in simple-gitEcosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: tree-kit
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: 9 months ago
GSA_kwCzR0hTQS01cDQyLW02ZjMtaHBtas4AA1Wh
tree-kit Prototype Pollution vulnerabilityEcosystems: npm
Packages: tree-kit
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: 9 months ago
Critical
Ecosystems: npm
Packages: pem
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnY3ItN3dtNC1tY3Y2
Sensitive Data Exposure in pemEcosystems: npm
Packages: pem
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: almost 5 years ago
Critical
Ecosystems: npm
Packages: awesome_react_utility
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0yNXEtZndnNC05djJw
Malicious Package in awesome_react_utilityEcosystems: npm
Packages: awesome_react_utility
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: another-date-range-picker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThyeGctOWc2Zi12cTlw
Malicious Package in another-date-range-pickerEcosystems: npm
Packages: another-date-range-picker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: cruddl
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xbTR3LTQ5OTUtdmc3Zs4AAu1l
cruddl vulnerable to ArangoDB Query Language (AQL) injection through flexSearchEcosystems: npm
Packages: cruddl
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: locutus
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5OG0tcTNoci1wNXdx
Prototype Pollution in locutusEcosystems: npm
Packages: locutus
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: xmlhttprequest-ssl, xmlhttprequest
Source: GitHub Advisory Database
Blast Radius: 59.1
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0ajUtYzdjai03NHhn
xmlhttprequest and xmlhttprequest-ssl vulnerable to Arbitrary Code InjectionEcosystems: npm
Packages: xmlhttprequest-ssl, xmlhttprequest
Source: GitHub Advisory Database
Blast Radius: 59.1
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: sequelize, @sequelize/core
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
GSA_kwCzR0hTQS1mNTk4LW1mcHYtZ21meM4AAxzf
Sequelize - Default support for “raw attributes” when using parenthesesEcosystems: npm
Packages: sequelize, @sequelize/core
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: pdfinfojs
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNweHAtNjk2My00NnI5
Command Injection in pdfinfojsEcosystems: npm
Packages: pdfinfojs
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: almost 6 years ago
Critical
Ecosystems: rubygems, npm
Packages: uglifier, uglify-js
Source: GitHub Advisory Database
Blast Radius: 119.3
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM0cjctcTQ5Zi1oMzdj
Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-jsEcosystems: rubygems, npm
Packages: uglifier, uglify-js
Source: GitHub Advisory Database
Blast Radius: 119.3
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: command-exists
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmZjQtcnJxNi1oNzh3
Command Injection in command-existsEcosystems: npm
Packages: command-exists
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Critical
Ecosystems: npm
Packages: logkitty
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY4djgtNjg1OS1xeG00
Arbitrary shell command execution in logkittyEcosystems: npm
Packages: logkitty
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: @asyncapi/modelina
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: over 2 years ago
GSA_kwCzR0hTQS00amcyLTg0YzItcGo5Nc0V7A
Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelinaEcosystems: npm
Packages: @asyncapi/modelina
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: libubx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03eHYtN3A5My1nNnE4
Malicious Package in libubxEcosystems: npm
Packages: libubx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: 6 months ago
GSA_kwCzR0hTQS03NXcyLXF2NTUteDdmds4AA3We
openssl npm package vulnerable to command executionEcosystems: npm
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: 6 months ago
Critical
Ecosystems: npm
Packages: ts-process-promises
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd3NGotYzJycS00N3E4
Command injection in ts-process-promisesEcosystems: npm
Packages: ts-process-promises
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: pitboss-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNncGMtdzIzYy13NTl3
Sandbox Breakout / Arbitrary Code Execution in pitboss-ngEcosystems: npm
Packages: pitboss-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: react-editable-json-tree
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 1 year ago
GSA_kwCzR0hTQS1qM3J2LXc0M3EtZjl4Ms4AAuFt
React Editable Json Tree vulnerable to arbitrary code execution via function parsingEcosystems: npm
Packages: react-editable-json-tree
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: total4
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: almost 2 years ago
GSA_kwCzR0hTQS12Mjg3LTl3M3YteDVjNc4AAh-W
Total.js CMS RCE VulnerabilityEcosystems: npm
Packages: total4
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: npm-dependency-versions
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1tN3hxLThqcDgtcmoyY807OQ
Command injection in npm-dependency-versionsEcosystems: npm
Packages: npm-dependency-versions
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: typed-rest-client
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: about 1 year ago
GSA_kwCzR0hTQS01NThwLW0zNG0tdnBtcc4AAy_o
Potential leak of authentication data to 3rd partiesEcosystems: npm
Packages: typed-rest-client
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
GSA_kwCzR0hTQS13cmg5LWNqdjMtMmhwd84AAxxu
Sequelize vulnerable to SQL Injection via replacementsEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: egg-scripts
Source: GitHub Advisory Database
Blast Radius: 32.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5ajMtd3FwaC01eHg5
Command Injection in egg-scriptsEcosystems: npm
Packages: egg-scripts
Source: GitHub Advisory Database
Blast Radius: 32.3
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: keyget
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04bXA4LTI4eGgtcjQ4Ns4AAmv-
keyget vulnerable to prototype pollutionEcosystems: npm
Packages: keyget
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: async-git
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZxcHItOW1jNS03Z2No
Command Injection in async-gitEcosystems: npm
Packages: async-git
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: loopback-connector-postgresql
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1qMjU5LTZjNTgtOW01OM4AAt8E
loopback-connector-postgresql Vulnerable to Improper Sanitization of `contains` FilterEcosystems: npm
Packages: loopback-connector-postgresql
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: an0n-chat-lib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd4Y3Ytd3ZyNy00aDZw
Malicious npm package: an0n-chat-libEcosystems: npm
Packages: an0n-chat-lib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: set-getter
Source: GitHub Advisory Database
Blast Radius: 48.1
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp2MzUteHFnNy1mOTJy
set-getter Prototype Pollution VulnerabilityEcosystems: npm
Packages: set-getter
Source: GitHub Advisory Database
Blast Radius: 48.1
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmcnYtOXBody12cnZy
Authorization bypass in StrapiEcosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: raneto
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
GSA_kwCzR0hTQS03OTQyLTJmeDgtcWhwZs4AAty-
Raneto v0.17.0 employs weak password complexity requirementsEcosystems: npm
Packages: raneto
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: get-npm-package-version
Source: GitHub Advisory Database
Blast Radius: 28.4
Published: almost 2 years ago
GSA_kwCzR0hTQS00aDY2LXZnaGYteGc1eM4AAtyP
get-npm-package-version Command Injection vulnerabilityEcosystems: npm
Packages: get-npm-package-version
Source: GitHub Advisory Database
Blast Radius: 28.4
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: irisnet-crypto
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 2 years ago
GSA_kwCzR0hTQS01Zmg4LXg5eGMtaHhtY83vAA
irisnet-crypto RCE VulnerabilityEcosystems: npm
Packages: irisnet-crypto
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: 1337qq-js
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd3Z2gtNXE0cS02d3g1
Malicious Package in 1337qq-jsEcosystems: npm
Packages: 1337qq-js
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: web3-eht
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI5ZmgteGNqci1wN3J4
Malicious Package in web3-ehtEcosystems: npm
Packages: web3-eht
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: spritesheet-js
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMzM3gtcXIzdi1nNHh4
Command injection in spritesheet-jsEcosystems: npm
Packages: spritesheet-js
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: xopen
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: almost 2 years ago
GSA_kwCzR0hTQS03NHdmLWN3amctOWNmMs4AAtpG
xopen is vulnerable to OS Command Injection in Exported Function xopen(filepath)Ecosystems: npm
Packages: xopen
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: mxgraph
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: about 2 years ago
GSA_kwCzR0hTQS13dnB2LTg1MjQtd2c2eM4AAXRX
mxGraph vulnerable to XXE attacksEcosystems: npm
Packages: mxgraph
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: flintcms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpocTMtNTd4aC02NjQz
Privilege Escalation due to Blind NoSQL Injection in flintcmsEcosystems: npm
Packages: flintcms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: mixin-deep
Source: GitHub Advisory Database
Blast Radius: 58.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoamYtODN3Zy1yMmo5
Prototype Pollution in mixin-deepEcosystems: npm
Packages: mixin-deep
Source: GitHub Advisory Database
Blast Radius: 58.7
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: we3b
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM2cjgtOXFxNy1taDQz
Malicious Package in we3bEcosystems: npm
Packages: we3b
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: singale
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyZmgtam12Mi0yZjl2
Malicious Package in singaleEcosystems: npm
Packages: singale
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: broccoli-compass
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 1 year ago
GSA_kwCzR0hTQS13cThmLXhtcTMtNXZxOc4AAy8R
Remote code execution in broccoli-compassEcosystems: npm
Packages: broccoli-compass
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: signqle
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03OTQtcXY1OS1najdj
Malicious Package in signqleEcosystems: npm
Packages: signqle
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: scryptys
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZyeGotNHFody01dndx
Malicious Package in scryptysEcosystems: npm
Packages: scryptys
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: sb58
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3NHIteHg0Yy1najd4
Malicious Package in sb58Ecosystems: npm
Packages: sb58
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: eslint-utils
Source: GitHub Advisory Database
Blast Radius: 62.9
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNneDcteGh2Ny01bXgz
Arbitrary Code Execution in eslint-utilsEcosystems: npm
Packages: eslint-utils
Source: GitHub Advisory Database
Blast Radius: 62.9
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: otp-generator
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: almost 2 years ago
GSA_kwCzR0hTQS02eDkzLWg5ZzMtOXBocs4AAtpB
otp-generator before v3.0.0 insecurely generates random one-time passwordsEcosystems: npm
Packages: otp-generator
Source: GitHub Advisory Database
Blast Radius: 30.5
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: ripedm160
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkyNzItNTl4Mi1nd2Yy
Malicious Package in ripedm160Ecosystems: npm
Packages: ripedm160
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: hellojs
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: 9 months ago
GSA_kwCzR0hTQS1nM3ZmLTQ3ZnYtOGYzY84AA1QP
MrSwitch hello.js vulnerable to prototype pollutionEcosystems: npm
Packages: hellojs
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: 9 months ago
Critical
Ecosystems: npm
Packages: path-to-regxep
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY3Z2MtNmhjai13YzQy
Malicious Package in path-to-regxepEcosystems: npm
Packages: path-to-regxep
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: hw-trnasport-u2f
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzNjMteDQyZi14cGg2
Malicious Package in hw-trnasport-u2fEcosystems: npm
Packages: hw-trnasport-u2f
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: hdeky
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI1NXItcGdocC1yNXdo
Malicious Package in hdekyEcosystems: npm
Packages: hdeky
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm, rubygems
Packages: handlebars, bootstrap-wysihtml5-rails
Source: GitHub Advisory Database
Blast Radius: 87.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0NTctNnE2eC1jZ3A5
Prototype Pollution in handlebarsEcosystems: npm, rubygems
Packages: handlebars, bootstrap-wysihtml5-rails
Source: GitHub Advisory Database
Blast Radius: 87.7
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: get-git-data
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdqNmgtN2Nody14NGgy
Command injection in get-git-dataEcosystems: npm
Packages: get-git-data
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: pulverizr
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZtZjUtajVqOS05OXBw
OS Command Injection in pulverizrEcosystems: npm
Packages: pulverizr
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: connie-lang
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2djMtanhtOC1mNHZm
Prototype Pollution in connie-langEcosystems: npm
Packages: connie-lang
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: over 2 years ago
GSA_kwCzR0hTQS13eDY5LXJ2ZzMteDdmY80YdQ
XSS via prototype pollution in NodeBBEcosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: ecruve
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZwZjItcHIzai00Y20z
Malicious Package in ecruveEcosystems: npm
Packages: ecruve
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 59.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2NWgtcWp4di01ZjQ0
Prototype Pollution in handlebarsEcosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 59.8
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: bqffer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB4cXAtbXY2Ny1nNTI4
Malicious Package in bqffer-xorEcosystems: npm
Packages: bqffer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: buffeb-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVnZ3gtZzI5NC1xajNx
Malicious Package in buffeb-xorEcosystems: npm
Packages: buffeb-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: heroku-addonpool
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNxOXgtdzUzcC1qZzUz
OS Command Injection in heroku-addonpoolEcosystems: npm
Packages: heroku-addonpool
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: steal
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 1 year ago
GSA_kwCzR0hTQS04ZjhnLTlqNzMtN3A4Ms4AAu0C
steal vulnerable to Prototype Pollution via optionName variableEcosystems: npm
Packages: steal
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: rrgod
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3N3AteHdwcC0zamY3
Malicious Package in rrgodEcosystems: npm
Packages: rrgod
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 60.6
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN3NXYtcDU0Yy1mNzR4
ejs is vulnerable to remote code execution due to weak input validationEcosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 60.6
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: merge-deep
Source: GitHub Advisory Database
Blast Radius: 58.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI2cmotOWNoNi1nMjY0
Prototype pollution in Merge-deepEcosystems: npm
Packages: merge-deep
Source: GitHub Advisory Database
Blast Radius: 58.5
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: buffer-8or
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRobTctNzNjaC12bTU5
Malicious Package in buffer-8orEcosystems: npm
Packages: buffer-8or
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: 10 months ago
GSA_kwCzR0hTQS05bTkzLXc4dzYtNzZoaM4AA0uj
Mongoose Prototype Pollution vulnerabilityEcosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: 10 months ago
Critical
Ecosystems: npm
Packages: buffer-xmr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzMjctZ2ZxNS04ZjRt
Malicious Package in buffer-xmrEcosystems: npm
Packages: buffer-xmr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: uploader-plugin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4NmYtZnBmdi01aG1j
Malicious Package in uploader-pluginEcosystems: npm
Packages: uploader-plugin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 53.9
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2ODctdnY5ai1oZ3Bo
Improper Input Validation in Automattic MongooseEcosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 53.9
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM3aHItajRtai1qMnc2
Verification Bypass in jsonwebtokenEcosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: underscore
Source: GitHub Advisory Database
Blast Radius: 57.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmNGgtM2poeC14dmhx
Arbitrary Code Execution in underscoreEcosystems: npm
Packages: underscore
Source: GitHub Advisory Database
Blast Radius: 57.5
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: asyync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJtN2MteDQyNC1nMm13
Malicious Package in asyyncEcosystems: npm
Packages: asyync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @lobehub/chat
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
GSA_kwCzR0hTQS1teGhxLXh3M2ctcnBoY84AA74V
lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerabilityEcosystems: npm
Packages: @lobehub/chat
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
GSA_kwCzR0hTQS14ajcyLXd2ZnYtODk4Nc4AAyu7
vm2 Sandbox Escape vulnerabilityEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 2 years ago
GSA_kwCzR0hTQS1wd203LXFyNmotM3ZqZ80h4Q
Prototype Pollution in realms-shimEcosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: buffer-yor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWcyYzQtNG02NC12eG0z
Malicious Package in buffer-yorEcosystems: npm
Packages: buffer-yor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: hs-sha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZtcnEtN3I3bS1oaDRw
Malicious Package in hs-sha3Ecosystems: npm
Packages: hs-sha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 2 years ago
GSA_kwCzR0hTQS1xNGo3LXYyN3ItZmdjeM0h4w
Prototype Pollution in realms-shimEcosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: console-io
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE1MmotNHEycS1oY2o2
Authentication Bypass in console-ioEcosystems: npm
Packages: console-io
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: open
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI4eGgtd3Bnci03Zm04
Command Injection in openEcosystems: npm
Packages: open
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Critical
Ecosystems: npm
Packages: wifey
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS14ajl2LTZxMmYtdnFoeM4AAw0A
wifey vulnerable to Command Injection due to improper input sanitizationEcosystems: npm
Packages: wifey
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM0MjctaGpjMy13cmZ3
Cross-site scripting in Swagger-UIEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo5eHAtOTJ2Yy01NTlq
SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI1OTgtMmY1OS1ybWhx
SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: replicator
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 1 year ago
GSA_kwCzR0hTQS1odzQ2LXZnNnctODhmas4AAwXM
replicator vulnerable to Deserialization of Untrusted DataEcosystems: npm
Packages: replicator
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: requesst
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZjMzctMnJ3NS05ajd4
Malicious Package in requesstEcosystems: npm
Packages: requesst
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: slpjs
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQyNWMtY2NmMy0zanJy
Critical severity vulnerability that affects slpjsEcosystems: npm
Packages: slpjs
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: npm-script-demo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMyMm0tcDM5ai1yNW0y
npm-script-demo is malwareEcosystems: npm
Packages: npm-script-demo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: node-bluetooth-serial-port
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS05amgzLTRwYzktaHEyOc4AAyAn
node-bluetooth-serial-port is vulnerable to Buffer Overflow via the findSerialPortChannelEcosystems: npm
Packages: node-bluetooth-serial-port
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
18
sequelize
16
next
15
swagger-ui
14
tinymce
14
ghost
14
strapi
13
joplin
13
ckeditor4
13
undici
12
vm2
12
nodebb
11
handlebars
11
marked
11
angular
11
nocodb
10
@evershop/evershop
9
serve
9
next-auth
9
TinyMCE
9
tinymce/tinymce
9
node-forge
8
urijs
8
jsrsasign
8
express-cart
8
editor.md
8
validator
8
npm
8
@strapi/strapi
8
url-parse
8
tar
8
steal
8
systeminformation
8
bootstrap
8
matrix-js-sdk
8
org.webjars.npm:jquery
8
jquery
8
jquery-rails
8
total.js
7
sanitize-html
7
uptime-kuma
7
jquery-ui
7
jquery-ui-rails
7
matrix-appservice-irc
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
snyk-broker
7
jQuery
7
shescape
7
lodash
7
matrix-react-sdk
7
hermes-engine
7
hapi
7
safe-eval
6
aaptjs
6
rsshub
6
parse-url
6
lodash-es
5
total4
5
openpgp
5
sweetalert2
5
public
5
ejs
5
prismjs
5
vite
5
mongoose
5
dojo
5
yarn
5
vditor
5
ua-parser-js
5
@strapi/plugin-users-permissions
5
rendertron
5
xlsx
5
keystone
5
safer-eval
4
muhammara
4
remarkable
4
convert-svg-core
4
axios
4
hummus
4
simple-git
4
engine.io
4
jsonwebtoken
4
realms-shim
4
ws
4
fastify
4
katex
4
dompurify
4
apostrophe
4
vega
4
auth0-js
4
@keystone-6/core
4
materialize-css
4
moment
4
mongo-express
4
valine
4
mermaid
4
auth0-lock
4
@backstage/plugin-scaffolder-backend
4
qs
4
ecstatic
4
simple-markdown
4
generator-jhipster
4
mysql2
4
meshcentral
4
aws-iot-device-sdk-v2
4
glance
4
apollo-server-core
4
awsiotsdk
4
follow-redirects
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
ses
3
loader-utils
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
notevil
3
object-path
3
passport-wsfed-saml2
3
js-yaml
3
grunt
3
jspdf
3
n8n
3
locutus
3
jointjs
3
codecov
3
feathers-sequelize
3
mysql
3
wrangler
3
yapi-vendor
3
@frangoteam/fuxa
3
ftp-srv
3
renovate
3
blamer
3
bootstrap
3
@ckeditor/ckeditor5-markdown-gfm
3
raneto
3
tough-cookie
3
froala-editor
3
highcharts
3
localhost-now
3
mixme
3
connect
3
jose
3
socket.io-file
3
fast-xml-parser
3
browserify-shim
3
slpjs
3
dns-sync
3
protobufjs
3
http-live-simulator
3
uap-core
3
xmldom
3
m-server
3
keycloak-connect
3
@strapi/utils
3
@cubejs-backend/api-gateway
3
nodemailer
3
slp-validate
3
apollo-server
3
node-opcua
3
postcss
3
jquery-validation
3
socket.io-parser
3
@backstage/techdocs-common
3
node-ipc
3
mathjs
3
node-jose
3
parsel
3
@uppy/companion
3
nadesiko3
3
convict
3
dojox
3
simplehttpserver
3
fuxa-server
3
mxgraph
3
statics-server
3
stimulsoft-dashboards-js
3
express-fileupload
3
node-fetch
3
xdLocalStorage
3
@hapi/subtext
3
subtext
3
@apollo/server
3
json-pointer
3
immer
3
serialize-to-js
3
buttle
3
typeorm
3
lodash.defaultsdeep
3
@vrite/sdk
3
@commercial/subtext
3
json-ptr
3
@sveltejs/kit
3
snyk
3
@soketi/soketi
3
ids-enterprise
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/directus/directus
17
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/nodejs/undici
12
https://github.com/NodeBB/NodeBB
11
https://github.com/vercel/next.js
11
https://github.com/jquery/jquery
10
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/nocodb/nocodb
10
https://github.com/evershopcommerce/evershop
9
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/apollographql/apollo-server
8
https://github.com/pandao/editor.md
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/digitalbazaar/forge
8
https://github.com/twbs/bootstrap
7
https://github.com/unshiftio/url-parse
7
https://github.com/lodash/lodash
7
https://github.com/louislam/uptime-kuma
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/ericcornelissen/shescape
7
https://github.com/jquery/jquery-ui
6
https://github.com/facebook/hermes
6
https://github.com/DIYgod/RSSHub
6
https://github.com/npm/node-tar
6
https://github.com/panva/jose
6
https://github.com/totaljs/framework
6
https://github.com/shenzhim/aaptjs
6
https://github.com/ionicabizau/parse-url
6
https://github.com/eclipse-theia/theia
6
https://github.com/vitejs/vite
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/markedjs/marked
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/npm/cli
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/vega/vega
5
https://github.com/follow-redirects/follow-redirects
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/xCss/Valine
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/mrvautin/expressCart
4
https://github.com/hapijs/hapi
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/PrismJS/prism
4
https://github.com/sidorares/node-mysql2
4
https://github.com/steveukx/git-js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/axios/axios
4
https://github.com/KaTeX/KaTeX
4
https://github.com/auth0/lock
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/socketio/engine.io
4
https://github.com/balderdashy/sails
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/yarnpkg/yarn
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/angular/angular.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/npm/npm
4
https://github.com/Dogfalo/materialize
4
https://github.com/nodejs/llhttp
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/highcharts/highcharts
3
https://github.com/neocotic/convert-svg
3
https://github.com/sveltejs/kit
3
https://github.com/node-fetch/node-fetch
3
https://github.com/libxmljs/libxmljs
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/beerpwn/CVE
3
https://github.com/immerjs/immer
3
https://github.com/node-opcua/node-opcua
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/transloadit/uppy
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/nodemailer/nodemailer
3
https://github.com/n8n-io/n8n
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/dwisiswant0/advisory
3
https://github.com/mozilla/node-convict
3
https://github.com/mongo-express/mongo-express
3
https://github.com/dojo/dojox
3
https://github.com/dojo/dojo
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/facebook/react
3
https://github.com/moment/moment
3
https://github.com/nasa/openmct
3
https://github.com/renovatebot/renovate
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/mermaid-js/mermaid
3
https://github.com/salesforce/tough-cookie
3
https://github.com/cure53/DOMPurify
3
https://github.com/gruntjs/grunt
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/clientIO/joint
3
https://github.com/simpleledger/slpjs
3
https://github.com/mariocasciaro/object-path
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/cisco/node-jose
3
https://github.com/chjj/marked
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/socketio/socket.io-parser
3
https://github.com/soketi/soketi
3
https://github.com/hapijs/subtext
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/webpack/loader-utils
3
https://github.com/ua-parser/uap-core
3
https://github.com/adaltas/node-mixme
3
https://github.com/typeorm/typeorm
3
https://github.com/zeit/next.js
3
https://github.com/websockets/ws
3
https://github.com/vriteio/vrite
3
https://github.com/xmldom/xmldom
3
https://github.com/jarofghosts/glance
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/Automattic/mongoose
3
https://github.com/vanessa219/vditor
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/jsuites/jsuites
2
https://github.com/mathjax/MathJax
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/jameswlane/status-board
2
https://github.com/shelljs/shelljs
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/vvakame/fs-git
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/peerigon/angular-expressions
2
https://github.com/peterbraden/node-opencv
2
https://github.com/ahdinosaur/set-in
2
https://github.com/josdejong/jsoneditor
2
https://github.com/cronvel/tree-kit
2
https://github.com/karma-runner/karma
2
https://github.com/snyk/cli
2
https://github.com/Finastra/ssr-pages
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/marudor/libxmljs2
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/jcubic/jquery.terminal
2
https://github.com/endojs/endo
2
https://github.com/vivaxy/here
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/mysqljs/mysql
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/dfinity/agent-js
2
https://github.com/mozilla/pdf.js
2