Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
High
Ecosystems: npm
Packages: sharp
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: 6 months ago
GSA_kwCzR0hTQS01NHhxLWNncXItcnBtM84AA3N1
sharp vulnerability in libwebp dependency CVE-2023-4863Ecosystems: npm
Packages: sharp
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: lodash
Source: GitHub Advisory Database
Blast Radius: 40.9
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ2cXItMjd3ci04MmZt
Prototype Pollution in lodashEcosystems: npm
Packages: lodash
Source: GitHub Advisory Database
Blast Radius: 40.9
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: tough-cookie
Source: GitHub Advisory Database
Blast Radius: 40.6
Published: 11 months ago
GSA_kwCzR0hTQS03MnhmLWcydjQtcXZmM84AA0LC
tough-cookie Prototype Pollution vulnerabilityEcosystems: npm
Packages: tough-cookie
Source: GitHub Advisory Database
Blast Radius: 40.6
Published: 11 months ago
High
Ecosystems: npm
Packages: @grpc/grpc-js, grpc
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBwNzUteGZwdy0zN2c5
Prototype pollution in grpc and @grpc/grpc-jsEcosystems: npm
Packages: @grpc/grpc-js, grpc
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 3 years ago
High
Ecosystems: npm
Packages: node-uuid
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI2NXEtMjhycC1jaHE1
Insecure Entropy Source - Math.random() in node-uuidEcosystems: npm
Packages: node-uuid
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: browserify-shim
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
GSA_kwCzR0hTQS1jZmdyLTc1angtaDg4Z84AAvmz
thlorenz browserify-shim vulnerable to prototype pollutionEcosystems: npm
Packages: browserify-shim
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: browserify-shim
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
GSA_kwCzR0hTQS1yNzM3LTM0N20td3FjN84AAvlu
thlorenz browserify-shim vulnerable to prototype pollutionEcosystems: npm
Packages: browserify-shim
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: browserify-shim
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
GSA_kwCzR0hTQS04NjZ3LXdtNGgtOTVjNs4AAvP-
thlorenz browserify-shim vulnerable to prototype pollutionEcosystems: npm
Packages: browserify-shim
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 1 year ago
High
Ecosystems: npm
Packages: canvas
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczcmcteDY4My1tM3F3
Buffer overflow in canvasEcosystems: npm
Packages: canvas
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: about 3 years ago
High
Ecosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: about 2 years ago
GSA_kwCzR0hTQS0zZjk1LXI0NHYtOG1yZ80ySg
Command injection in simple-gitEcosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: about 2 years ago
High
Ecosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: over 1 year ago
GSA_kwCzR0hTQS05cDk1LWZ4dmctcWdxMs4AAwKh
simple-git vulnerable to Remote Code Execution when enabling the ext transport protocolEcosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: over 1 year ago
High
Ecosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: about 2 years ago
GSA_kwCzR0hTQS0yOHhyLW13eGctM3FjOM03tQ
Command injection in simple-gitEcosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: about 2 years ago
High
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh4d2ctd3Y3di00dnFw
Electron Vulnerable to Code Execution by Re-Enabling Node.js IntegrationEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: about 6 years ago
High
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: about 2 years ago
GSA_kwCzR0hTQS03ZnY5LW03OXItajl4OM4AAa1R
Electron vulnerable to remote command executionEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: about 2 years ago
High
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2OWMtcXdxZy1xajN2
Electron webPreferences vulnerability can be used to perform remote code executionEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: over 5 years ago
High
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: about 2 years ago
GSA_kwCzR0hTQS1waDM0LXBjODgtNzJnY84AATBa
Incorrect Permission Assignment for Critical Resource in NPMEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: about 2 years ago
High
Ecosystems: npm
Packages: prismjs
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: about 2 years ago
GSA_kwCzR0hTQS0zOTQ5LWY0OTQtY205Oc0uIQ
Cross-site Scripting in PrismEcosystems: npm
Packages: prismjs
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: serverless-offline
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5N2YtNTI1OC01NTkz
Incorrect Authorization in serverless-offlineEcosystems: npm
Packages: serverless-offline
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: over 2 years ago
High
Ecosystems: npm
Packages: pathval
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc2d3ctdjh4cC12bXdn
Prototype pollution in pathvalEcosystems: npm
Packages: pathval
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: over 2 years ago
High
Ecosystems: npm
Packages: msgpackr
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: 5 months ago
GSA_kwCzR0hTQS03aHBqLTdoaHgtMmZneM4AA4D7
msgpackr's conversion of property names to strings can trigger infinite recursionEcosystems: npm
Packages: msgpackr
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: 5 months ago
High
Ecosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14NGNmLTZqcjMtM3F2cM4AAmZY
Out-of-bounds Read in Facebook HermesEcosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: almost 2 years ago
High
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: about 1 year ago
GSA_kwCzR0hTQS05M2hxLTV3Z2MtamM4Ms4AAy45
GovernorCompatibilityBravo may trim proposal calldataEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: about 1 year ago
High
Ecosystems: npm
Packages: markdown-it
Source: GitHub Advisory Database
Blast Radius: 39.8
Published: over 1 year ago
GSA_kwCzR0hTQS1qNXA3LWpmNHEtNzQycc4AAwnP
markdown-it vulnerable to Inefficient Regular Expression ComplexityEcosystems: npm
Packages: markdown-it
Source: GitHub Advisory Database
Blast Radius: 39.8
Published: over 1 year ago
High
Ecosystems: npm
Packages: parse-url
Source: GitHub Advisory Database
Blast Radius: 39.8
Published: almost 2 years ago
GSA_kwCzR0hTQS00cDM1LWNmY3gtODY1M84AAtAW
Hostname confusion in parse-urlEcosystems: npm
Packages: parse-url
Source: GitHub Advisory Database
Blast Radius: 39.8
Published: almost 2 years ago
High
Ecosystems: npm
Packages: csv-parse
Source: GitHub Advisory Database
Blast Radius: 39.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4MmYtcDRwZy14Yzc0
Regular Expression Denial of Service in csv-parseEcosystems: npm
Packages: csv-parse
Source: GitHub Advisory Database
Blast Radius: 39.7
Published: over 4 years ago
High
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTljMnAtanc4cC1mODR2
SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: about 5 years ago
High
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3NzctMnZxOC1jNHY0
SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: about 5 years ago
High
Ecosystems: npm
Packages: chart.js
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2OHEtNTVqZi14Njh3
Prototype pollution in chart.jsEcosystems: npm
Packages: chart.js
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: about 3 years ago
High
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02Y3gtZzZxbS1wMmN4
Arbitrary File Write in npmEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 4 years ago
High
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzMjgtOGhnZi03d2py
npm Vulnerable to Global node_modules Binary OverwriteEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 4 years ago
High
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg4cWMtcnJjdy00cjQ2
npm symlink reference outside of node_modulesEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: elliptic
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI5cDktbXJqbS05MjZ3
Elliptic Uses a Broken or Risky Cryptographic AlgorithmEcosystems: npm
Packages: elliptic
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: about 3 years ago
High
Ecosystems: npm, pypi
Packages: nbdime-jupyterlab, nbdime
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 2 years ago
GSA_kwCzR0hTQS1wNnJ3LTQ0cTctM2Z3NM0W3A
Stored XSS in Jupyter nbdimeEcosystems: npm, pypi
Packages: nbdime-jupyterlab, nbdime
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: serve-index
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2MzMteDV2di1ocXdj
Cross-Site Scripting in serve-indexEcosystems: npm
Packages: serve-index
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 6 years ago
High
Ecosystems: npm
Packages: urijs
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2ajktN3hoYy1yaHdw
URIjs Hostname spoofing via backslashes in URLEcosystems: npm
Packages: urijs
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: engine.io
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: over 1 year ago
GSA_kwCzR0hTQS1yN3FwLWNmaHYtcDg0d84AAv_b
Uncaught exception in engine.ioEcosystems: npm
Packages: engine.io
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: engine.io
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: about 1 year ago
GSA_kwCzR0hTQS1xOW13LTY4YzItajZtNc4AAzEv
engine.io Uncaught Exception vulnerabilityEcosystems: npm
Packages: engine.io
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: node-forge
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: over 2 years ago
GSA_kwCzR0hTQS04ZnIzLWhmZzMtZ3BncM0hMQ
Open Redirect in node-forgeEcosystems: npm
Packages: node-forge
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: over 2 years ago
High
Ecosystems: npm
Packages: prismjs
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqNzctNTl3aC02Nmhn
Regular Expression Denial of Service (ReDoS) in PrismEcosystems: npm
Packages: prismjs
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: flatmap-stream
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl4NjQtNXI3eC0ycTUz
Malicious Package in flatmap-streamEcosystems: npm
Packages: flatmap-stream
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: sockjs
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhoOHYtam1oMy05NDM3
Cross-site scripting in SocksJS-nodeEcosystems: npm
Packages: sockjs
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: about 3 years ago
Moderate
Ecosystems: packagist, npm
Packages: drupal/drupal, drupal/core, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJneDYtcmpqNC1jMzg4
ckeditor4 vulnerable to cross-site scriptingEcosystems: packagist, npm
Packages: drupal/drupal, drupal/core, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: json-pointer
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
GSA_kwCzR0hTQS02eHJmLXE5NzctNXZnY84AAwmb
json-pointer vulnerable to Prototype PollutionEcosystems: npm
Packages: json-pointer
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
High
Ecosystems: npm
Packages: dustjs-linkedin
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
GSA_kwCzR0hTQS1jNnJwLXdycDktcXI0cc4AAwf6
dustjs-linkedin vulnerable to Prototype PollutionEcosystems: npm
Packages: dustjs-linkedin
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
High
Ecosystems: npm
Packages: yarn
Source: GitHub Advisory Database
Blast Radius: 39.3
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdxZmMtY3I1OS1oNjRw
Missing Encryption of Sensitive Data in yarnEcosystems: npm
Packages: yarn
Source: GitHub Advisory Database
Blast Radius: 39.3
Published: almost 5 years ago
High
Ecosystems: npm
Packages: nuxt
Source: GitHub Advisory Database
Blast Radius: 39.3
Published: 11 months ago
GSA_kwCzR0hTQS1nYzM0LTV2NDMtaDd2OM4AAz0l
nuxt Code Injection vulnerabilityEcosystems: npm
Packages: nuxt
Source: GitHub Advisory Database
Blast Radius: 39.3
Published: 11 months ago
Critical
Ecosystems: npm
Packages: shvl
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1wcXdjLTN2aHctcWN2cc4AAnAr
shvl vulnerable to prototype pollutionEcosystems: npm
Packages: shvl
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: almost 2 years ago
High
Ecosystems: npm
Packages: bower
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2bXItcHhnNC02OGh4
Symlink Arbitrary File Overwrite in bowerEcosystems: npm
Packages: bower
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: over 4 years ago
High
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: almost 2 years ago
GSA_kwCzR0hTQS13ZjV4LWNyM3IteHI3N84AAtYt
vm2 before 3.6.11 vulnerable to sandbox escapeEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: react-dom
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW12amotZ3FxMi1wNGh3
Cross-Site Scripting in react-domEcosystems: npm
Packages: react-dom
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 39.1
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhoMjctZmZyMi1mMmpj
Open redirect in url-parseEcosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 39.1
Published: almost 3 years ago
High
Ecosystems: npm
Packages: dottie
Source: GitHub Advisory Database
Blast Radius: 39.1
Published: 11 months ago
GSA_kwCzR0hTQS00Z3hmLWc1Z2YtMjJoNM4AAzxj
dottie vulnerable to Prototype PollutionEcosystems: npm
Packages: dottie
Source: GitHub Advisory Database
Blast Radius: 39.1
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: moment
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3dnYtcjlqNi1nNXF2
Regular Expression Denial of Service in momentEcosystems: npm
Packages: moment
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: over 6 years ago
High
Ecosystems: npm
Packages: fast-xml-parser
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: 12 months ago
GSA_kwCzR0hTQS02dzYzLWgzZmotcTR2d84AAzr7
fast-xml-parser vulnerable to Regex Injection via Doctype EntitiesEcosystems: npm
Packages: fast-xml-parser
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: 12 months ago
High
Ecosystems: npm
Packages: jpeg-js
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14dmY3LTR2OXEtNTh3Ns4AArfv
Infinite loop in jpeg-jsEcosystems: npm
Packages: jpeg-js
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14djk3LWM2MnYtNDU4N84AAtxf
NextAuth.js before 4.10.3 and 3.29.10 sending verification requests (magic link) to unwanted emailsEcosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: almost 2 years ago
High
Ecosystems: npm
Packages: @graphql-tools/git-loader
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZoaHcteGp2Zi13cHJy
Command Injection in @graphql-tools/git-loaderEcosystems: npm
Packages: @graphql-tools/git-loader
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: over 3 years ago
High
Ecosystems: npm
Packages: json-bigint
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdnZnEtNzg1Ny00amNj
Uncontrolled Resource Consumption in json-bigintEcosystems: npm
Packages: json-bigint
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: about 3 years ago
High
Ecosystems: npm
Packages: redis
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM1cTItNDdxNy0zcGMz
Node-Redis potential exponential regex in monitor modeEcosystems: npm
Packages: redis
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: deap
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: about 2 years ago
GSA_kwCzR0hTQS14ZzQ3LXI2N3Atdmh2Nc4AAWdB
Improper Input Validation in DeapEcosystems: npm
Packages: deap
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: about 2 years ago
High
Ecosystems: npm
Packages: phantomjs
Source: GitHub Advisory Database
Blast Radius: 38.8
Published: almost 2 years ago
GSA_kwCzR0hTQS14NDNnLWdqOXgtODM4eM4AAq96
PhantomJS Arbitrary File ReadEcosystems: npm
Packages: phantomjs
Source: GitHub Advisory Database
Blast Radius: 38.8
Published: almost 2 years ago
High
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 38.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05M3YtOXFqYy0zZzc5
Context isolation bypass via leaked cross-context objects in ElectronEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 38.8
Published: almost 4 years ago
High
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 38.8
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd2Y2otcGZxMi13eGo3
High severity vulnerability that affects electronEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 38.8
Published: over 6 years ago
High
Ecosystems: npm
Packages: sqlite3
Source: GitHub Advisory Database
Blast Radius: 38.7
Published: about 2 years ago
GSA_kwCzR0hTQS05cXJoLXFqbWMtNXcycM1BjA
Denial-of-Service when binding invalid parameters in sqlite3Ecosystems: npm
Packages: sqlite3
Source: GitHub Advisory Database
Blast Radius: 38.7
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: xml-crypto
Source: GitHub Advisory Database
Blast Radius: 38.7
Published: 17 days ago
GSA_kwCzR0hTQS0yeHAzLTU3cDctcWY0ds4AA7eK
xml-crypto vulnerable to XML signature verification bypass due improper verification of signature/signature spoofingEcosystems: npm
Packages: xml-crypto
Source: GitHub Advisory Database
Blast Radius: 38.7
Published: 17 days ago
High
Ecosystems: npm
Packages: react-native-reanimated
Source: GitHub Advisory Database
Blast Radius: 38.6
Published: over 1 year ago
GSA_kwCzR0hTQS0yajc5LThwcWMtcjd4Ns4AAvJg
react-native-reanimated vulnerable to ReDoSEcosystems: npm
Packages: react-native-reanimated
Source: GitHub Advisory Database
Blast Radius: 38.6
Published: over 1 year ago
High
Ecosystems: npm
Packages: parse-path
Source: GitHub Advisory Database
Blast Radius: 38.6
Published: almost 2 years ago
GSA_kwCzR0hTQS0zajhmLXh2bTMtZmZ4NM4AAtBm
Authorization Bypass in parse-pathEcosystems: npm
Packages: parse-path
Source: GitHub Advisory Database
Blast Radius: 38.6
Published: almost 2 years ago
High
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 38.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1oajljLThqbW0tOGM1Ms4AArT6
Packing does not respect root-level ignore files in workspacesEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 38.6
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM0MjctaGpjMy13cmZ3
Cross-site scripting in Swagger-UIEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: follow-redirects
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: 5 months ago
GSA_kwCzR0hTQS1qY2h3LTI1eHAtand3Y84AA4JD
Follow Redirects improperly handles URLs in the url.parse() functionEcosystems: npm
Packages: follow-redirects
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: 5 months ago
High
Ecosystems: npm
Packages: @ensdomains/ens
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmOWYtcGM1di05cjVo
Malicious takeover of previously owned ENS namesEcosystems: npm
Packages: @ensdomains/ens
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 4 years ago
High
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1wZ3c3LXd4N3ctMnczM84AArtC
ProxyAgent vulnerable to MITMEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: almost 2 years ago
Moderate
Ecosystems: nuget, packagist, npm
Packages: TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 1 year ago
GSA_kwCzR0hTQS1nZzhyLXhqd3EtNHc5Ms4AAwOk
Cross-site scripting vulnerability in TinyMCE alertsEcosystems: nuget, packagist, npm
Packages: TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 1 year ago
High
Ecosystems: npm
Packages: @aws-sdk/shared-ini-file-loader, aws-sdk
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJyYzktZ3FmOC04cndn
Prototype Pollution via file load in aws-sdk and @aws-sdk/shared-ini-file-loaderEcosystems: npm
Packages: @aws-sdk/shared-ini-file-loader, aws-sdk
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 2 years ago
High
Ecosystems: npm
Packages: @npmcli/arborist
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdtdzYtOTRnZy0ycmMy
UNIX Symbolic Link (Symlink) Following in @npmcli/arboristEcosystems: npm
Packages: @npmcli/arborist
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 2 years ago
High
Ecosystems: npm
Packages: @npmcli/arborist
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJoM2gtcTk5Zi0zZmhj
@npmcli/arborist vulnerable to UNIX Symbolic Link (Symlink) FollowingEcosystems: npm
Packages: @npmcli/arborist
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 2 years ago
High
Ecosystems: npm
Packages: gatsby-transformer-remark
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: over 1 year ago
GSA_kwCzR0hTQS03Y2g0LXJyOTktY3Fjd84AAw6Q
gatsby-transformer-remark has possible unsanitized JavaScript code injectionEcosystems: npm
Packages: gatsby-transformer-remark
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: over 1 year ago
High
Ecosystems: npm
Packages: copy-props
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5N20tcmpmNS1qcDM5
Prototype Pollution in copy-propsEcosystems: npm
Packages: copy-props
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4eHEtY2htcC02N2c0
RSA PKCS#1 decryption vulnerability with prepending zeros in jsrsasignEcosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEzZ2gtNXI5OC1qNGgz
RSA-PSS signature validation vulnerability by prepending zeros in jsrsasignEcosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: almost 4 years ago
High
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5amMtMjg0aC01MzNn
Context isolation bypass via contextBridge in ElectronEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: almost 4 years ago
High
Ecosystems: npm
Packages: cached-path-relative
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhjOXctNHA4Ny1qNTQ5
Prototype Pollution in cached-path-relativeEcosystems: npm
Packages: cached-path-relative
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: express
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdwdnItZzZnaC05bWMy
No Charset in Content-Type Header in expressEcosystems: npm
Packages: express
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: express
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: about 2 months ago
GSA_kwCzR0hTQS1ydjk1LTg5NmgtYzJ2Y84AA6Rd
Express.js Open Redirect in malformed URLsEcosystems: npm
Packages: express
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: about 2 months ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4ZjUtd3h3cC1tN2c5
Open Redirect in Next.jsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: aws-lambda
Source: GitHub Advisory Database
Blast Radius: 38.1
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkzNHgtNzJ4aC01aHJn
OS command injection in aws-lambdaEcosystems: npm
Packages: aws-lambda
Source: GitHub Advisory Database
Blast Radius: 38.1
Published: over 4 years ago
High
Ecosystems: npm
Packages: shelljs
Source: GitHub Advisory Database
Blast Radius: 38.1
Published: over 2 years ago
GSA_kwCzR0hTQS00cnE0LTMycnYtNndwNs0icg
Improper Privilege Management in shelljsEcosystems: npm
Packages: shelljs
Source: GitHub Advisory Database
Blast Radius: 38.1
Published: over 2 years ago
High
Ecosystems: npm
Packages: npm-user-validate
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB3NTQtbWgzOS13M2hj
Regular expression denial of service in npm-user-validateEcosystems: npm
Packages: npm-user-validate
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: about 3 years ago
High
Ecosystems: npm
Packages: urijs
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: about 2 years ago
GSA_kwCzR0hTQS0zdmpmLTgyZmYtcDRyM804xw
Incorrect protocol extraction via \r, \n and \t charactersEcosystems: npm
Packages: urijs
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: about 2 years ago
High
Ecosystems: npm
Packages: prismjs
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd2aG0tNGhoZi05N3g5
Cross-Site Scripting in PrismEcosystems: npm
Packages: prismjs
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: almost 4 years ago
High
Ecosystems: npm
Packages: yarn
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: 3 months ago
GSA_kwCzR0hTQS1tcHdqLWZjcjYteDM0Y84AA5DS
Yarn untrusted search path vulnerabilityEcosystems: npm
Packages: yarn
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: 3 months ago
High
Ecosystems: npm
Packages: yarn
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV4ZjQtZjJmcS1mNjlq
Yarn Improper link resolution before file access (Link Following)Ecosystems: npm
Packages: yarn
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: undefsafe
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMzMnEtN2ZmMi01N2gy
Prototype Pollution in undefsafeEcosystems: npm
Packages: undefsafe
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 2 years ago
High
Ecosystems: npm
Packages: vant
Source: GitHub Advisory Database
Blast Radius: 37.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl4cjgtOGhtYy0zODlm
Cross-Site Scripting in vantEcosystems: npm
Packages: vant
Source: GitHub Advisory Database
Blast Radius: 37.8
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: sails
Source: GitHub Advisory Database
Blast Radius: 37.8
Published: about 2 years ago
GSA_kwCzR0hTQS04djNqLWpmZzMtdjNmds0z8A
Prototype Pollution in Sails.jsEcosystems: npm
Packages: sails
Source: GitHub Advisory Database
Blast Radius: 37.8
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: https-proxy-agent
Source: GitHub Advisory Database
Blast Radius: 37.8
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBjNXAtaDhwZi1tdndw
Machine-In-The-Middle in https-proxy-agentEcosystems: npm
Packages: https-proxy-agent
Source: GitHub Advisory Database
Blast Radius: 37.8
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 37.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3Y2YtcHA4Ny03eDZw
mde ejs vulnerable to XSSEcosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 37.7
Published: over 6 years ago
High
Ecosystems: npm
Packages: @koa/cors
Source: GitHub Advisory Database
Blast Radius: 37.7
Published: 5 months ago
GSA_kwCzR0hTQS1xeHJqLWh4MjMteHA4Ms4AA3qz
Overly permissive origin policyEcosystems: npm
Packages: @koa/cors
Source: GitHub Advisory Database
Blast Radius: 37.7
Published: 5 months ago
High
Ecosystems: npm
Packages: serve
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhnNzUtMzI3Ny1ndnZq
Directory Traversal in serveEcosystems: npm
Packages: serve
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: about 5 years ago
High
Ecosystems: npm
Packages: serve
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY1ODgtcWNwMy1qdjQ2
Path Traversal in serveEcosystems: npm
Packages: serve
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: about 5 years ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
18
sequelize
16
next
15
swagger-ui
14
tinymce
14
ghost
14
strapi
13
joplin
13
ckeditor4
13
undici
12
vm2
12
nodebb
11
handlebars
11
marked
11
angular
11
nocodb
10
@evershop/evershop
9
serve
9
next-auth
9
TinyMCE
9
tinymce/tinymce
9
node-forge
8
urijs
8
jsrsasign
8
express-cart
8
editor.md
8
validator
8
npm
8
@strapi/strapi
8
url-parse
8
tar
8
steal
8
systeminformation
8
bootstrap
8
matrix-js-sdk
8
org.webjars.npm:jquery
8
jquery
8
jquery-rails
8
total.js
7
sanitize-html
7
uptime-kuma
7
jquery-ui
7
jquery-ui-rails
7
matrix-appservice-irc
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
snyk-broker
7
jQuery
7
shescape
7
lodash
7
matrix-react-sdk
7
hermes-engine
7
hapi
7
safe-eval
6
aaptjs
6
rsshub
6
parse-url
6
lodash-es
5
total4
5
openpgp
5
sweetalert2
5
public
5
ejs
5
prismjs
5
vite
5
mongoose
5
dojo
5
yarn
5
vditor
5
ua-parser-js
5
@strapi/plugin-users-permissions
5
rendertron
5
xlsx
5
keystone
5
safer-eval
4
muhammara
4
remarkable
4
convert-svg-core
4
axios
4
hummus
4
simple-git
4
engine.io
4
jsonwebtoken
4
realms-shim
4
ws
4
fastify
4
katex
4
dompurify
4
apostrophe
4
vega
4
auth0-js
4
@keystone-6/core
4
materialize-css
4
moment
4
mongo-express
4
valine
4
mermaid
4
auth0-lock
4
@backstage/plugin-scaffolder-backend
4
qs
4
ecstatic
4
simple-markdown
4
generator-jhipster
4
mysql2
4
meshcentral
4
aws-iot-device-sdk-v2
4
glance
4
apollo-server-core
4
awsiotsdk
4
follow-redirects
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
ses
3
loader-utils
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
notevil
3
object-path
3
passport-wsfed-saml2
3
js-yaml
3
grunt
3
jspdf
3
n8n
3
locutus
3
jointjs
3
codecov
3
feathers-sequelize
3
mysql
3
wrangler
3
yapi-vendor
3
@frangoteam/fuxa
3
ftp-srv
3
renovate
3
blamer
3
bootstrap
3
@ckeditor/ckeditor5-markdown-gfm
3
raneto
3
tough-cookie
3
froala-editor
3
highcharts
3
localhost-now
3
mixme
3
connect
3
jose
3
socket.io-file
3
fast-xml-parser
3
browserify-shim
3
slpjs
3
dns-sync
3
protobufjs
3
http-live-simulator
3
uap-core
3
xmldom
3
m-server
3
keycloak-connect
3
@strapi/utils
3
@cubejs-backend/api-gateway
3
nodemailer
3
slp-validate
3
apollo-server
3
node-opcua
3
postcss
3
jquery-validation
3
socket.io-parser
3
@backstage/techdocs-common
3
node-ipc
3
mathjs
3
node-jose
3
parsel
3
@uppy/companion
3
nadesiko3
3
convict
3
dojox
3
simplehttpserver
3
fuxa-server
3
mxgraph
3
statics-server
3
stimulsoft-dashboards-js
3
express-fileupload
3
node-fetch
3
xdLocalStorage
3
@hapi/subtext
3
subtext
3
@apollo/server
3
json-pointer
3
immer
3
serialize-to-js
3
buttle
3
typeorm
3
lodash.defaultsdeep
3
@vrite/sdk
3
@commercial/subtext
3
json-ptr
3
@sveltejs/kit
3
snyk
3
@soketi/soketi
3
ids-enterprise
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/directus/directus
17
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/nodejs/undici
12
https://github.com/NodeBB/NodeBB
11
https://github.com/vercel/next.js
11
https://github.com/jquery/jquery
10
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/nocodb/nocodb
10
https://github.com/evershopcommerce/evershop
9
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/apollographql/apollo-server
8
https://github.com/pandao/editor.md
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/digitalbazaar/forge
8
https://github.com/twbs/bootstrap
7
https://github.com/unshiftio/url-parse
7
https://github.com/lodash/lodash
7
https://github.com/louislam/uptime-kuma
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/ericcornelissen/shescape
7
https://github.com/jquery/jquery-ui
6
https://github.com/facebook/hermes
6
https://github.com/DIYgod/RSSHub
6
https://github.com/npm/node-tar
6
https://github.com/panva/jose
6
https://github.com/totaljs/framework
6
https://github.com/shenzhim/aaptjs
6
https://github.com/ionicabizau/parse-url
6
https://github.com/eclipse-theia/theia
6
https://github.com/vitejs/vite
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/markedjs/marked
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/npm/cli
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/vega/vega
5
https://github.com/follow-redirects/follow-redirects
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/xCss/Valine
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/mrvautin/expressCart
4
https://github.com/hapijs/hapi
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/PrismJS/prism
4
https://github.com/sidorares/node-mysql2
4
https://github.com/steveukx/git-js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/axios/axios
4
https://github.com/KaTeX/KaTeX
4
https://github.com/auth0/lock
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/socketio/engine.io
4
https://github.com/balderdashy/sails
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/yarnpkg/yarn
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/angular/angular.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/npm/npm
4
https://github.com/Dogfalo/materialize
4
https://github.com/nodejs/llhttp
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/highcharts/highcharts
3
https://github.com/neocotic/convert-svg
3
https://github.com/sveltejs/kit
3
https://github.com/node-fetch/node-fetch
3
https://github.com/libxmljs/libxmljs
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/beerpwn/CVE
3
https://github.com/immerjs/immer
3
https://github.com/node-opcua/node-opcua
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/transloadit/uppy
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/nodemailer/nodemailer
3
https://github.com/n8n-io/n8n
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/dwisiswant0/advisory
3
https://github.com/mozilla/node-convict
3
https://github.com/mongo-express/mongo-express
3
https://github.com/dojo/dojox
3
https://github.com/dojo/dojo
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/facebook/react
3
https://github.com/moment/moment
3
https://github.com/nasa/openmct
3
https://github.com/renovatebot/renovate
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/mermaid-js/mermaid
3
https://github.com/salesforce/tough-cookie
3
https://github.com/cure53/DOMPurify
3
https://github.com/gruntjs/grunt
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/clientIO/joint
3
https://github.com/simpleledger/slpjs
3
https://github.com/mariocasciaro/object-path
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/cisco/node-jose
3
https://github.com/chjj/marked
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/socketio/socket.io-parser
3
https://github.com/soketi/soketi
3
https://github.com/hapijs/subtext
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/webpack/loader-utils
3
https://github.com/ua-parser/uap-core
3
https://github.com/adaltas/node-mixme
3
https://github.com/typeorm/typeorm
3
https://github.com/zeit/next.js
3
https://github.com/websockets/ws
3
https://github.com/vriteio/vrite
3
https://github.com/xmldom/xmldom
3
https://github.com/jarofghosts/glance
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/Automattic/mongoose
3
https://github.com/vanessa219/vditor
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/jsuites/jsuites
2
https://github.com/mathjax/MathJax
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/jameswlane/status-board
2
https://github.com/shelljs/shelljs
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/vvakame/fs-git
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/peerigon/angular-expressions
2
https://github.com/peterbraden/node-opencv
2
https://github.com/ahdinosaur/set-in
2
https://github.com/josdejong/jsoneditor
2
https://github.com/cronvel/tree-kit
2
https://github.com/karma-runner/karma
2
https://github.com/snyk/cli
2
https://github.com/Finastra/ssr-pages
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/marudor/libxmljs2
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/jcubic/jquery.terminal
2
https://github.com/endojs/endo
2
https://github.com/vivaxy/here
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/mysqljs/mysql
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/dfinity/agent-js
2
https://github.com/mozilla/pdf.js
2