Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: over 2 years ago
GSA_kwCzR0hTQS02cHcyLTVoanYtOXBmN80rFg
Sandbox bypass in vm2Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: over 2 years ago
Critical
Ecosystems: packagist, npm
Packages: appwrite/server-ce, litespeed.js
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 2 years ago
GSA_kwCzR0hTQS12OXA5LTUzNXctNDI4Nc0shg
Prototype Pollution in litespeed.js and appwrite/server-ceEcosystems: packagist, npm
Packages: appwrite/server-ce, litespeed.js
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: object-extend
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: about 2 years ago
GSA_kwCzR0hTQS1tNjM5LTl3aGctZnc5N80teA
Prototype Pollution in object-extendEcosystems: npm
Packages: object-extend
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: jc-sha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdmajYtcDI0Zy02aHBt
Malicious Package in jc-sha3Ecosystems: npm
Packages: jc-sha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: slp-validate
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3OTctNTd2Mi0zdzQ0
False-negative validation results in MINT transactions with invalid batonEcosystems: npm
Packages: slp-validate
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: curlrequest
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW04eGotNXY3My0zaGg4
curlrequest allows execution of arbitrary commandsEcosystems: npm
Packages: curlrequest
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: nemo-appium
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jNnJ4LWd4cXYtdnI1as4AAxTA
nemo-appium vulnerable to OS Command InjectionEcosystems: npm
Packages: nemo-appium
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: algoliasearch-helper
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: over 2 years ago
GSA_kwCzR0hTQS12cGY1LTgyYzgtOXYzNs0XwA
Prototype Pollution in algoliasearch-helperEcosystems: npm
Packages: algoliasearch-helper
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: npm-lockfile
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 2 years ago
GSA_kwCzR0hTQS1jcjZtLTYycHEtaG1xaM0wAQ
OS Command injection in npm-lockfileEcosystems: npm
Packages: npm-lockfile
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 2 years ago
GSA_kwCzR0hTQS1wNmg0LTkzcXAtamhjbc0yJA
Command injection in Parse Server through prototype pollutionEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4eHEtY2htcC02N2c0
RSA PKCS#1 decryption vulnerability with prepending zeros in jsrsasignEcosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: buffermxor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzNmYtMjY4Zi02Z3hj
Malicious Package in buffermxorEcosystems: npm
Packages: buffermxor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: set-in
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 2 years ago
GSA_kwCzR0hTQS02OTU2LTgzZmctNXdjNc0z-w
Prototype Pollution in set-inEcosystems: npm
Packages: set-in
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: conistring
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmYzUteDU4Zi04Njl3
Malicious Package in conistringEcosystems: npm
Packages: conistring
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: iie-viz
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpmNTUtcmdweC1wNnJ4
Malicious Package in iie-vizEcosystems: npm
Packages: iie-viz
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: hdkye
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThwd3gtajRyNi01djM4
Malicious Package in hdkyeEcosystems: npm
Packages: hdkye
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: constantinople
Source: GitHub Advisory Database
Blast Radius: 53.3
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2bW0tbWhjcS00eDlq
Sandbox Bypass Leading to Arbitrary Code Execution in constantinopleEcosystems: npm
Packages: constantinople
Source: GitHub Advisory Database
Blast Radius: 53.3
Published: almost 5 years ago
Critical
Ecosystems: npm
Packages: buffur-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA3cXAtM2ZoNy1wdjRw
Malicious Package in buffur-xorEcosystems: npm
Packages: buffur-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: localeval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tcXYtbTQ1aC1xMmhw
Sandbox Breakout / Arbitrary Code Execution in localevalEcosystems: npm
Packages: localeval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: mathjs
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB2OHgtcDlocS1qMzI4
Arbitrary Code Execution in mathjsEcosystems: npm
Packages: mathjs
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 2 years ago
GSA_kwCzR0hTQS1oZjJtLWo5OHItNGZxd80YdA
API token verification can be bypassed in NodeBBEcosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: hubot-scripts
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3Y2gtNzQ5Yy1ydjYz
Potential Command Injection in hubot-scriptsEcosystems: npm
Packages: hubot-scripts
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: set-or-get
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZydjQtNHF2Ni04OGcy
Prototype Pollution in set-or-getEcosystems: npm
Packages: set-or-get
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: flood
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI1ODctN2poMi00cXIz
Server secret was included in static assets and served to clientsEcosystems: npm
Packages: flood
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: cuffer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4bTQtcDZyMi1td3Jj
Malicious Package in cuffer-xorEcosystems: npm
Packages: cuffer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: jr-sha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3bXAtcGN2OS12dnE2
Malicious Package in jr-sha3Ecosystems: npm
Packages: jr-sha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: generator-jhipster-kotlin
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozcmgtOHZ3cS13aDg0
JHipster Kotlin using insecure source of randomness `RandomStringUtils` before v1.2.0Ecosystems: npm
Packages: generator-jhipster-kotlin
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: giting
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzeGotdjU3Ni0zY2gy
OS Command Injection in gitingEcosystems: npm
Packages: giting
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: tomato
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2eGMtZzJqeC1xajNw
API Admin Auth Weakness in tomatoEcosystems: npm
Packages: tomato
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: node-serialize
Source: GitHub Advisory Database
Blast Radius: 24.9
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0djctNHJody05aHFt
Code Execution through IIFE in node-serializeEcosystems: npm
Packages: node-serialize
Source: GitHub Advisory Database
Blast Radius: 24.9
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: hapi-auth-jwt2
Source: GitHub Advisory Database
Blast Radius: 30.1
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1nOHItOWc2ai1od3Y5
Authentication Bypass in hapi-auth-jwt2Ecosystems: npm
Packages: hapi-auth-jwt2
Source: GitHub Advisory Database
Blast Radius: 30.1
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: safe-obj
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdwZ2gtaG12NC1yM3Y1
Prototype pollution in safe-objEcosystems: npm
Packages: safe-obj
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: require-port
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJydm0tZ3FxOC1xMnd4
Malicious Package in require-portEcosystems: npm
Packages: require-port
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: djv
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRodjctM3EzOC05N204
Arbitrary code execution in djvEcosystems: npm
Packages: djv
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 2 years ago
GSA_kwCzR0hTQS01dnAzLXY0aGMtZ3g3Ns0VxA
UUPSUpgradeable vulnerability in @openzeppelin/contractsEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: ffmpegdotjs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYzOXItY3Btai13aGNn
Command Injection in ffmpegdotjsEcosystems: npm
Packages: ffmpegdotjs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: node-prompt-here
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY4ZmgtOHJnbS0yMjdo
OS Command Injection in node-prompt-hereEcosystems: npm
Packages: node-prompt-here
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: flatmap-stream
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl4NjQtNXI3eC0ycTUz
Malicious Package in flatmap-streamEcosystems: npm
Packages: flatmap-stream
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: zencashjs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmcmMtN21qMi01eGg5
Undefined Behavior in zencashjsEcosystems: npm
Packages: zencashjs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @tomphttp/bare-server-node
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: 2 months ago
GSA_kwCzR0hTQS04NmZjLWY5Z3ItdjUzM84AA5xc
HTTP Handling Vulnerability in the Bare serverEcosystems: npm
Packages: @tomphttp/bare-server-node
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: 2 months ago
Critical
Ecosystems: npm
Packages: erquest
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRwbWctamdtNS0zamc2
Malicious Package in erquestEcosystems: npm
Packages: erquest
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: Haraka
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc1bTgtNXY5bS14aHg1
Critical severity vulnerability that affects HarakaEcosystems: npm
Packages: Haraka
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: aaptjs
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: over 2 years ago
GSA_kwCzR0hTQS00Zzd4LTd2Z3EtM2oyOM0Wyg
Vulnerability in list function leads to arbitrary code execution via filePath parametersEcosystems: npm
Packages: aaptjs
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: just-extend
Source: GitHub Advisory Database
Blast Radius: 49.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3NW0tODVydy1qM3c0
Prototype Pollution in just-extendEcosystems: npm
Packages: just-extend
Source: GitHub Advisory Database
Blast Radius: 49.5
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: wifiscanner
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02cnctbTJ2OS03aHg0
OS Command Injection in wifiscannerEcosystems: npm
Packages: wifiscanner
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: marsdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVtcnItcmdwNi14NGdy
Command Injection in marsdbEcosystems: npm
Packages: marsdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @strapi/plugin-email, @strapi/plugin-users-permissions
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: about 1 year ago
GSA_kwCzR0hTQS0yaDg3LTRxMnctdjRoZs4AAy4o
Strapi plugins vulnerable to Server-Side Template Injection and Remote Code Execution in the Users-Permissions PluginEcosystems: npm
Packages: @strapi/plugin-email, @strapi/plugin-users-permissions
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: reqest
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnNXEtcmo2Mi1jNDNn
Malicious Package in reqestEcosystems: npm
Packages: reqest
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: aaptjs
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: over 2 years ago
GSA_kwCzR0hTQS1tN3AyLWdoZmgtcGp2eM0Wxg
Vulnerability in crunch function leads to arbitrary code execution via filePath parametersEcosystems: npm
Packages: aaptjs
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4YzItbWozOS1xNTk5
Strapi allows unauthenticated attacker to reset admin password without valid reset tokenEcosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: about 2 years ago
GSA_kwCzR0hTQS05cWdtLXc4N3EtaHg4Oc06zg
Unrestricted Upload of File with Dangerous Type in StrapiEcosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: node-windows
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: over 2 years ago
GSA_kwCzR0hTQS01M3h2LWMyaHgtNXc2cc0d_Q
Command Injection in node-windowsEcosystems: npm
Packages: node-windows
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 60.6
Published: about 2 years ago
GSA_kwCzR0hTQS1waHdxLWo5Nm0tMmMycc1A-A
ejs template injection vulnerabilityEcosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 60.6
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: arsenic-tabasco-cyborg-peanut-butter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI3NDItN2o0aC1oanI4
Malicious Package in arsenic-tabasco-cyborg-peanut-butterEcosystems: npm
Packages: arsenic-tabasco-cyborg-peanut-butter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: bowee
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdndmotNnY1Ny13amgz
Malicious Package in boweeEcosystems: npm
Packages: bowee
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: js-data
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 2 years ago
GSA_kwCzR0hTQS1jNmg0LWdjM2YtaGdqcc0eZw
Prototype Pollution in js-dataEcosystems: npm
Packages: js-data
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: github-todos
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS03OTJqLTl3ajMtajYzNM0Z9w
Command injection in github-todosEcosystems: npm
Packages: github-todos
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: chrome-launcher
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1ncDJqLW1nNHctMnJoNc4AAkmW
chrome-launcher subject to OS Command InjectionEcosystems: npm
Packages: chrome-launcher
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: payload
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 2 years ago
GSA_kwCzR0hTQS13OHhoLTkzcWgtMzV2d8068Q
Unrestricted Upload of File with Dangerous Type in PayloadEcosystems: npm
Packages: payload
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: monorepo-build
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01dnJjLTdqZnItNDY0Ms4AAtxv
monorepo-build Command Injection vulnerabilityEcosystems: npm
Packages: monorepo-build
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: @dfinity/auth-client, @dfinity/identity
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: 3 months ago
GSA_kwCzR0hTQS1jOXZ2LWZoZ3YtY2pjM84AA5aA
agent-js: Insecure Key Generation in `Ed25519KeyIdentity.generate`Ecosystems: npm
Packages: @dfinity/auth-client, @dfinity/identity
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: 3 months ago
Critical
Ecosystems: npm
Packages: tensorplow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0yZnAtYzc5aC1ycjc5
Malicious Package in tensorplowEcosystems: npm
Packages: tensorplow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: network-manager
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBoMzItMjNwOC05cnc1
Improper Input Validation in network-managerEcosystems: npm
Packages: network-manager
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: private-ip
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzY2gtMmg1NS0ydmo3
Server-Side Request Forgery in private-ipEcosystems: npm
Packages: private-ip
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: blueimp-file-upload
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRjajgtZzljcC12NXdy
Unrestricted Upload of File with Dangerous Type in blueimp-file-uploadEcosystems: npm
Packages: blueimp-file-upload
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: @keystone-6/core
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 1 year ago
GSA_kwCzR0hTQS0yNW14LTJteG0tNjM0M84AAvsH
@keystone-6/core's NODE_ENV defaults to development with esbuildEcosystems: npm
Packages: @keystone-6/core
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: simple-plist
Source: GitHub Advisory Database
Blast Radius: 54.0
Published: about 2 years ago
GSA_kwCzR0hTQS1nZmY3LWc1cjgtbWc4bc01GA
Prototype Pollution in simple-plistEcosystems: npm
Packages: simple-plist
Source: GitHub Advisory Database
Blast Radius: 54.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: bictoinjs-lib
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3aDMtZmhmNi03M3g5
Malicious Package in bictoinjs-libEcosystems: npm
Packages: bictoinjs-lib
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: apiconnect-cli-plugins
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5bTktNDhwdy02bXB2
apiconnect-cli-plugins vulnerable to OS Command InjectionEcosystems: npm
Packages: apiconnect-cli-plugins
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: ftp-srv
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp3MzctNWdxci1jZjlq
Server-Side Request Forgery in ftp-srvEcosystems: npm
Packages: ftp-srv
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: merge-options
Source: GitHub Advisory Database
Blast Radius: 47.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF3OTMtNDVyMy1wNjZw
Prototype Pollution in merge-optionsEcosystems: npm
Packages: merge-options
Source: GitHub Advisory Database
Blast Radius: 47.2
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: blingjs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhmYzYtNzl3di01aHB3
Malicious Package in blingjsEcosystems: npm
Packages: blingjs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 50.0
Published: 26 days ago
GSA_kwCzR0hTQS00cmNoLTJmaDgtOTR2d84AA7Pp
MySQL2 for Node Arbitrary Code InjectionEcosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 50.0
Published: 26 days ago
Critical
Ecosystems: npm
Packages: formio
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: almost 2 years ago
GSA_kwCzR0hTQS01MnZqLW1yMmotZjhqaM4AArVX
Server-Side Template Injection in formioEcosystems: npm
Packages: formio
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: over 2 years ago
GSA_kwCzR0hTQS03bWhjLXByZ3YtcjNxNM0j-w
Access of Resource Using Incompatible Type in HermesEcosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: just-safe-set
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYyNnctZ2N4aC12NHI3
Prototype polluation in just-safe-setEcosystems: npm
Packages: just-safe-set
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: metacalc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01Z2M0LWN4OXgtOWM0M84AArd5
Code Injection in metacalcEcosystems: npm
Packages: metacalc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: object-collider
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1ZzItMjltOC1xZjJw
Prototype Pollution Vulnerability in object-colliderEcosystems: npm
Packages: object-collider
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: create-choo-electron
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qOHdyLWZ3ZjItdnZyOc4AAxM9
Command Injection in create-choo-electronEcosystems: npm
Packages: create-choo-electron
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: sj-labc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRmcWctODljYy01cHY1
Malicious Package in sj-labcEcosystems: npm
Packages: sj-labc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: linux-cmdline
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0yYzI5LXdjNjUtNGN4Oc4AAlq3
linux-cmdline is vulnerable to Prototype Pollution via the constructorEcosystems: npm
Packages: linux-cmdline
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: grunt-karma
Source: GitHub Advisory Database
Blast Radius: 51.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oY2o0LXhmNngtNjN3as4AAvUC
Grunt-karma vulnerable to prototype pollutionEcosystems: npm
Packages: grunt-karma
Source: GitHub Advisory Database
Blast Radius: 51.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: vagrant.js
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS01NGp3LWpxcjktNmNqOc4AAxM2
Command injection in vagrant.jsEcosystems: npm
Packages: vagrant.js
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: geoheat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAzMmctMjQyYy03Nmgz
Malicious Package in geoheatEcosystems: npm
Packages: geoheat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: portionfatty12
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA4Zm0tdzc4Ny14Nngz
Malicious Package in portionfatty12Ecosystems: npm
Packages: portionfatty12
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: dojox
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg0Y20teDJxNS04MjI1
dojox vulnerable to unescaped string injectionEcosystems: npm
Packages: dojox
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: set-in
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFyNHAtYzl3ci1waHI2
Prototype pollution in set-inEcosystems: npm
Packages: set-in
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: ngx-pica
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2d2YtMnhjZi02d214
Malicious Package in ngx-picaEcosystems: npm
Packages: ngx-pica
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: joplin
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: over 2 years ago
GSA_kwCzR0hTQS04NDc4LTUzcHYtanh2bc0pvQ
Joplin Vulnerable to Code InjectionEcosystems: npm
Packages: joplin
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: promise-probe
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12bXFxLTdxdngtNjhxeM4AAjn8
promise-probe OS command injection vulnerabilityEcosystems: npm
Packages: promise-probe
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: gitlog
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3bW0tbTN3eC1qN2Zy
Command injection in gitlogEcosystems: npm
Packages: gitlog
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: @valtimo/components
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 6 days ago
GSA_kwCzR0hTQS14Y3A0LTYydmotY3Ezcs4AA74o
@valtimo/components exposes access token to form.ioEcosystems: npm
Packages: @valtimo/components
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 6 days ago
Critical
Ecosystems: npm
Packages: @ronomon/opened
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZnNXctdzk5Zi1yajZ3
Command Injection in @ronomon/openedEcosystems: npm
Packages: @ronomon/opened
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: gh-pages
Source: GitHub Advisory Database
Blast Radius: 53.7
Published: over 1 year ago
GSA_kwCzR0hTQS04bW1tLTl2MnEteDNmOc4AAvPk
tschaub gh-pages vulnerable to prototype pollutionEcosystems: npm
Packages: gh-pages
Source: GitHub Advisory Database
Blast Radius: 53.7
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: merge-object
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZwODItMmg5OS0zZnBw
Prototype Pollution in async merge-objectEcosystems: npm
Packages: merge-object
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: express-cart
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmYzUtOXg5bS12cWM0
Privilege Escalation in express-cartEcosystems: npm
Packages: express-cart
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 5 years ago
Critical
Ecosystems: npm
Packages: require-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqNmotNGgyYy1jNjVw
Arbitrary Code Execution in require-nodeEcosystems: npm
Packages: require-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZydzQtdzczci02bW04
TimelockController vulnerability in OpenZeppelin ContractsEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: browserify-shim
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
GSA_kwCzR0hTQS04NjZ3LXdtNGgtOTVjNs4AAvP-
thlorenz browserify-shim vulnerable to prototype pollutionEcosystems: npm
Packages: browserify-shim
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: whereis
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdqcjQtMmpndy1obXY4
Command Injection in whereisEcosystems: npm
Packages: whereis
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: almost 6 years ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
18
sequelize
16
next
15
swagger-ui
14
tinymce
14
ghost
14
strapi
13
joplin
13
ckeditor4
13
undici
12
vm2
12
nodebb
11
handlebars
11
marked
11
angular
11
nocodb
10
@evershop/evershop
9
serve
9
next-auth
9
TinyMCE
9
tinymce/tinymce
9
node-forge
8
urijs
8
jsrsasign
8
express-cart
8
editor.md
8
validator
8
npm
8
@strapi/strapi
8
url-parse
8
tar
8
steal
8
systeminformation
8
bootstrap
8
matrix-js-sdk
8
org.webjars.npm:jquery
8
jquery
8
jquery-rails
8
total.js
7
sanitize-html
7
uptime-kuma
7
jquery-ui
7
jquery-ui-rails
7
matrix-appservice-irc
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
snyk-broker
7
jQuery
7
shescape
7
lodash
7
matrix-react-sdk
7
hermes-engine
7
hapi
7
safe-eval
6
aaptjs
6
rsshub
6
parse-url
6
lodash-es
5
total4
5
openpgp
5
sweetalert2
5
public
5
ejs
5
prismjs
5
vite
5
mongoose
5
dojo
5
yarn
5
vditor
5
ua-parser-js
5
@strapi/plugin-users-permissions
5
rendertron
5
xlsx
5
keystone
5
safer-eval
4
muhammara
4
remarkable
4
convert-svg-core
4
axios
4
hummus
4
simple-git
4
engine.io
4
jsonwebtoken
4
realms-shim
4
ws
4
fastify
4
katex
4
dompurify
4
apostrophe
4
vega
4
auth0-js
4
@keystone-6/core
4
materialize-css
4
moment
4
mongo-express
4
valine
4
mermaid
4
auth0-lock
4
@backstage/plugin-scaffolder-backend
4
qs
4
ecstatic
4
simple-markdown
4
generator-jhipster
4
mysql2
4
meshcentral
4
aws-iot-device-sdk-v2
4
glance
4
apollo-server-core
4
awsiotsdk
4
follow-redirects
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
ses
3
loader-utils
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
notevil
3
object-path
3
passport-wsfed-saml2
3
js-yaml
3
grunt
3
jspdf
3
n8n
3
locutus
3
jointjs
3
codecov
3
feathers-sequelize
3
mysql
3
wrangler
3
yapi-vendor
3
@frangoteam/fuxa
3
ftp-srv
3
renovate
3
blamer
3
bootstrap
3
@ckeditor/ckeditor5-markdown-gfm
3
raneto
3
tough-cookie
3
froala-editor
3
highcharts
3
localhost-now
3
mixme
3
connect
3
jose
3
socket.io-file
3
fast-xml-parser
3
browserify-shim
3
slpjs
3
dns-sync
3
protobufjs
3
http-live-simulator
3
uap-core
3
xmldom
3
m-server
3
keycloak-connect
3
@strapi/utils
3
@cubejs-backend/api-gateway
3
nodemailer
3
slp-validate
3
apollo-server
3
node-opcua
3
postcss
3
jquery-validation
3
socket.io-parser
3
@backstage/techdocs-common
3
node-ipc
3
mathjs
3
node-jose
3
parsel
3
@uppy/companion
3
nadesiko3
3
convict
3
dojox
3
simplehttpserver
3
fuxa-server
3
mxgraph
3
statics-server
3
stimulsoft-dashboards-js
3
express-fileupload
3
node-fetch
3
xdLocalStorage
3
@hapi/subtext
3
subtext
3
@apollo/server
3
json-pointer
3
immer
3
serialize-to-js
3
buttle
3
typeorm
3
lodash.defaultsdeep
3
@vrite/sdk
3
@commercial/subtext
3
json-ptr
3
@sveltejs/kit
3
snyk
3
@soketi/soketi
3
ids-enterprise
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/directus/directus
17
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/nodejs/undici
12
https://github.com/NodeBB/NodeBB
11
https://github.com/vercel/next.js
11
https://github.com/jquery/jquery
10
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/nocodb/nocodb
10
https://github.com/evershopcommerce/evershop
9
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/apollographql/apollo-server
8
https://github.com/pandao/editor.md
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/digitalbazaar/forge
8
https://github.com/twbs/bootstrap
7
https://github.com/unshiftio/url-parse
7
https://github.com/lodash/lodash
7
https://github.com/louislam/uptime-kuma
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/ericcornelissen/shescape
7
https://github.com/jquery/jquery-ui
6
https://github.com/facebook/hermes
6
https://github.com/DIYgod/RSSHub
6
https://github.com/npm/node-tar
6
https://github.com/panva/jose
6
https://github.com/totaljs/framework
6
https://github.com/shenzhim/aaptjs
6
https://github.com/ionicabizau/parse-url
6
https://github.com/eclipse-theia/theia
6
https://github.com/vitejs/vite
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/markedjs/marked
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/npm/cli
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/vega/vega
5
https://github.com/follow-redirects/follow-redirects
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/xCss/Valine
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/mrvautin/expressCart
4
https://github.com/hapijs/hapi
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/PrismJS/prism
4
https://github.com/sidorares/node-mysql2
4
https://github.com/steveukx/git-js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/axios/axios
4
https://github.com/KaTeX/KaTeX
4
https://github.com/auth0/lock
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/socketio/engine.io
4
https://github.com/balderdashy/sails
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/yarnpkg/yarn
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/angular/angular.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/npm/npm
4
https://github.com/Dogfalo/materialize
4
https://github.com/nodejs/llhttp
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/highcharts/highcharts
3
https://github.com/neocotic/convert-svg
3
https://github.com/sveltejs/kit
3
https://github.com/node-fetch/node-fetch
3
https://github.com/libxmljs/libxmljs
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/beerpwn/CVE
3
https://github.com/immerjs/immer
3
https://github.com/node-opcua/node-opcua
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/transloadit/uppy
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/nodemailer/nodemailer
3
https://github.com/n8n-io/n8n
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/dwisiswant0/advisory
3
https://github.com/mozilla/node-convict
3
https://github.com/mongo-express/mongo-express
3
https://github.com/dojo/dojox
3
https://github.com/dojo/dojo
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/facebook/react
3
https://github.com/moment/moment
3
https://github.com/nasa/openmct
3
https://github.com/renovatebot/renovate
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/mermaid-js/mermaid
3
https://github.com/salesforce/tough-cookie
3
https://github.com/cure53/DOMPurify
3
https://github.com/gruntjs/grunt
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/clientIO/joint
3
https://github.com/simpleledger/slpjs
3
https://github.com/mariocasciaro/object-path
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/cisco/node-jose
3
https://github.com/chjj/marked
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/socketio/socket.io-parser
3
https://github.com/soketi/soketi
3
https://github.com/hapijs/subtext
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/webpack/loader-utils
3
https://github.com/ua-parser/uap-core
3
https://github.com/adaltas/node-mixme
3
https://github.com/typeorm/typeorm
3
https://github.com/zeit/next.js
3
https://github.com/websockets/ws
3
https://github.com/vriteio/vrite
3
https://github.com/xmldom/xmldom
3
https://github.com/jarofghosts/glance
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/Automattic/mongoose
3
https://github.com/vanessa219/vditor
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/jsuites/jsuites
2
https://github.com/mathjax/MathJax
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/jameswlane/status-board
2
https://github.com/shelljs/shelljs
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/vvakame/fs-git
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/peerigon/angular-expressions
2
https://github.com/peterbraden/node-opencv
2
https://github.com/ahdinosaur/set-in
2
https://github.com/josdejong/jsoneditor
2
https://github.com/cronvel/tree-kit
2
https://github.com/karma-runner/karma
2
https://github.com/snyk/cli
2
https://github.com/Finastra/ssr-pages
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/marudor/libxmljs2
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/jcubic/jquery.terminal
2
https://github.com/endojs/endo
2
https://github.com/vivaxy/here
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/mysqljs/mysql
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/dfinity/agent-js
2
https://github.com/mozilla/pdf.js
2