Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Moderate
Ecosystems: npm
Packages: tinymce
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2bTgtaGhnci1qY2pw
Cross-site scripting vulnerability in TinyMCEEcosystems: npm
Packages: tinymce
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: localeval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tcXYtbTQ1aC1xMmhw
Sandbox Breakout / Arbitrary Code Execution in localevalEcosystems: npm
Packages: localeval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: flood
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI1ODctN2poMi00cXIz
Server secret was included in static assets and served to clientsEcosystems: npm
Packages: flood
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS00NTdyLWNxYzgtOXZqOc4AAwBT
sweetalert2 v10.16.10 and above contains hidden functionalityEcosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: strapi-plugin-ezforms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS04bWdxLTZyMnEtODJ3Oc4AAui5
Captcha Bypass in strapi-plugin-ezformsEcosystems: npm
Packages: strapi-plugin-ezforms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: npm
Packages: moment-timezone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS01Nng0LWo3cDktZmNmOc4AAui0
Command Injection in moment-timezoneEcosystems: npm
Packages: moment-timezone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2ajgtM3YyaC1oMzh2
Remote Code Execution in nextEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @npmcli/git
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4d20teDU1My14MzU5
Arbitrary Command Injection due to Improper Command SanitizationEcosystems: npm
Packages: @npmcli/git
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
High
Ecosystems: npm
Packages: matrix-org-irc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS01MnJoLTVycGotYzN3Ns3jTw
Improper handling of multiline messages in node-ircEcosystems: npm
Packages: matrix-org-irc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: coffee-project
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmdjYtcTV4di1maHB3
Malicious Package in coffee-projectEcosystems: npm
Packages: coffee-project
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: xoc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0Y3ItZ3Y4dy04MzI0
Malicious Package in xocEcosystems: npm
Packages: xoc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: react-oauth-flow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY1bTktbTI1OS03anF3
Improper Authorization in react-oauth-flowEcosystems: npm
Packages: react-oauth-flow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: loopback
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcyNGMtNnZyZi05OXJx
Sensitive Data Exposure in loopbackEcosystems: npm
Packages: loopback
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: ngx-pica
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2d2YtMnhjZi02d214
Malicious Package in ngx-picaEcosystems: npm
Packages: ngx-pica
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: wxchangba
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo2djkteGd2aC1mNzk2
Command Injection in wxchangbaEcosystems: npm
Packages: wxchangba
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: seeftl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRnNDYtNWdyYy13cTQ5
Cross-Site Scripting in seeftlEcosystems: npm
Packages: seeftl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
Low
Ecosystems: npm
Packages: @keystone-6/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS01ZnA2LTR4dzMteHFxM84AAzyU
@keystone-6/core's bundled cuid package known to be insecureEcosystems: npm
Packages: @keystone-6/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: statics-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWoyN2otNHc2bS04ZmM0
Path Traversal in statics-serverEcosystems: npm
Packages: statics-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
Low
Ecosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
GSA_kwCzR0hTQS0yM3EyLTVnZjgtZ2pwcM4AA7NN
Enabling Authentication does not close all logged in socket connections immediatelyEcosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
Critical
Ecosystems: npm
Packages: require-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqNmotNGgyYy1jNjVw
Arbitrary Code Execution in require-nodeEcosystems: npm
Packages: require-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwOTMtZ2N4NS00dzUy
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: entitlements
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc4dnAtNmh2NC1tNjdj
Command Injection in entitlementsEcosystems: npm
Packages: entitlements
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: generator-jhipster
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS04dzd3LTY3bXctcjVwN84AAvLq
generator-jhipster vulnerable to login check Regular Expression Denial of ServiceEcosystems: npm
Packages: generator-jhipster
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: vp-toolkit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5NHctNDJnMy1mN2g0
Holder can (re)create authentic credentials after receiving a credential in vp-toolkitEcosystems: npm
Packages: vp-toolkit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
High
Ecosystems: npm
Packages: lodash.merge
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtOTYtOXc0ai13Z3Y3
Prototype Pollution in lodash.mergeEcosystems: npm
Packages: lodash.merge
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: domokeeper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyNjctNzhqci1qOTRw
Local File Inclusion in domokeeperEcosystems: npm
Packages: domokeeper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: json-ptr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJycXYtdmpydy1ocmNy
Arbitrary Code Execution in json-ptrEcosystems: npm
Packages: json-ptr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Low
Ecosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS1tcnI4LXY0OXctMzMzM84AA0iP
sweetalert2 v11.6.14 and above contains potentially undesirable behaviorEcosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Critical
Ecosystems: npm
Packages: pensi-scheduler
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo0Y2gtbXc2Ni14bXF2
Malicious Package in pensi-schedulerEcosystems: npm
Packages: pensi-scheduler
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNoNTItdmdxMi05NDNm
Regular Expression Denial of Service in markedEcosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: larvitbase-www
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg4aDktZmM2di1qY3c3
Unintended Require in larvitbase-wwwEcosystems: npm
Packages: larvitbase-www
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @wturyn/swagger-injector
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR4N3ctZnJjcS12NG0z
Path Traversal in @wturyn/swagger-injectorEcosystems: npm
Packages: @wturyn/swagger-injector
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: json-serializer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNoaDItcnZoZy13cXdy
Malicious Package in json-serializerEcosystems: npm
Packages: json-serializer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: notevil
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdyNWYtN3FyNC1wZjZx
Sandbox Breakout / Arbitrary Code Execution in notevilEcosystems: npm
Packages: notevil
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: ses
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS13aHB4LXEzcnEtdzhqY84AAve6
Hardening of TypedArrays with non-canonical numeric property names in SESEcosystems: npm
Packages: ses
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: uploader-plugin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4NmYtZnBmdi01aG1j
Malicious Package in uploader-pluginEcosystems: npm
Packages: uploader-plugin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: iie-viz
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpmNTUtcmdweC1wNnJ4
Malicious Package in iie-vizEcosystems: npm
Packages: iie-viz
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: @andrei-tatar/nora-firebase-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS1qamZmLXEzcTQtNWhoOM4AA7Lu
@andrei-tatar/nora-firebase-common Prototype Pollution vulnerabilityEcosystems: npm
Packages: @andrei-tatar/nora-firebase-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
High
Ecosystems: npm
Packages: get-setter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNoODItZ3FoNi05eGo5
Prototype Pollution in get-setterEcosystems: npm
Packages: get-setter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: bin-links
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdxZjYtNzV2OC12cjI2
Arbitrary File Write in bin-linksEcosystems: npm
Packages: bin-links
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: lazysizes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0dnAtM21xNy03djgy
Cross-Site Scripting in lazysizesEcosystems: npm
Packages: lazysizes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: passport-cognito
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2YzUtaHdxZy0zeDVx
Improper Authorization in passport-cognitoEcosystems: npm
Packages: passport-cognito
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: npm-git-publish
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ5bWctOTRmYy0yZng2
Command Injection in npm-git-publishEcosystems: npm
Packages: npm-git-publish
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: @hapi/ammo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqcGgteGY1cS02bWZx
Denial of Service in @hapi/ammoEcosystems: npm
Packages: @hapi/ammo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: vscode-npm-script
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1yODR2LXFmZjgtanY1Z84AAnsE
Remote code execution in vscode-npm-scriptEcosystems: npm
Packages: vscode-npm-script
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: npm
Packages: nes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNwd2gtNW1tYy1td3J4
Denial of Service in nesEcosystems: npm
Packages: nes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
Ecosystems: npm
Packages: @hapi/accept
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2cnctbTg4Zy13NzVx
Denial of Service in @hapi/acceptEcosystems: npm
Packages: @hapi/accept
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: subtext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4NTQtanZ4eC0yY2c5
Denial of Service in subtextEcosystems: npm
Packages: subtext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: @hapi/subtext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5Y2ctaDNqbS1jd3Jj
Prototype Pollution in @hapi/subtextEcosystems: npm
Packages: @hapi/subtext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNxcjctNzhwai0zZzdq
File Descriptor Leak Can Cause DoS Vulnerability in hapiEcosystems: npm
Packages: hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Low
Ecosystems: npm
Packages: derby
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS04Mmp2LTl3anctcHFoNs4AA7KU
Prototype pollution in emit functionEcosystems: npm
Packages: derby
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Low
Ecosystems: npm
Packages: express-fileupload
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEzdzktZzc0cS12cDVm
Denial of Service in express-fileuploadEcosystems: npm
Packages: express-fileupload
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3NnItaGo0NS1mdzdn
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: readthedocs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS05OHBmLWdmaDMteDNtcM4AAv0C
Read the Docs vulnerable to Cross-Site Scripting (XSS)Ecosystems: npm
Packages: readthedocs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI4aHAtZmdjci0ycjRo
Cross-Site Scripting via JSONPEcosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1MmctNmpoeC01ODZw
Denial of Service in handlebarsEcosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: sandbox
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdjMjUtM3ZjNS0yamY5
Sandbox Breakout / Arbitrary Code Execution in sandboxEcosystems: npm
Packages: sandbox
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: ids-enterprise
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ5cjMtM2g5Ni1yd2o2
Cross-Site Scripting in ids-enterpriseEcosystems: npm
Packages: ids-enterprise
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: ids-enterprise
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhwZnEtOHd4OC1jZ3F3
Cross-Site Scripting in ids-enterpriseEcosystems: npm
Packages: ids-enterprise
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Critical
Ecosystems: npm
Packages: sonatype
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc4ZmgtcHZxMi14OGM0
Malicious npm package: sonatypeEcosystems: npm
Packages: sonatype
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: jwt-simple
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2NWYtaHA3OC1qZ3hx
Signature Verification Bypass in jwt-simpleEcosystems: npm
Packages: jwt-simple
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: gun
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg4NnYtbW02cC00bTY2
High severity vulnerability that affects gunEcosystems: npm
Packages: gun
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEyYzYtYzZwbS1nM2do
Arbitrary Code Execution in handlebarsEcosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: concat-stream
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc3NHItZmZ2ci01cTlm
Memory Exposure in concat-streamEcosystems: npm
Packages: concat-stream
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: secure-compare
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5eDItNXJtNy14NGdt
Insecure Comparison in secure-compareEcosystems: npm
Packages: secure-compare
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: base64-url
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo0bXItOXh3My1jOWp4
Out-of-bounds Read in base64-urlEcosystems: npm
Packages: base64-url
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: terriajs-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA3MnAtcmpyMi1yNDM5
Server-Side Request Forgery in terriajs-serverEcosystems: npm
Packages: terriajs-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: bootstrap-select
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlyN2gtNjYzOS12NW13
Cross-Site Scripting in bootstrap-selectEcosystems: npm
Packages: bootstrap-select
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: reggae
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE5d3ItZ2NqYy1ocTUy
Prototype Pollution in reggaeEcosystems: npm
Packages: reggae
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: proxy.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFqNzMtdjY4OC13cXhm
Hijacked Environment Variables in proxy.jsEcosystems: npm
Packages: proxy.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
Ecosystems: npm
Packages: @keep-network/tbtc-v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS13ZzJ4LXJ2ODYtbW1weM4AA4lv
SPV Merkle proof malleability allows the maintainer to prove invalid transactionsEcosystems: npm
Packages: @keep-network/tbtc-v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Moderate
Ecosystems: npm
Packages: cross-env.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3aHEtM2hyai12NnY1
cross-env.js is malwareEcosystems: npm
Packages: cross-env.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: hooka-tools
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zNm0teDRjNS1yanhq
Silently Runs Cryptocoin Miner in hooka-toolsEcosystems: npm
Packages: hooka-tools
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: seneca
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4d3YtM2NjOS1mcDdj
Sensitive Data Exposure in senecaEcosystems: npm
Packages: seneca
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
High
Ecosystems: npm
Packages: ltt.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZxaDUtd3gzOC1xOTJn
Directory Traversal in ltt.jsEcosystems: npm
Packages: ltt.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: mrk.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhwcjUtd3A3Yy1oaDVx
Cross-Site Scripting in mrk.jsEcosystems: npm
Packages: mrk.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWczMzYtYzd3di04aHAz
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: serve
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdtN3EtcnhjaC00M214
Byass due to validation before canonicalization in serveEcosystems: npm
Packages: serve
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: pdfjs-dist
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 days ago
GSA_kwCzR0hTQS13Z3JtLTY3eGYtaGhwcc4AA7z7
PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDFEcosystems: npm
Packages: pdfjs-dist
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 days ago
Critical
Ecosystems: npm
Packages: oauth-validator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN4Y2YtNzhtci13cGc3
Malicious Package in oauth-validatorEcosystems: npm
Packages: oauth-validator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: rc-calendar-jhorst
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRjODctZ2cycS1mYzZt
Malicious Package in rc-calendar-jhorstEcosystems: npm
Packages: rc-calendar-jhorst
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: bignum
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
GSA_kwCzR0hTQS03Y2djLWZqdjQtNTJ4Ns4AAzdI
Malware in pre-build binaries of bignumEcosystems: npm
Packages: bignum
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
Moderate
Ecosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjNmctZ2dyYy1xcTRy
Cross-Site Scripting in sanitize-htmlEcosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
Ecosystems: npm
Packages: buttle
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdtMjktMzVjNy04Y2Z3
Cross-Site Scripting in buttleEcosystems: npm
Packages: buttle
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: base64url
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2ZzgtcHdxMi14ajdx
Out-of-bounds Read in base64urlEcosystems: npm
Packages: base64url
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: node-forge
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1nZjhxLWpycG0tanZ4cc0hQA
URL parsing in node-forge could lead to undesired behavior.Ecosystems: npm
Packages: node-forge
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
Ecosystems: npm
Packages: react-marked-markdown
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03cW0tcjJyNS1mNzdx
Cross-Site Scripting in react-marked-markdownEcosystems: npm
Packages: react-marked-markdown
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: express-cart
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThoOHYtNnFxbS1md3Bx
Path Traversal in express-cartEcosystems: npm
Packages: express-cart
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: njwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWczcXctOXBncC14cGo0
Out-of-bounds Read in njwtEcosystems: npm
Packages: njwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: ascii-art
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlocWotMzhqMi01amdt
Command Injection in ascii-artEcosystems: npm
Packages: ascii-art
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: libyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03NWgtY2docS1jOGg1
Heap Based Buffer Overflow in libyamlEcosystems: npm
Packages: libyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: samsung-remote
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhoangtbWZyNi05cnI0
Command Injection in samsung-remoteEcosystems: npm
Packages: samsung-remote
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: node-forge
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS13eGd3LXFqOTktNDRjMs0hQQ
Prototype Pollution in node-forge util.setPath APIEcosystems: npm
Packages: node-forge
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
Ecosystems: npm
Packages: buefy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh3cXctcmYycS14bWhm
Cross-Site Scripting in buefyEcosystems: npm
Packages: buefy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: pomelo-monitor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01Y2gtZ3g4Zy1yZzcz
Remote Code Execution in pomelo-monitorEcosystems: npm
Packages: pomelo-monitor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: office-converter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlwNjQtaDVxNC1waHBt
Remote Code Execution in office-converterEcosystems: npm
Packages: office-converter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: rails-session-decoder
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0dmYtOGZmbS12MnFo
Sensitive Data Exposure in rails-session-decoderEcosystems: npm
Packages: rails-session-decoder
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: pidusage
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhmcTktcmZwdi1qOHI4
Command Injection in pidusageEcosystems: npm
Packages: pidusage
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: merge-objects
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk5MmYtd2Y0dy14MzZ2
Prototype Pollution in merge-objectsEcosystems: npm
Packages: merge-objects
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: loopback-connector-mongodb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4d2MtNXZ3OS0ydzR3
NoSQL Injection in loopback-connector-mongodbEcosystems: npm
Packages: loopback-connector-mongodb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
18
sequelize
16
next
15
swagger-ui
14
tinymce
14
ghost
14
strapi
13
joplin
13
ckeditor4
13
undici
12
vm2
12
nodebb
11
handlebars
11
marked
11
angular
11
nocodb
10
@evershop/evershop
9
serve
9
next-auth
9
TinyMCE
9
tinymce/tinymce
9
node-forge
8
urijs
8
jsrsasign
8
express-cart
8
editor.md
8
validator
8
npm
8
@strapi/strapi
8
url-parse
8
tar
8
steal
8
systeminformation
8
bootstrap
8
matrix-js-sdk
8
org.webjars.npm:jquery
8
jquery
8
jquery-rails
8
total.js
7
sanitize-html
7
uptime-kuma
7
jquery-ui
7
jquery-ui-rails
7
matrix-appservice-irc
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
snyk-broker
7
jQuery
7
shescape
7
lodash
7
matrix-react-sdk
7
hermes-engine
7
hapi
7
safe-eval
6
aaptjs
6
rsshub
6
parse-url
6
lodash-es
5
total4
5
openpgp
5
sweetalert2
5
public
5
ejs
5
prismjs
5
vite
5
mongoose
5
dojo
5
yarn
5
vditor
5
ua-parser-js
5
@strapi/plugin-users-permissions
5
rendertron
5
xlsx
5
keystone
5
safer-eval
4
muhammara
4
remarkable
4
convert-svg-core
4
axios
4
hummus
4
simple-git
4
engine.io
4
jsonwebtoken
4
realms-shim
4
ws
4
fastify
4
katex
4
dompurify
4
apostrophe
4
vega
4
auth0-js
4
@keystone-6/core
4
materialize-css
4
moment
4
mongo-express
4
valine
4
mermaid
4
auth0-lock
4
@backstage/plugin-scaffolder-backend
4
qs
4
ecstatic
4
simple-markdown
4
generator-jhipster
4
mysql2
4
meshcentral
4
aws-iot-device-sdk-v2
4
glance
4
apollo-server-core
4
awsiotsdk
4
follow-redirects
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
ses
3
loader-utils
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
notevil
3
object-path
3
passport-wsfed-saml2
3
js-yaml
3
grunt
3
jspdf
3
n8n
3
locutus
3
jointjs
3
codecov
3
feathers-sequelize
3
mysql
3
wrangler
3
yapi-vendor
3
@frangoteam/fuxa
3
ftp-srv
3
renovate
3
blamer
3
bootstrap
3
@ckeditor/ckeditor5-markdown-gfm
3
raneto
3
tough-cookie
3
froala-editor
3
highcharts
3
localhost-now
3
mixme
3
connect
3
jose
3
socket.io-file
3
fast-xml-parser
3
browserify-shim
3
slpjs
3
dns-sync
3
protobufjs
3
http-live-simulator
3
uap-core
3
xmldom
3
m-server
3
keycloak-connect
3
@strapi/utils
3
@cubejs-backend/api-gateway
3
nodemailer
3
slp-validate
3
apollo-server
3
node-opcua
3
postcss
3
jquery-validation
3
socket.io-parser
3
@backstage/techdocs-common
3
node-ipc
3
mathjs
3
node-jose
3
parsel
3
@uppy/companion
3
nadesiko3
3
convict
3
dojox
3
simplehttpserver
3
fuxa-server
3
mxgraph
3
statics-server
3
stimulsoft-dashboards-js
3
express-fileupload
3
node-fetch
3
xdLocalStorage
3
@hapi/subtext
3
subtext
3
@apollo/server
3
json-pointer
3
immer
3
serialize-to-js
3
buttle
3
typeorm
3
lodash.defaultsdeep
3
@vrite/sdk
3
@commercial/subtext
3
json-ptr
3
@sveltejs/kit
3
snyk
3
@soketi/soketi
3
ids-enterprise
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/directus/directus
17
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/nodejs/undici
12
https://github.com/NodeBB/NodeBB
11
https://github.com/vercel/next.js
11
https://github.com/jquery/jquery
10
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/nocodb/nocodb
10
https://github.com/evershopcommerce/evershop
9
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/apollographql/apollo-server
8
https://github.com/pandao/editor.md
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/digitalbazaar/forge
8
https://github.com/twbs/bootstrap
7
https://github.com/unshiftio/url-parse
7
https://github.com/lodash/lodash
7
https://github.com/louislam/uptime-kuma
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/ericcornelissen/shescape
7
https://github.com/jquery/jquery-ui
6
https://github.com/facebook/hermes
6
https://github.com/DIYgod/RSSHub
6
https://github.com/npm/node-tar
6
https://github.com/panva/jose
6
https://github.com/totaljs/framework
6
https://github.com/shenzhim/aaptjs
6
https://github.com/ionicabizau/parse-url
6
https://github.com/eclipse-theia/theia
6
https://github.com/vitejs/vite
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/markedjs/marked
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/npm/cli
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/vega/vega
5
https://github.com/follow-redirects/follow-redirects
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/xCss/Valine
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/mrvautin/expressCart
4
https://github.com/hapijs/hapi
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/PrismJS/prism
4
https://github.com/sidorares/node-mysql2
4
https://github.com/steveukx/git-js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/axios/axios
4
https://github.com/KaTeX/KaTeX
4
https://github.com/auth0/lock
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/socketio/engine.io
4
https://github.com/balderdashy/sails
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/yarnpkg/yarn
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/angular/angular.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/npm/npm
4
https://github.com/Dogfalo/materialize
4
https://github.com/nodejs/llhttp
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/highcharts/highcharts
3
https://github.com/neocotic/convert-svg
3
https://github.com/sveltejs/kit
3
https://github.com/node-fetch/node-fetch
3
https://github.com/libxmljs/libxmljs
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/beerpwn/CVE
3
https://github.com/immerjs/immer
3
https://github.com/node-opcua/node-opcua
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/transloadit/uppy
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/nodemailer/nodemailer
3
https://github.com/n8n-io/n8n
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/dwisiswant0/advisory
3
https://github.com/mozilla/node-convict
3
https://github.com/mongo-express/mongo-express
3
https://github.com/dojo/dojox
3
https://github.com/dojo/dojo
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/facebook/react
3
https://github.com/moment/moment
3
https://github.com/nasa/openmct
3
https://github.com/renovatebot/renovate
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/mermaid-js/mermaid
3
https://github.com/salesforce/tough-cookie
3
https://github.com/cure53/DOMPurify
3
https://github.com/gruntjs/grunt
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/clientIO/joint
3
https://github.com/simpleledger/slpjs
3
https://github.com/mariocasciaro/object-path
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/cisco/node-jose
3
https://github.com/chjj/marked
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/socketio/socket.io-parser
3
https://github.com/soketi/soketi
3
https://github.com/hapijs/subtext
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/webpack/loader-utils
3
https://github.com/ua-parser/uap-core
3
https://github.com/adaltas/node-mixme
3
https://github.com/typeorm/typeorm
3
https://github.com/zeit/next.js
3
https://github.com/websockets/ws
3
https://github.com/vriteio/vrite
3
https://github.com/xmldom/xmldom
3
https://github.com/jarofghosts/glance
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/Automattic/mongoose
3
https://github.com/vanessa219/vditor
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/jsuites/jsuites
2
https://github.com/mathjax/MathJax
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/jameswlane/status-board
2
https://github.com/shelljs/shelljs
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/vvakame/fs-git
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/peerigon/angular-expressions
2
https://github.com/peterbraden/node-opencv
2
https://github.com/ahdinosaur/set-in
2
https://github.com/josdejong/jsoneditor
2
https://github.com/cronvel/tree-kit
2
https://github.com/karma-runner/karma
2
https://github.com/snyk/cli
2
https://github.com/Finastra/ssr-pages
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/marudor/libxmljs2
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/jcubic/jquery.terminal
2
https://github.com/endojs/endo
2
https://github.com/vivaxy/here
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/mysqljs/mysql
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/dfinity/agent-js
2
https://github.com/mozilla/pdf.js
2