Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Critical
Ecosystems: npm
Packages: f-serv
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4NXctY3hjaC13d2M5
Path Traversal in f-servEcosystems: npm
Packages: f-serv
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @spscommerce/ds-react
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
GSA_kwCzR0hTQS1jZnhoLWZyeDQtOWdqZ84AA3yd
Cross-site Scripting in @spscommerce/ds-reactEcosystems: npm
Packages: @spscommerce/ds-react
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
High
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhxZzgtY3YzaC14cHB2
SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: npm
Packages: serverzyy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB4cTctNHBwdy1xcDdm
Directory Traversal in serverzyyEcosystems: npm
Packages: serverzyy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: d3-color
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zNmpyLW1oNGgtMmc1OM4AAvHL
d3-color vulnerable to ReDoSEcosystems: npm
Packages: d3-color
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: tinyserver2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc4d2YtcmNnMy1xdzRx
Directory Traversal in tinyserver2Ecosystems: npm
Packages: tinyserver2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
Ecosystems: npm
Packages: ikst
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXcyM2YtZjNjNS1yOXFo
ikst Downloads Resources over HTTPEcosystems: npm
Packages: ikst
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: shadowsock
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM2dmMtY3c2Mi1mcXZy
Shadowsock is malwareEcosystems: npm
Packages: shadowsock
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM2M2gtdmo2cS0zY21q
Rosetta-Flash JSONP Vulnerability in hapiEcosystems: npm
Packages: hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ3NHAtMzZqOS1ycmoz
Denial of Service in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: apollo-server-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS0yZnZ2LXF4cnEtN2pxNs4AAuFi
apollo-server-core vulnerable to URL-based XSS attack affecting IE11 on default landing pageEcosystems: npm
Packages: apollo-server-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: fs-path
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdjOTQtNnc4OS1ocHFy
Command Injection in fs-pathEcosystems: npm
Packages: fs-path
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: chatbyvista
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh3NzQtZzg0di1jNXc4
Directory Traversal in chatbyvistaEcosystems: npm
Packages: chatbyvista
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: personnummer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwZ2MtN2g3OC1neDhm
personnummer/js vulnerable to Improper Input ValidationEcosystems: npm
Packages: personnummer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: packagist, npm
Packages: datatables/datatables, datatables
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtdjQtZ21tZi1xMzgy
DataTable Vulnerable to Cross-Site ScriptingEcosystems: packagist, npm
Packages: datatables/datatables, datatables
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: mfrserver
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAycjItaDkyci13Mm1n
Directory Traversal in mfrserverEcosystems: npm
Packages: mfrserver
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: expo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1yd3g5LXdxajgtdnI3N84AAluo
Expo on iOS is insecure due incorrect security attribute applicationEcosystems: npm
Packages: expo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: npm
Packages: bionode-sra
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczNWMtcjR2Yy02Z205
Downloads Resources over HTTP in bionode-sraEcosystems: npm
Packages: bionode-sra
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: serve
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4Z2MtNWo5My01Y2Zx
Path Traversal in serveEcosystems: npm
Packages: serve
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmNTkteDQ5cC12OG1x
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS1oZnhoLXJqdjctMjM2Oc4AA3Xr
Uptime Kuma Authenticated remote code execution via TailscalePingEcosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
Ecosystems: npm
Packages: serve
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh3NzktaGh2Ni01Nzhj
Cross-Site Scripting in serveEcosystems: npm
Packages: serve
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: mx-nested-menu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4aHctMzdnNi0zZ3c0
Malicious Package in mx-nested-menuEcosystems: npm
Packages: mx-nested-menu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: libubx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03eHYtN3A5My1nNnE4
Malicious Package in libubxEcosystems: npm
Packages: libubx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: react-native-baidu-voice-synthesizer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThoajQtdzIzMy1nMzVx
Downloads Resources over HTTP in react-native-baidu-voice-synthesizerEcosystems: npm
Packages: react-native-baidu-voice-synthesizer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
Ecosystems: npm
Packages: uv-tj-demo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zNjItODdqYy1mMzl2
Directory Traversal in uv-tj-demoEcosystems: npm
Packages: uv-tj-demo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: bitty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1bWgtaHE2aC13aHh2
Directory Traversal in bittyEcosystems: npm
Packages: bitty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: jquey
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZmanItbTd2Ni1mcGc5
jquey is malwareEcosystems: npm
Packages: jquey
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
Ecosystems: npm
Packages: pm2-kafka
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd3dzQtYzNtai05M2Nm
Downloads Resources over HTTP in pm2-kafkaEcosystems: npm
Packages: pm2-kafka
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc3angtajc3bS13cDY1
Cross-site scripting vulnerability in TinyMCEEcosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: openframe-glslviewer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWcycGYtcWpnZi02Zncz
Downloads Resources over HTTP in openframe-glslviewerEcosystems: npm
Packages: openframe-glslviewer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: coa
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS03M3FyLXBmbXEtNnJwOM0W3w
Embedded malware in coaEcosystems: npm
Packages: coa
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: morris.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ3eDUtNWZxai1qdjk4
Cross-Site Scripting in morris.jsEcosystems: npm
Packages: morris.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: rc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1nMnE1LTU0MzMtcmhyZs0W4A
Embedded malware in rcEcosystems: npm
Packages: rc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: arcanist
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc3dzktdm01bS00OHE4
Downloads Resources over HTTP in arcanistEcosystems: npm
Packages: arcanist
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Low
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS13bXB2LWMyanAtajJ4Z80XOg
ERC1155Supply vulnerability in OpenZeppelin ContractsEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ2N3EtMnhxeC1mNHE1
Potential SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Low
Ecosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wZzk4LTZ2N2YtMnhmds4AAwBU
sweetalert2 v9.17.4 and above contains hidden functionalityEcosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: yui2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qamc5LW1mNjMtdnFycM4AAZ9F
Cross-site scripting in yui 2.4.0Ecosystems: npm
Packages: yui2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: npm
Packages: selenium-standalone-painful
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN4ODMtcDQ3Ni12djk1
Downloads Resources over HTTP in selenium-standalone-painfulEcosystems: npm
Packages: selenium-standalone-painful
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: @zhaoyao91/eval-in-vm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpwOTktNWg4dy1nbXhj
Sandbox Breakout / Arbitrary Code Execution in @zhaoyao91/eval-in-vmEcosystems: npm
Packages: @zhaoyao91/eval-in-vm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: nodewebkit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdjNmMtNXY5dy14bWh3
Downloads Resources over HTTP in nodewebkitEcosystems: npm
Packages: nodewebkit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: node-thulac
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0ydzktcm01OC1taG05
Downloads Resources over HTTP in node-thulacEcosystems: npm
Packages: node-thulac
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS05OXZjLXh3OGotcGhqbc4AA5M7
Ghost has possible Cross-site Scripting issueEcosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
High
Ecosystems: npm
Packages: scala-bin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN2djUtNDJ3ci1tMzJn
Downloads Resources over HTTP in scala-binEcosystems: npm
Packages: scala-bin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: cue-sdk-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAyaG0tODcyNS1jOHg4
Downloads Resources over HTTP in cue-sdk-nodeEcosystems: npm
Packages: cue-sdk-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Low
Ecosystems: npm
Packages: npm-user-validate
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhnaDYtODV4aC00Nzlw
Regular Expression Denial of Service in npm-user-validateEcosystems: npm
Packages: npm-user-validate
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: hexo-theme-anzhiyu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS04MmpmLThmMjQteHE5bc4AA5t8
hexo-theme-anzhiyu Cross-site Scripting vulnerabilityEcosystems: npm
Packages: hexo-theme-anzhiyu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
High
Ecosystems: npm
Packages: imageoptim
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tN2gtMzIzci05cDRn
Downloads Resources over HTTP in imageoptimEcosystems: npm
Packages: imageoptim
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: gmail-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM3cHAtZzJ2Mi0yNzY2
DOM-based XSS in gmail-jsEcosystems: npm
Packages: gmail-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: redis-srvr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozY3ItajlqeC1tZjRw
Downloads Resources over HTTP in redis-srvrEcosystems: npm
Packages: redis-srvr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: phantomjs-cheniu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXczNjQtOHZmdi1ndmY1
Downloads Resources over HTTP in phantomjs-cheniuEcosystems: npm
Packages: phantomjs-cheniu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: @cyyynthia/tokenize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qY2p4LWMzajMtNDRwcs0W8A
Insufficient Session Expiration in @cyyynthia/tokenizeEcosystems: npm
Packages: @cyyynthia/tokenize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
Ecosystems: npm
Packages: soci
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5cG0tNTV2cC0yanF3
Downloads Resources over HTTP in sociEcosystems: npm
Packages: soci
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: co-cli-installer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVybTMtcWh4Zi1yaDNy
Downloads Resources over HTTP in co-cli-installerEcosystems: npm
Packages: co-cli-installer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: fis-parser-sass-bin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVwcTgtMnEyNC1tajNw
Downloads Resources over HTTP in fis-parser-sass-binEcosystems: npm
Packages: fis-parser-sass-bin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: adamvr-geoip-lite
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgyanYtNXYzZi03bTdq
Downloads Resources over HTTP in adamvr-geoip-liteEcosystems: npm
Packages: adamvr-geoip-lite
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: @commercial/hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY2bXYteGg2OC1oNnYy
Denial of Service in @commercial/hapiEcosystems: npm
Packages: @commercial/hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdoeDgtMnJ4di02Nnh2
Denial of Service in hapiEcosystems: npm
Packages: hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: node-krb5
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2OXEtaG0ycC02OGM0
Spoofing attack due to unvalidated KDC in node-krb5Ecosystems: npm
Packages: node-krb5
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: unicode-json
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3NHIteHIzOC1obThq
Downloads Resources over HTTP in unicode-jsonEcosystems: npm
Packages: unicode-json
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: @hapi/subtext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN3cWgtaDQyci14OGZx
Denial of Service in @hapi/subtextEcosystems: npm
Packages: @hapi/subtext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: call
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg0ZnYtcHJyYy01Z2dy
Route Validation Bypass in callEcosystems: npm
Packages: call
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: json-logic-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05aHctN3hmdi13cWc3
Prototype Pollution in json-logic-jsEcosystems: npm
Packages: json-logic-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: @hapi/hoek
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIyaDctN3d3Zy1xbWdn
Prototype Pollution in @hapi/hoekEcosystems: npm
Packages: @hapi/hoek
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: react-native-document-picker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1wbWdtLWgzY2MtbTRoas4AA5Va
React Native Document Picker Directory Traversal vulnerabilityEcosystems: npm
Packages: react-native-document-picker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
Ecosystems: npm
Packages: traceroute
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJqdmotNjczcS00aGZ3
Command Injection in tracerouteEcosystems: npm
Packages: traceroute
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: atlasboard-atlassian-package
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI1djQtbWN4NC1oaDM1
Cross-Site Scripting in atlasboard-atlassian-packageEcosystems: npm
Packages: atlasboard-atlassian-package
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: meta-git
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFjZmYtZmZ4My1tMjVj
Command Injection in meta-gitEcosystems: npm
Packages: meta-git
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: nextcloud-vue-collections
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdodjYtcmo4NC0ydmgy
Cross-Site Scripting in nextcloud-vue-collectionsEcosystems: npm
Packages: nextcloud-vue-collections
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: gnuplot
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmd2MteGpmcC00NGpn
Command Injection in gnuplotEcosystems: npm
Packages: gnuplot
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: bin-links
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtajgtcGozai1oMzYy
Symlink reference outside of node_modules in bin-linksEcosystems: npm
Packages: bin-links
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: pouchdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNncXYteDVjeC14dnFo
Arbitrary Code Injection in pouchdbEcosystems: npm
Packages: pouchdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
Ecosystems: npm
Packages: operadriver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ3cnEtd21xZi04dmNj
Downloads Resources over HTTP in operadriverEcosystems: npm
Packages: operadriver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: extend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFybWMtZmo0NS1xZmMy
Prototype Pollution in extendEcosystems: npm
Packages: extend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: ecstatic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ3amMtcTlweC1yOXZx
Denial of Service in ecstaticEcosystems: npm
Packages: ecstatic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
Ecosystems: npm
Packages: apollo-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xbTd4LXJjNDQtcnJxd80W7A
Cross-site Scripting Vulnerability in GraphQL Playground (distributed by Apollo Server)Ecosystems: npm
Packages: apollo-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: dojo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM5Y3gteGN3ai0zcmM0
Cross-Site Scripting in dojoEcosystems: npm
Packages: dojo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: mystem-fix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozd2gtNW0yNi0ycGY3
Downloads Resources over HTTP in mystem-fixEcosystems: npm
Packages: mystem-fix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
Ecosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlwMnctcm14NC05bXc3
Command Injection in strapiEcosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: aerospike
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY1djMtOGpxZi12ZzI3
Downloads Resources over HTTP in aerospikeEcosystems: npm
Packages: aerospike
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: pidusage
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhmcTktcmZwdi1qOHI4
Command Injection in pidusageEcosystems: npm
Packages: pidusage
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: embedza
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1xN2ctNnJ2NC1wajk1
Downloads Resources over HTTP in embedzaEcosystems: npm
Packages: embedza
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: node-static
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS04cjRnLWNnNG0teDIzY80V8Q
Denial of Service in node-staticEcosystems: npm
Packages: node-static
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Low
Ecosystems: npm
Packages: @redocly/openapi-cli
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xMzI0LXE3OTUtMnE1cM0WfA
Path traversal when using `preview-docs` when working dir contains files with question mark `?` in nameEcosystems: npm
Packages: @redocly/openapi-cli
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmamgtcDNnNC0zcTJm
VBScript Content Injection in markedEcosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Low
Ecosystems: npm
Packages: tinymce
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5NmYtZmM3Yy05cjU1
Regex denial of service vulnerability in codesample pluginEcosystems: npm
Packages: tinymce
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: libyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03NWgtY2docS1jOGg1
Heap Based Buffer Overflow in libyamlEcosystems: npm
Packages: libyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: send
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh3ZzQtOTNjNi0zaDQy
Directory Traversal in sendEcosystems: npm
Packages: send
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: npm
Packages: qs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpqdjctcXB4My1oNjJx
Denial-of-Service Memory Exhaustion in qsEcosystems: npm
Packages: qs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: crumb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg0ZnEtNjYyNi13NWZn
CORS Token Disclosure in crumbEcosystems: npm
Packages: crumb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: bassmaster
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVqM2ctamZxMy03and4
Arbitrary JavaScript Execution in bassmasterEcosystems: npm
Packages: bassmaster
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
High
Ecosystems: npm
Packages: ssl-utils
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01NTJqLXB2MzktZjNqZs4AArV7
OS Command injection in ssl-utilsEcosystems: npm
Packages: ssl-utils
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: notevil
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlneHItcmh4Ni00amd2
Sandbox Breakout / Prototype Pollution in notevilEcosystems: npm
Packages: notevil
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: dns-sync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjdzgtcjl4bS0zMmM2
Command Injection in dns-syncEcosystems: npm
Packages: dns-sync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
Ecosystems: npm
Packages: unflatten
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZmaDUtOHdxOC13M3dy
Prototype Pollution in unflattenEcosystems: npm
Packages: unflatten
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: veval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0cW0tMzdxci13NXdx
Sandbox Breakout / Arbitrary Code Execution in vevalEcosystems: npm
Packages: veval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: lighter-vm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMzaHEtN214aC1tcXhm
Sandbox Breakout / Arbitrary Code Execution in lighter-vmEcosystems: npm
Packages: lighter-vm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: s3-uploader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1nd3AzLWY3bXItcXBmds4AArVg
OS Command Injection in s3-uploaderEcosystems: npm
Packages: s3-uploader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjNmctZ2dyYy1xcTRy
Cross-Site Scripting in sanitize-htmlEcosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Statistics
Advisories: 18,372
Packages: 8,294
Repositories: 1,394
Ecosystems: 12
Packages: 8,294
Repositories: 1,394
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
16
sequelize
16
ghost
14
tinymce
14
swagger-ui
14
next
13
joplin
13
strapi
13
ckeditor4
13
vm2
12
undici
12
handlebars
11
nodebb
11
angular
11
marked
11
@evershop/evershop
9
serve
9
tinymce/tinymce
9
TinyMCE
9
jquery
9
next-auth
9
org.webjars.npm:jquery
9
jquery-rails
9
matrix-js-sdk
8
tar
8
node-forge
8
systeminformation
8
steal
8
npm
8
jQuery
8
@strapi/strapi
8
bootstrap
8
validator
8
urijs
8
express-cart
8
editor.md
8
jsrsasign
8
url-parse
8
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
shescape
7
sanitize-html
7
matrix-appservice-irc
7
hapi
7
jquery-ui
7
nocodb
7
lodash
7
uptime-kuma
7
total.js
7
matrix-react-sdk
7
hermes-engine
7
snyk-broker
7
parse-url
6
safe-eval
6
rsshub
6
aaptjs
6
ua-parser-js
5
rendertron
5
vditor
5
keystone
5
sweetalert2
5
prismjs
5
dojo
5
openpgp
5
ejs
5
yarn
5
mongoose
5
public
5
xlsx
5
total4
5
vite
5
lodash-es
5
@strapi/plugin-users-permissions
5
mongo-express
4
vega
4
valine
4
glance
4
moment
4
apostrophe
4
dompurify
4
safer-eval
4
@keystone-6/core
4
@backstage/plugin-scaffolder-backend
4
meshcentral
4
simple-markdown
4
axios
4
hummus
4
muhammara
4
remarkable
4
katex
4
jsonwebtoken
4
qs
4
follow-redirects
4
ws
4
engine.io
4
materialize-css
4
convert-svg-core
4
apollo-server-core
4
realms-shim
4
fastify
4
ecstatic
4
auth0-lock
4
auth0-js
4
simple-git
4
mysql2
4
awsiotsdk
4
aws-iot-device-sdk-v2
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
generator-jhipster
4
mermaid
4
@strapi/utils
3
typeorm
3
keycloak-connect
3
xmldom
3
locutus
3
m-server
3
apollo-server
3
@cubejs-backend/api-gateway
3
code-server
3
@sequelize/core
3
nodemailer
3
mysql
3
postcss
3
wrangler
3
node-opcua
3
slp-validate
3
feathers-sequelize
3
jspdf
3
dns-sync
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
mathjs
3
grunt
3
passport-wsfed-saml2
3
codecov
3
jointjs
3
node-jose
3
node-ipc
3
js-yaml
3
loader-utils
3
@backstage/techdocs-common
3
jquery-validation
3
n8n
3
object-path
3
protobufjs
3
http-live-simulator
3
notevil
3
ses
3
uap-core
3
socket.io-parser
3
froala-editor
3
docsify
3
tough-cookie
3
raneto
3
jose-node-cjs-runtime
3
jose-node-esm-runtime
3
ids-enterprise
3
@materializecss/materialize
3
libxmljs
3
sails
3
parsel
3
@uppy/companion
3
@ckeditor/ckeditor5-markdown-gfm
3
nadesiko3
3
convict
3
bootstrap
3
dojox
3
blamer
3
simplehttpserver
3
buttle
3
slpjs
3
@commercial/subtext
3
serialize-to-js
3
lodash.defaultsdeep
3
browserify-shim
3
fast-xml-parser
3
socket.io-file
3
@vrite/sdk
3
jose
3
snyk
3
connect
3
mixme
3
@soketi/soketi
3
json-ptr
3
localhost-now
3
openmct
3
highcharts
3
@sveltejs/kit
3
fuxa-server
3
ftp-srv
3
xdLocalStorage
3
bin-links
3
node-fetch
3
@apollo/server
3
subtext
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/sequelize/sequelize
16
https://github.com/directus/directus
15
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/nodejs/undici
12
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/jquery/jquery
11
https://github.com/NodeBB/NodeBB
11
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/evershopcommerce/evershop
9
https://github.com/vercel/next.js
9
https://github.com/pandao/editor.md
8
https://github.com/digitalbazaar/forge
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/apollographql/apollo-server
8
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/nocodb/nocodb
7
https://github.com/unshiftio/url-parse
7
https://github.com/ericcornelissen/shescape
7
https://github.com/louislam/uptime-kuma
7
https://github.com/twbs/bootstrap
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/lodash/lodash
7
https://github.com/npm/node-tar
6
https://github.com/totaljs/framework
6
https://github.com/eclipse-theia/theia
6
https://github.com/DIYgod/RSSHub
6
https://github.com/facebook/hermes
6
https://github.com/jquery/jquery-ui
6
https://github.com/ionicabizau/parse-url
6
https://github.com/panva/jose
6
https://github.com/shenzhim/aaptjs
6
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/vitejs/vite
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/markedjs/marked
5
https://github.com/npm/cli
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/vega/vega
5
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/angular/angular.js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/sidorares/node-mysql2
4
https://github.com/npm/npm
4
https://github.com/steveukx/git-js
4
https://github.com/socketio/engine.io
4
https://github.com/KaTeX/KaTeX
4
https://github.com/axios/axios
4
https://github.com/PrismJS/prism
4
https://github.com/xCss/Valine
4
https://github.com/mrvautin/expressCart
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/follow-redirects/follow-redirects
4
https://github.com/balderdashy/sails
4
https://github.com/Dogfalo/materialize
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/auth0/lock
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/yarnpkg/yarn
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/hapijs/hapi
4
https://github.com/node-opcua/node-opcua
3
https://github.com/hapijs/subtext
3
https://github.com/transloadit/uppy
3
https://github.com/nodemailer/nodemailer
3
https://github.com/node-fetch/node-fetch
3
https://github.com/facebook/react
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/highcharts/highcharts
3
https://github.com/nodejs/llhttp
3
https://github.com/sveltejs/kit
3
https://github.com/immerjs/immer
3
https://github.com/beerpwn/CVE
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/libxmljs/libxmljs
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/renovatebot/renovate
3
https://github.com/moment/moment
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/dojo/dojo
3
https://github.com/dojo/dojox
3
https://github.com/mongo-express/mongo-express
3
https://github.com/mozilla/node-convict
3
https://github.com/dwisiswant0/advisory
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/n8n-io/n8n
3
https://github.com/nasa/openmct
3
https://github.com/neocotic/convert-svg
3
https://github.com/soketi/soketi
3
https://github.com/socketio/socket.io-parser
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/chjj/marked
3
https://github.com/cisco/node-jose
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/mariocasciaro/object-path
3
https://github.com/simpleledger/slpjs
3
https://github.com/clientIO/joint
3
https://github.com/gruntjs/grunt
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/cure53/DOMPurify
3
https://github.com/salesforce/tough-cookie
3
https://github.com/mermaid-js/mermaid
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/zeit/next.js
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/websockets/ws
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/webpack/loader-utils
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jarofghosts/glance
3
https://github.com/adaltas/node-mixme
3
https://github.com/ua-parser/uap-core
3
https://github.com/vriteio/vrite
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/vanessa219/vditor
3
https://github.com/Automattic/mongoose
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/xmldom/xmldom
3
https://github.com/typeorm/typeorm
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/shelljs/shelljs
2
https://github.com/mathjax/MathJax
2
https://github.com/jsuites/jsuites
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/vvakame/fs-git
2
https://github.com/peerigon/angular-expressions
2
https://github.com/ahdinosaur/set-in
2
https://github.com/peterbraden/node-opencv
2
https://github.com/josdejong/jsoneditor
2
https://github.com/mysqljs/mysql
2
https://github.com/cronvel/tree-kit
2
https://github.com/snyk/cli
2
https://github.com/karma-runner/karma
2
https://github.com/Finastra/ssr-pages
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/marudor/libxmljs2
2
https://github.com/vivaxy/here
2
https://github.com/endojs/endo
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/jameswlane/status-board
2
https://github.com/amitmerchant1990/electron-markdownify
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mozilla/nunjucks
2
https://github.com/dfinity/agent-js
2
https://github.com/mithunsatheesh/node-rules
2