Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
High
Ecosystems: npm
Packages: ids-enterprise
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyZngtNXBoZy1obXc5
Cross-Site Scripting in ids-enterpriseEcosystems: npm
Packages: ids-enterprise
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: npmconf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU3Y2YtMzQ5ai0zNTJn
Out-of-bounds Read in npmconfEcosystems: npm
Packages: npmconf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: servey
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2NDktNTRxcC1mdzQy
Path Traversal in serveyEcosystems: npm
Packages: servey
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: dot
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4NTktZ3BjNy00ajY2
Command Injection in dotEcosystems: npm
Packages: dot
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: typeorm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc3cTctdmpwOC03anY0
SQL Injection in typeormEcosystems: npm
Packages: typeorm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: ws
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY2NjMtYzk2My0yZ3Fn
DoS due to excessively large websocket message in wsEcosystems: npm
Packages: ws
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: statics-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc0Y3AtcXc3Zi03aHB3
Path Traversal in statics-serverEcosystems: npm
Packages: statics-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: macaca-chromedriver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2OWMtcXBoaC1nM3dt
Downloads Resources over HTTP in macaca-chromedriverEcosystems: npm
Packages: macaca-chromedriver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: byte
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhtN2YteDR3eC13bWd2
Out-of-bounds Read in byteEcosystems: npm
Packages: byte
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdmcDktdnI0ai1mNDlq
NoSQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: bl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdydzktbTc3OC1nNm1j
Memory Exposure in blEcosystems: npm
Packages: bl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: angular-http-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZtaHctZmhqNi1tM2c1
Path Traversal in angular-http-serverEcosystems: npm
Packages: angular-http-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: airtable
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpyajktNXFwNi0ydjhx
Machine-In-The-Middle in airtableEcosystems: npm
Packages: airtable
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: jikes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNwcDItcTY2eC1mcTQ0
Directory Traversal in jikesEcosystems: npm
Packages: jikes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
Ecosystems: npm
Packages: bracket-template
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpqNmctN2o4cC03Z2Yy
Cross-Site Scripting in bracket-templateEcosystems: npm
Packages: bracket-template
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: deep-setter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlxcmctaDlnOC1jNjVx
Prototype Pollution in deep-setterEcosystems: npm
Packages: deep-setter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: fs-git
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFyMzItajRqNi0zbTdy
Command Injection in fs-gitEcosystems: npm
Packages: fs-git
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: decompress-zip
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczdjgtdjZnNC12cnBt
Arbitrary File Overwrite in decompress-zipEcosystems: npm
Packages: decompress-zip
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: treekill
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzM3AtZzJocS1xcjI2
Command Injection in treekillEcosystems: npm
Packages: treekill
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: bin-links
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY0NW0tMndjcC1nZzk4
Global node_modules Binary Overwrite in bin-linksEcosystems: npm
Packages: bin-links
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: express-laravel-passport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2NnAtdzdxeC13djk4
Authentication Bypass in express-laravel-passportEcosystems: npm
Packages: express-laravel-passport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: giting
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdyOXgtaHI3Ni1qcjk2
Command Injection in gitingEcosystems: npm
Packages: giting
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: http-live-simulator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJoaHctcDhtZy1qcm02
Path Traversal in http-live-simulatorEcosystems: npm
Packages: http-live-simulator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: mongodb-query-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk3bWctM2NyNi0zeDRj
Remote Code Execution in mongodb-query-parserEcosystems: npm
Packages: mongodb-query-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: parsel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZqdnctd2Ntdy1wcjI2
Insufficient Entropy in parselEcosystems: npm
Packages: parsel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: parsel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE2NDMtdzlqcC1xMnFn
Hardcoded Initialization Vector in parselEcosystems: npm
Packages: parsel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: geoip-lite-country
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZmMjktZjU3dy0ybW0z
Downloads Resources over HTTP in geoip-lite-countryEcosystems: npm
Packages: geoip-lite-country
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: klona
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyOTctNzhnZi1xMjR2
Prototype Pollution in klonaEcosystems: npm
Packages: klona
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: parsel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdxZ3gtNHE0Ny1qMnc1
Insecure Cryptography Algorithm in parselEcosystems: npm
Packages: parsel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: marky-markdown
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB4bXAtZndqYy00eDdx
HTML Injection in marky-markdownEcosystems: npm
Packages: marky-markdown
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: sails
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFtdjQtamdwNy1tZjY4
Sails before 0.12.7 vulnerable to Broken CORSEcosystems: npm
Packages: sails
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: limbus-buildgen
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJqMzgtODdmMy05M3A2
Downloads Resources over HTTP in limbus-buildgenEcosystems: npm
Packages: limbus-buildgen
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: js-given
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJxd2gtYzUzNS1qOWh3
Downloads Resources over HTTP in js-givenEcosystems: npm
Packages: js-given
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: restafary
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhnNXItOGo5Ny0yd3Jq
Directory Traversal in restafaryEcosystems: npm
Packages: restafary
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: ammo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1nODUtOG12NS1mZmpy
Denial of Service in ammoEcosystems: npm
Packages: ammo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: droppy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJodmMteDMyaC01NTI2
No CSRF Validation in droppyEcosystems: npm
Packages: droppy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Low
Ecosystems: npm
Packages: type-graphql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmNjQtMmY5cC02cHFx
Information Exposure in type-graphqlEcosystems: npm
Packages: type-graphql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: subtext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc2NHEtM3ZnOC04Zjkz
Prototype Pollution in subtextEcosystems: npm
Packages: subtext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: ngx-md
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhyNTMtbTkzNy1qcjlj
Cross-Site Scripting in ngx-mdEcosystems: npm
Packages: ngx-md
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: @hapi/hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzdnctbWh2NS1ncnY1
Denial of Service in @hapi/hapiEcosystems: npm
Packages: @hapi/hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: @uppy/companion
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tN3ItMjY1dy1qdjZm
Server-Side Request Forgery in @uppy/companionEcosystems: npm
Packages: @uppy/companion
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: electron-packager
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0M20tZmZ3ci1ycGNj
SSL Validation Defaults to False in electron-packagerEcosystems: npm
Packages: electron-packager
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: utils-extend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZwcTMtOTI4cS14Nnc2
Prototype PollutionEcosystems: npm
Packages: utils-extend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: m-backdoor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ2NTItM21ycC00NTVt
Malicious Package in m-backdoorEcosystems: npm
Packages: m-backdoor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: cofeescript
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02d2gtbThtOC02eHg1
cofeescript is malwareEcosystems: npm
Packages: cofeescript
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
Ecosystems: npm
Packages: @sap-cloud-sdk/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIydnctamdxOS1qcXgy
Improper Authorization in @sap-cloud-sdk/coreEcosystems: npm
Packages: @sap-cloud-sdk/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: vditor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
GSA_kwCzR0hTQS1tNWpmLThjcm0tcjY1bc4AA7ve
Vditor allows Cross-site Scripting via an attribute of an `A` elementEcosystems: npm
Packages: vditor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 13 days ago
Moderate
Ecosystems: npm
Packages: shelljs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS02NGc3LW12dzYtdjlxas0jWA
Improper Privilege Management in shelljsEcosystems: npm
Packages: shelljs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: bestzip
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRxcWMtbXA1Zi1jY3Y0
Command Injection in bestzipEcosystems: npm
Packages: bestzip
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: htmr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY4cnEtbTI4aC04aHhq
Cross-Site Scripting in htmrEcosystems: npm
Packages: htmr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: scroool
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA3dzItbWM2bS1tZngy
Malicious Package in scrooolEcosystems: npm
Packages: scroool
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJjOGgtM2Z2Ni1weHY4
Denial of Service in hapiEcosystems: npm
Packages: hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: s3-url-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 15 days ago
GSA_kwCzR0hTQS1yNHE5LXh4NWctajI0cM4AA7es
s3-url-parser vulnerable to Denial of Service via regexes componentEcosystems: npm
Packages: s3-url-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 15 days ago
Critical
Ecosystems: npm
Packages: loadyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1mYzItOTNwci1qZjky
Malicious code in `loadyaml`Ecosystems: npm
Packages: loadyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: electorn
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM4aHgtMzU0Mi04Zmgz
Malicious code in `electorn`Ecosystems: npm
Packages: electorn
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: dictum.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo1amMtamY4Zi04NnE3
Malicious Package in dictum.jsEcosystems: npm
Packages: dictum.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: react-server-native
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ3dnAteDVnai03NzNq
Malicious Package in react-server-nativeEcosystems: npm
Packages: react-server-native
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: basti-cdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS1xNHBwLWozNmgtM2dxZ84AA1e3
Minimal `basti` IAM Policy Allows Shell AccessEcosystems: npm
Packages: basti-cdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
High
Ecosystems: npm
Packages: pk-app-wonderbox
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ3aHAtMmhxci02Zzcy
Downloads Resources over HTTP in pk-app-wonderboxEcosystems: npm
Packages: pk-app-wonderbox
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: priest-runner
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlweDktZjdqdy1md2hq
Command Injection in priest-runnerEcosystems: npm
Packages: priest-runner
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: markdown-link-extractor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tbWg2LW03djktNTk1Ns4AArVk
Regular expression denial of service in markdown-link-extractorEcosystems: npm
Packages: markdown-link-extractor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: npm
Packages: galenframework-cli
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg1cGgtNGZyNC1nN2Z3
Downloads Resources over HTTP in galenframework-cliEcosystems: npm
Packages: galenframework-cli
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: sapper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYzdnctNTg3Zy1yMjln
Path Traversal in sapperEcosystems: npm
Packages: sapper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: html-purify
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVwMjgtNjNtYy1jZ3I5
Cross-Site Scripting bypass in html-purifyEcosystems: npm
Packages: html-purify
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: css_transform_step
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyeDktNThtNy1ncjh3
Malicious Package in css_transform_stepEcosystems: npm
Packages: css_transform_step
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: airbrake
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1NngtY3AzcS00N3Zn
Insecure Default Configuration in airbrakeEcosystems: npm
Packages: airbrake
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: ecstatic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjODQtM2c0NC13ZjJx
Denial of Service in ecstaticEcosystems: npm
Packages: ecstatic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: aurelia-framework
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02ajItdjNncS00NXI1
Cross-site Scripting in aurelia-frameworkEcosystems: npm
Packages: aurelia-framework
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
Ecosystems: npm
Packages: typed-function
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNxaDQtcjg2ci1ncnZt
Arbitrary JavaScript Execution in typed-functionEcosystems: npm
Packages: typed-function
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: cocos-utils
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmZnAtbWM3OC13amY3
Command Injection in cocos-utilsEcosystems: npm
Packages: cocos-utils
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ3N2ctanE5bS0zcTl2
Unauthorized File Access in glanceEcosystems: npm
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: smart-extend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY4aDMtcnFybS00N3Y5
Prototype Pollution in smart-extendEcosystems: npm
Packages: smart-extend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: tree-kill
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg4NHAtNzRqaC14cmcy
Command Injection in tree-killEcosystems: npm
Packages: tree-kill
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnNTMtNTZjZy00bThx
Token verification bug in next-authEcosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: md-data-table
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhncjUtODJyYy1wOTM2
Cross-Site Scripting in md-data-tableEcosystems: npm
Packages: md-data-table
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: nobelprizeparser
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3djQtbWdmcS01OTh2
Code injection in nobelprizeparserEcosystems: npm
Packages: nobelprizeparser
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
Moderate
Ecosystems: maven, rubygems, nuget, npm
Packages: org.webjars.npm:jquery, jquery-rails, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS01Nzl2LW1wM3YtcnJ3Nc4AATnF
jQuery vulnerable to Cross-Site Scripting (XSS)Ecosystems: maven, rubygems, nuget, npm
Packages: org.webjars.npm:jquery, jquery-rails, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: nwmatcher
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYzOTQtNmg5aC1jZmpn
Regular Expression Denial of ServiceEcosystems: npm
Packages: nwmatcher
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
High
Ecosystems: npm
Packages: parsejson
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE3NWctMjQ5Ni1teHBw
Regular Expression Denial of Service in parsejsonEcosystems: npm
Packages: parsejson
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: nats
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBybWMtNXY1dy1jNDY1
Client TLS credentials sent raw to server in npm package natsEcosystems: npm
Packages: nats
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1mZmZnLWN3YzkteHZqN84AA5rI
mongo-express Cross-site Request Forgery vulnerabilityEcosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS05dng2LTd4eGYteDk2N84AA5qR
OpenZeppelin Contracts base64 encoding may read from potentially dirty memoryEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: npm
Packages: @floffah/build
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjZ3ItOTY5OC04Mmp4
Improper Neutralization of Special Elements used in a Command ('Command Injection') in @floffah/buildEcosystems: npm
Packages: @floffah/build
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Low
Ecosystems: npm
Packages: @apollo/server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS02OGpoLXJmNngtODM2Zs4AAz6F
@apollo/server vulnerable to unsafe application of Content Security Policy via reused noncesEcosystems: npm
Packages: @apollo/server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
High
Ecosystems: npm
Packages: @worker-tools/stripe-webhook
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRnNTMtdnA3cS1nZmp2
constructEvent does not verify headerEcosystems: npm
Packages: @worker-tools/stripe-webhook
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: npm
Packages: highcharts-export-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhmd3gtYzdxNi1nNTRj
Vulnerability allowing for reading internal HTTP resourcesEcosystems: npm
Packages: highcharts-export-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Low
Ecosystems: npm
Packages: fast-xml-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS1ncHY1LTd4M2ctZ2hqds4AAz4I
fast-xml-parser regex vulnerability patch could be improved from a safety perspectiveEcosystems: npm
Packages: fast-xml-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
High
Ecosystems: npm
Packages: @nguniversal/common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS1yM2hmLXE4cTctZnYycM4AA1LN
Angular critical CSS inlining Cross-site Scripting Vulnerability AdvisoryEcosystems: npm
Packages: @nguniversal/common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Moderate
Ecosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 18 days ago
GSA_kwCzR0hTQS1naHI1LWNoM3AtdmNyNs4AA7Xa
ejs lacks certain pollution protectionEcosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 18 days ago
Low
Ecosystems: npm
Packages: es5-ext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS00Z21qLTNwM2gtZ204aM4AA5gl
es5-ext vulnerable to Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`Ecosystems: npm
Packages: es5-ext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: diagram-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmdzQteGg4My0zajZx
Cross-Site Scripting in diagram-jsEcosystems: npm
Packages: diagram-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: product-monitor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgycjQtNHhnZi0zODY1
Downloads Resources over HTTP in product-monitorEcosystems: npm
Packages: product-monitor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: qs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5Y20tcDN3Ni14dnIz
Denial-of-Service Extended Event Loop Blocking in qsEcosystems: npm
Packages: qs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: grunt-gh-pages
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJyajMtcW1oOC03MnBm
grunt-gh-pages before 0.10.0 may allow unencrypted GitHub credentials to be written to a log fileEcosystems: npm
Packages: grunt-gh-pages
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: hubl-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg4bWMtNDJjMy1yNzJw
hubl-server downloads resources over HTTPEcosystems: npm
Packages: hubl-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: jekyll-for-github-projects
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo1cWctNDZwOS13MnJw
Malicious Package in jekyll-for-github-projectsEcosystems: npm
Packages: jekyll-for-github-projects
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: js-yaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4dnctNDVycC0zbWoy
Deserialization Code Execution in js-yamlEcosystems: npm
Packages: js-yaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Low
Ecosystems: npm
Packages: @node-red/runtime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zM3YtMzM4aC00djlm
Path traversal in Node-RedEcosystems: npm
Packages: @node-red/runtime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
High
Ecosystems: npm
Packages: mqtt-packet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWczcjItNjVnYy1xcHFj
Denial of Service in mqtt-packetEcosystems: npm
Packages: mqtt-packet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
High
Ecosystems: npm
Packages: @graphql-mesh/runtime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS1ycjR4LWNyaGYtODg4Ns4AA2X5
Cache variables with the operations when transforms exist on the root level even if variables change in the further requests with the same operationEcosystems: npm
Packages: @graphql-mesh/runtime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Statistics
Advisories: 18,745
Packages: 8,373
Repositories: 1,401
Ecosystems: 12
Packages: 8,373
Repositories: 1,401
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
18
sequelize
16
next
15
swagger-ui
14
tinymce
14
ghost
14
strapi
13
joplin
13
ckeditor4
13
undici
12
vm2
12
nodebb
11
handlebars
11
marked
11
angular
11
nocodb
10
@evershop/evershop
9
serve
9
next-auth
9
TinyMCE
9
tinymce/tinymce
9
node-forge
8
urijs
8
jsrsasign
8
express-cart
8
editor.md
8
validator
8
npm
8
@strapi/strapi
8
url-parse
8
tar
8
steal
8
systeminformation
8
bootstrap
8
matrix-js-sdk
8
org.webjars.npm:jquery
8
jquery
8
jquery-rails
8
total.js
7
sanitize-html
7
uptime-kuma
7
jquery-ui
7
matrix-appservice-irc
7
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
snyk-broker
7
jQuery
7
shescape
7
lodash
7
matrix-react-sdk
7
hermes-engine
7
hapi
7
safe-eval
6
aaptjs
6
rsshub
6
parse-url
6
prismjs
5
lodash-es
5
total4
5
openpgp
5
public
5
ejs
5
mongoose
5
vite
5
dojo
5
sweetalert2
5
yarn
5
vditor
5
ua-parser-js
5
rendertron
5
@strapi/plugin-users-permissions
5
xlsx
5
keystone
5
safer-eval
4
muhammara
4
remarkable
4
ecstatic
4
axios
4
convert-svg-core
4
hummus
4
simple-git
4
engine.io
4
jsonwebtoken
4
realms-shim
4
ws
4
fastify
4
katex
4
dompurify
4
apostrophe
4
vega
4
auth0-js
4
materialize-css
4
@keystone-6/core
4
moment
4
mongo-express
4
valine
4
mermaid
4
auth0-lock
4
@backstage/plugin-scaffolder-backend
4
awsiotsdk
4
aws-iot-device-sdk-v2
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
apollo-server-core
4
meshcentral
4
glance
4
mysql2
4
generator-jhipster
4
follow-redirects
4
simple-markdown
4
qs
4
node-red-dashboard
3
notevil
3
org.webjars.npm:xlsx
3
object-path
3
loader-utils
3
ses
3
passport-wsfed-saml2
3
js-yaml
3
n8n
3
grunt
3
jspdf
3
locutus
3
codecov
3
jointjs
3
dns-sync
3
mysql
3
wrangler
3
yapi-vendor
3
@frangoteam/fuxa
3
ftp-srv
3
renovate
3
blamer
3
bootstrap
3
@ckeditor/ckeditor5-markdown-gfm
3
raneto
3
tough-cookie
3
froala-editor
3
highcharts
3
localhost-now
3
mixme
3
connect
3
jose
3
socket.io-file
3
fast-xml-parser
3
browserify-shim
3
slpjs
3
feathers-sequelize
3
protobufjs
3
http-live-simulator
3
uap-core
3
xmldom
3
m-server
3
keycloak-connect
3
@strapi/utils
3
@cubejs-backend/api-gateway
3
nodemailer
3
slp-validate
3
apollo-server
3
node-opcua
3
postcss
3
socket.io-parser
3
jquery-validation
3
@backstage/techdocs-common
3
node-ipc
3
mathjs
3
node-jose
3
parsel
3
@uppy/companion
3
nadesiko3
3
convict
3
dojox
3
simplehttpserver
3
fuxa-server
3
mxgraph
3
statics-server
3
stimulsoft-dashboards-js
3
express-fileupload
3
node-fetch
3
xdLocalStorage
3
@hapi/subtext
3
subtext
3
@apollo/server
3
json-pointer
3
immer
3
serialize-to-js
3
buttle
3
typeorm
3
lodash.defaultsdeep
3
@vrite/sdk
3
@commercial/subtext
3
json-ptr
3
@sveltejs/kit
3
snyk
3
@soketi/soketi
3
ids-enterprise
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/directus/directus
17
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/nodejs/undici
12
https://github.com/NodeBB/NodeBB
11
https://github.com/vercel/next.js
11
https://github.com/jquery/jquery
10
https://github.com/keystonejs/keystone
10
https://github.com/nextauthjs/next-auth
10
https://github.com/nocodb/nocodb
10
https://github.com/evershopcommerce/evershop
9
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/apollographql/apollo-server
8
https://github.com/pandao/editor.md
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/digitalbazaar/forge
8
https://github.com/twbs/bootstrap
7
https://github.com/unshiftio/url-parse
7
https://github.com/lodash/lodash
7
https://github.com/louislam/uptime-kuma
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/ericcornelissen/shescape
7
https://github.com/jquery/jquery-ui
6
https://github.com/eclipse-theia/theia
6
https://github.com/DIYgod/RSSHub
6
https://github.com/ionicabizau/parse-url
6
https://github.com/shenzhim/aaptjs
6
https://github.com/panva/jose
6
https://github.com/totaljs/framework
6
https://github.com/npm/node-tar
6
https://github.com/facebook/hermes
6
https://github.com/apostrophecms/sanitize-html
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/npm/cli
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/vitejs/vite
5
https://github.com/markedjs/marked
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/vega/vega
5
https://github.com/follow-redirects/follow-redirects
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/mrvautin/expressCart
4
https://github.com/npm/npm
4
https://github.com/steveukx/git-js
4
https://github.com/xCss/Valine
4
https://github.com/KaTeX/KaTeX
4
https://github.com/sidorares/node-mysql2
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/PrismJS/prism
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/axios/axios
4
https://github.com/yarnpkg/yarn
4
https://github.com/Dogfalo/materialize
4
https://github.com/hapijs/hapi
4
https://github.com/angular/angular.js
4
https://github.com/mde/ejs
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/medialize/uri.js
4
https://github.com/medialize/URI.js
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/balderdashy/sails
4
https://github.com/socketio/engine.io
4
https://github.com/fastify/fastify
4
https://github.com/auth0/lock
4
https://github.com/highcharts/highcharts
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/neocotic/convert-svg
3
https://github.com/hapijs/subtext
3
https://github.com/sveltejs/kit
3
https://github.com/libxmljs/libxmljs
3
https://github.com/nodejs/llhttp
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/beerpwn/CVE
3
https://github.com/node-opcua/node-opcua
3
https://github.com/immerjs/immer
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/transloadit/uppy
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/mermaid-js/mermaid
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/renovatebot/renovate
3
https://github.com/nasa/openmct
3
https://github.com/n8n-io/n8n
3
https://github.com/facebook/react
3
https://github.com/moment/moment
3
https://github.com/mongodb/js-bson
3
https://github.com/docsifyjs/docsify
3
https://github.com/dojo/dojo
3
https://github.com/dojo/dojox
3
https://github.com/mongo-express/mongo-express
3
https://github.com/mozilla/node-convict
3
https://github.com/dwisiswant0/advisory
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/nodemailer/nodemailer
3
https://github.com/soketi/soketi
3
https://github.com/socketio/socket.io-parser
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/Marak/colors.js
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/chjj/marked
3
https://github.com/cisco/node-jose
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/mariocasciaro/object-path
3
https://github.com/simpleledger/slpjs
3
https://github.com/clientIO/joint
3
https://github.com/gruntjs/grunt
3
https://github.com/cure53/DOMPurify
3
https://github.com/salesforce/tough-cookie
3
https://github.com/node-fetch/node-fetch
3
https://github.com/zeit/next.js
3
https://github.com/vriteio/vrite
3
https://github.com/webpack/loader-utils
3
https://github.com/jarofghosts/glance
3
https://github.com/typeorm/typeorm
3
https://github.com/adaltas/node-mixme
3
https://github.com/ua-parser/uap-core
3
https://github.com/websockets/ws
3
https://github.com/xmldom/xmldom
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/josdejong/mathjs
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/Automattic/mongoose
3
https://github.com/vanessa219/vditor
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/YMFE/yapi
3
https://github.com/shelljs/shelljs
2
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/mathjax/MathJax
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/codecov/codecov-node
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/vvakame/fs-git
2
https://github.com/peerigon/angular-expressions
2
https://github.com/ahdinosaur/set-in
2
https://github.com/peterbraden/node-opencv
2
https://github.com/jcubic/jquery.terminal
2
https://github.com/cronvel/tree-kit
2
https://github.com/mysqljs/mysql
2
https://github.com/cube-js/cube.js
2
https://github.com/adobe/css-tools
2
https://github.com/snyk/cli
2
https://github.com/Finastra/ssr-pages
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jonschlinkert/merge-deep
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/markdown-it/markdown-it
2
https://github.com/aFarkas/lazysizes
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/marudor/libxmljs2
2
https://github.com/jonschlinkert/set-value
2
https://github.com/vivaxy/here
2
https://github.com/jameswlane/status-board
2
https://github.com/endojs/endo
2
https://github.com/Agoric/realms-shim
2
https://github.com/jsuites/jsuites
2
https://github.com/webpack-contrib/webpack-bundle-analyzer
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/dfinity/agent-js
2