Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
High
Ecosystems: npm
Packages: keypair
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: over 2 years ago
GSA_kwCzR0hTQS0zZjk5LWh2ZzQtcWp3as0Weg
Insecure random number generation in keypairEcosystems: npm
Packages: keypair
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: typed-rest-client
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: about 1 year ago
GSA_kwCzR0hTQS01NThwLW0zNG0tdnBtcc4AAy_o
Potential leak of authentication data to 3rd partiesEcosystems: npm
Packages: typed-rest-client
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: about 1 year ago
High
Ecosystems: npm
Packages: url-regex
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY0cmgtOHA4Mi02aDV3
Regular expression denial of service in url-regexEcosystems: npm
Packages: url-regex
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: almost 4 years ago
Moderate
Ecosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: over 1 year ago
GSA_kwCzR0hTQS1xd3BoLTQ5NTItN3hyNs4AAwgg
jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()Ecosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: ses, realms-shim
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZqZzgtNzMzMy01NTR3
Sandbox Breakout in realms-shimEcosystems: npm
Packages: ses, realms-shim
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: ses
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: 9 months ago
GSA_kwCzR0hTQS05YzRoLTNmN2gtMzIycs4AA1Lc
SES's dynamic import and spread operator provides possible path to arbitrary exfiltration and executionEcosystems: npm
Packages: ses
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: 9 months ago
High
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: about 1 year ago
GSA_kwCzR0hTQS1yNmNoLW1xZjktcWM5d84AAxq-
Regular Expression Denial of Service in HeadersEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: about 1 year ago
High
Ecosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpmZjItcWp3OC01NDc2
Command Injection Vulnerability in systeminformationEcosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: about 3 years ago
High
Ecosystems: npm
Packages: @sveltejs/kit
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: about 1 year ago
GSA_kwCzR0hTQS01cDc1LXZjNWctOHJ2Ms4AAyiw
SvelteKit vulnerable to Cross-Site Request ForgeryEcosystems: npm
Packages: @sveltejs/kit
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: about 1 year ago
High
Ecosystems: npm
Packages: @sveltejs/kit
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: about 1 year ago
GSA_kwCzR0hTQS1ndjdnLXg1OXgtd2Y4Zs4AAyoO
SvelteKit framework has Insufficient CSRF protection for CORS requestsEcosystems: npm
Packages: @sveltejs/kit
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: about 1 year ago
High
Ecosystems: npm
Packages: graphql-playground-html
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4NTItdnJoNy0yOHJm
Reflected XSS in GraphQL PlaygroundEcosystems: npm
Packages: graphql-playground-html
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: almost 4 years ago
High
Ecosystems: npm
Packages: static-eval
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg5aGMtcnczNS1mNDRo
Sandbox Breakout / Arbitrary Code Execution in static-evalEcosystems: npm
Packages: static-eval
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: over 3 years ago
High
Ecosystems: npm
Packages: knex
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: over 1 year ago
GSA_kwCzR0hTQS00anY5LTM1NjMtMjNqM84AAwZv
Knex.js has a limited SQL injection vulnerabilityEcosystems: npm
Packages: knex
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: over 1 year ago
High
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJxNGctdzQ3Yy00Njc0
Unpreventable top-level navigationEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: over 3 years ago
High
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: 8 months ago
GSA_kwCzR0hTQS1neGg3LXd2OXEtZndmcs4AA1vc
Electron's Content-Secrity-Policy disabling eval not applied consistently in renderers with sandbox disabledEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: 8 months ago
High
Ecosystems: npm
Packages: i
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: over 2 years ago
GSA_kwCzR0hTQS14NTV3LXZqanAtMjIycs0WAg
inflect vulnerable to Inefficient Regular Expression ComplexityEcosystems: npm
Packages: i
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: over 2 years ago
High
Ecosystems: npm
Packages: cached-path-relative
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
GSA_kwCzR0hTQS13ZzZnLXBwdngtOTI3aM0lrg
Prototype Pollution in cached-path-relativeEcosystems: npm
Packages: cached-path-relative
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlwcmgtMjU3dy05Mjc3
Cross-Site Scripting in handlebarsEcosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: follow-redirects
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
GSA_kwCzR0hTQS1wdzJyLXZxNnYtaHI4Y80qJw
Exposure of Sensitive Information to an Unauthorized Actor in follow-redirectsEcosystems: npm
Packages: follow-redirects
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
High
Ecosystems: cargo, npm
Packages: tauri-cli, @tauri-apps/cli
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: 7 months ago
GSA_kwCzR0hTQS0ycmNwLWp2cjQtcjI1Oc4AA2mV
Tauri's Updater Private Keys Possibly Leaked via Vite Environment VariablesEcosystems: cargo, npm
Packages: tauri-cli, @tauri-apps/cli
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: 7 months ago
High
Ecosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 1 year ago
GSA_kwCzR0hTQS1jZ2ZtLXh3cDctMmN2cs4AAuje
Sanitize-html Vulnerable To REDoS AttacksEcosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: bl
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBwN2gtNTNneC1teDdy
Remote Memory Exposure in blEcosystems: npm
Packages: bl
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: over 3 years ago
High
Ecosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 37.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk0eGgtMmZtYy14ZjVq
systeminformation command injection vulnerabilityEcosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 37.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: node-fetch
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: almost 2 years ago
GSA_kwCzR0hTQS12cDU2LTZnMjYtNjgyN84AAtwJ
node-fetch Inefficient Regular Expression ComplexityEcosystems: npm
Packages: node-fetch
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: almost 2 years ago
High
Ecosystems: npm
Packages: web3-utils
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: about 2 months ago
GSA_kwCzR0hTQS0yZzRjLThmcG0tYzQ2ds4AA6YV
web3-utils Prototype Pollution vulnerabilityEcosystems: npm
Packages: web3-utils
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: about 2 months ago
Critical
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZydzQtdzczci02bW04
TimelockController vulnerability in OpenZeppelin ContractsEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 2 years ago
High
Ecosystems: npm
Packages: cordova-plugin-ionic-webview
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh3amgtY3A5OS1jajhx
Path Traversal in cordova-plugin-ionic-webviewEcosystems: npm
Packages: cordova-plugin-ionic-webview
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: axios
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: 6 months ago
GSA_kwCzR0hTQS13ZjVwLWc2dnctcmh4eM4AA2_y
Axios Cross-Site Request Forgery VulnerabilityEcosystems: npm
Packages: axios
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: 6 months ago
High
Ecosystems: npm
Packages: @nubosoftware/node-static, node-static
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: about 1 year ago
GSA_kwCzR0hTQS01Zzk3LXdoYzktOGc3as4AAx8P
node-static and @nubosoftware/node-static vulnerable to Directory TraversalEcosystems: npm
Packages: @nubosoftware/node-static, node-static
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: about 1 year ago
High
Ecosystems: npm
Packages: auth0-js
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd2MjYtcmo4Yy00cjMz
Cross-Site Request Forgery (CSRF) in Auth0Ecosystems: npm
Packages: auth0-js
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: over 5 years ago
High
Ecosystems: npm
Packages: auth0-js
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdwcTctcThqNC03Mmpn
Auth0-js bypasses CSRF checksEcosystems: npm
Packages: auth0-js
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: about 6 years ago
High
Ecosystems: npm
Packages: eta
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: over 1 year ago
GSA_kwCzR0hTQS1tZjZ4LWhyZ3ItNjU4Zs4AAxPw
Eta vulnerable to Code Injection via templates rendered with user-defined dataEcosystems: npm
Packages: eta
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: over 1 year ago
High
Ecosystems: npm
Packages: highcharts
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdyNGotcjU3NS1nNjY1
Cross-Site Scripting in highchartsEcosystems: npm
Packages: highcharts
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: mixme
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI1Y3EtOTUzNy05cnBm
Prototype Pollution in mixmeEcosystems: npm
Packages: mixme
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 2 years ago
High
Ecosystems: npm
Packages: luxon
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 1 year ago
GSA_kwCzR0hTQS0zeHE1LXdqZmgtcHBqY84AAw0p
Luxon Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: luxon
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: karma
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: over 2 years ago
GSA_kwCzR0hTQS03eDdjLXFtNDgtcHE5Y80pMQ
Cross-site Scripting in karmaEcosystems: npm
Packages: karma
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: @xmldom/xmldom, xmldom
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmZzgtMjU0Ny1tcjhx
Misinterpretation of malicious XML inputEcosystems: npm
Packages: @xmldom/xmldom, xmldom
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: rollup-plugin-serve
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRqNDYtbXA4NS1tdjhj
Path traversal in rollup-plugin-serveEcosystems: npm
Packages: rollup-plugin-serve
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: about 3 years ago
High
Ecosystems: npm
Packages: pug-code-gen, pug
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA0OTMtNjM1cS1yNmdy
Remote code execution via the `pretty` option.Ecosystems: npm
Packages: pug-code-gen, pug
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 3 years ago
Moderate
Ecosystems: packagist, npm
Packages: ckeditor/ckeditor, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 3 months ago
GSA_kwCzR0hTQS1mcTZoLTRnOHYtcXF2bc4AA5JK
CKEditor4 Cross-site Scripting vulnerability caused by incorrect CDATA detectionEcosystems: packagist, npm
Packages: ckeditor/ckeditor, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: webpack-bundle-analyzer
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBncjgtamc2aC04Z3c2
Cross-Site Scripting in webpack-bundle-analyzerEcosystems: npm
Packages: webpack-bundle-analyzer
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 5 years ago
High
Ecosystems: npm
Packages: yarn
Source: GitHub Advisory Database
Blast Radius: 36.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThtZmMtdjd3di1wNjJn
Path Traversal in YarnEcosystems: npm
Packages: yarn
Source: GitHub Advisory Database
Blast Radius: 36.4
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: bootstrap
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBoNTgtNHZyai13Nmhy
bootstrap Cross-site Scripting vulnerabilityEcosystems: npm
Packages: bootstrap
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: bootstrap
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRwMjQtdm1jci00Z3Fq
Bootstrap Cross-site Scripting vulnerabilityEcosystems: npm
Packages: bootstrap
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: bootstrap
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNtZ3AtZng5My05eHY1
XSS vulnerability that affects bootstrapEcosystems: npm
Packages: bootstrap
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: locutus
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5OG0tcTNoci1wNXdx
Prototype Pollution in locutusEcosystems: npm
Packages: locutus
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: locutus
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg4NngtbXY2Ni1ncjVx
OS Command Injection in LocutusEcosystems: npm
Packages: locutus
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: blitz, superjson
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 2 years ago
GSA_kwCzR0hTQS01ODg4LWZmY3ItcjQyNc0p2g
Prototype Pollution leading to Remote Code Execution in superjsonEcosystems: npm
Packages: blitz, superjson
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: @cypress/request, request
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 1 year ago
GSA_kwCzR0hTQS1wOHA3LXgyODgtMjhnNs4AAyJl
Server-Side Request Forgery in RequestEcosystems: npm
Packages: @cypress/request, request
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: 101
Source: GitHub Advisory Database
Blast Radius: 36.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN3Y3gtcnhnYy1jbXcz
Prototype pollution in 101Ecosystems: npm
Packages: 101
Source: GitHub Advisory Database
Blast Radius: 36.0
Published: about 3 years ago
High
Ecosystems: npm
Packages: st
Source: GitHub Advisory Database
Blast Radius: 36.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY5cnItd3ZoOS02YzRx
Directory Traversal in stEcosystems: npm
Packages: st
Source: GitHub Advisory Database
Blast Radius: 36.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: mockjs
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: 5 months ago
GSA_kwCzR0hTQS1taDhqLTlqdmgtZ2pmNs4AA3oc
mockjs vulnerable to Prototype Pollution via the Util.extend functionEcosystems: npm
Packages: mockjs
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: 5 months ago
High
Ecosystems: npm
Packages: express-jwt
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZnNm0tbTZoNS13OWdm
Authorization bypass in express-jwtEcosystems: npm
Packages: express-jwt
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: almost 4 years ago
High
Ecosystems: npm
Packages: eta
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: over 1 year ago
GSA_kwCzR0hTQS14cmg3LW01cHAtMzlyNs4AAxTf
XSS Attack with Express APIEcosystems: npm
Packages: eta
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: over 1 year ago
High
Ecosystems: npm
Packages: requestretry
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: about 2 years ago
GSA_kwCzR0hTQS1oanA4LTJjbTMtY2M0Nc0uQw
Cookie exposure in requestretryEcosystems: npm
Packages: requestretry
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: about 2 years ago
High
Ecosystems: npm
Packages: parcel-bundler
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM3cTYtNTc2cS12Z3I3
Missing Origin Validation in parcel-bundlerEcosystems: npm
Packages: parcel-bundler
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: over 5 years ago
High
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: over 1 year ago
GSA_kwCzR0hTQS00aDk4LTI3NjktZ2g2aM4AAuFk
OpenZeppelin Contracts vulnerable to ECDSA signature malleabilityEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: over 1 year ago
High
Ecosystems: npm
Packages: xlsx
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: about 1 year ago
GSA_kwCzR0hTQS00cjZoLTh2NnAteHZ3Ns4AAy7y
Prototype Pollution in sheetJSEcosystems: npm
Packages: xlsx
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: react-devtools-core
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: 7 months ago
GSA_kwCzR0hTQS1yeHJjLXJndjQtanB2eM4AA2j_
React Developer Tools extension Improper Authorization vulnerabilityEcosystems: npm
Packages: react-devtools-core
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: 7 months ago
Critical
Ecosystems: npm
Packages: jsonata
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: 2 months ago
GSA_kwCzR0hTQS1mcWc4LXZmdjctOGZqOM4AA5wD
JSONata expression can pollute the "Object" prototypeEcosystems: npm
Packages: jsonata
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: 2 months ago
High
Ecosystems: npm
Packages: devcert
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1mcDM2LTI5OXgtcHdtd84AArWx
Regular expression denial of service in devcertEcosystems: npm
Packages: devcert
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: almost 2 years ago
High
Ecosystems: npm
Packages: date-and-time
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI5MngtZjUyci14NTRn
regular expression denial of service (ReDoS)Ecosystems: npm
Packages: date-and-time
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: over 3 years ago
High
Ecosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 35.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5bXEtNHg0Ny01djgz
Prototype Pollution in angularEcosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 35.7
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: js-yaml
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJwcjYtNzZ2Zi03NTQ2
Denial of Service in js-yamlEcosystems: npm
Packages: js-yaml
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: almost 5 years ago
Critical
Ecosystems: npm
Packages: cordova-plugin-inappbrowser
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM2cHctcTdmMi05N2h2
Privilege Escalation in cordova-plugin-inappbrowserEcosystems: npm
Packages: cordova-plugin-inappbrowser
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: engine.io-client
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyNG0taGp3ai00M3A4
Insecure Defaults Allow MITM Over TLS in engine.io-clientEcosystems: npm
Packages: engine.io-client
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3ZmotbWM4dy1qOXdn
RSA signature validation vulnerability on maleable encoded message in jsrsasignEcosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: send
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpncWYtaHdjNS1oaDM3
Root Path Disclosure in sendEcosystems: npm
Packages: send
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4YzItbWozOS1xNTk5
Strapi allows unauthenticated attacker to reset admin password without valid reset tokenEcosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: about 2 years ago
GSA_kwCzR0hTQS05cWdtLXc4N3EtaHg4Oc06zg
Unrestricted Upload of File with Dangerous Type in StrapiEcosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmcnYtOXBody12cnZy
Authorization bypass in StrapiEcosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: about 3 years ago
High
Ecosystems: maven, npm
Packages: org.webjars.npm:lite-server, lite-server
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: over 1 year ago
GSA_kwCzR0hTQS04OXc3LTVxNDUtcjUzd84AAwbi
lite-server vulnerable to Denial of ServiceEcosystems: maven, npm
Packages: org.webjars.npm:lite-server, lite-server
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: over 1 year ago
High
Ecosystems: npm
Packages: snyk
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: 11 months ago
GSA_kwCzR0hTQS00dnJ2LTkzYzctbTkyas4AA0TJ
snyk Code Injection vulnerabilityEcosystems: npm
Packages: snyk
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: 11 months ago
High
Ecosystems: npm
Packages: three
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZxNnAteDZqMy1jbW1x
Denial of service in threeEcosystems: npm
Packages: three
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: minimist
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZoOTUtcm1nci02dzRt
Prototype Pollution in minimistEcosystems: npm
Packages: minimist
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: pem
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnY3ItN3dtNC1tY3Y2
Sensitive Data Exposure in pemEcosystems: npm
Packages: pem
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: ssri
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMyNWotMjRmNC1xdjV4
Regular Expression Denial of Service in ssriEcosystems: npm
Packages: ssri
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: about 6 years ago
High
Ecosystems: npm
Packages: timespan
Source: GitHub Advisory Database
Blast Radius: 35.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1MjMtMmY1ai1nZmNn
Regular Expression Denial of Service in timespanEcosystems: npm
Packages: timespan
Source: GitHub Advisory Database
Blast Radius: 35.2
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: yargs-parser
Source: GitHub Advisory Database
Blast Radius: 35.2
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5cGMtMjk5cC12eGdw
yargs-parser Vulnerable to Prototype PollutionEcosystems: npm
Packages: yargs-parser
Source: GitHub Advisory Database
Blast Radius: 35.2
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: node-sass
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2NjItMjRjci01OGN4
Denial of Service in node-sassEcosystems: npm
Packages: node-sass
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: over 3 years ago
High
Ecosystems: npm
Packages: ecstatic
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBtOXAtOTkyNi13Njht
Denial of Service in ecstaticEcosystems: npm
Packages: ecstatic
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: over 6 years ago
High
Ecosystems: npm
Packages: taffydb, taffy
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW14aHAtNzlxaC1tY3g2
TaffyDB can allow access to any data items in the DBEcosystems: npm
Packages: taffydb, taffy
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: about 4 years ago
High
Ecosystems: npm
Packages: xterm
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1jMjMtOTc2cC1qNDJ4
xterm vulnerable to remote code executionEcosystems: npm
Packages: xterm
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: browserslist
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc4cXYtNmp3aC02NHI1
Regular Expression Denial of Service in browserslistEcosystems: npm
Packages: browserslist
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: node-notifier
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmdzktZnEzMi13djVw
OS Command Injection in node-notifierEcosystems: npm
Packages: node-notifier
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: over 3 years ago
High
Ecosystems: npm
Packages: ethereumjs-vm
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtdzctd2dnbS1tNncz
Denial of Service in ethereumjs-vmEcosystems: npm
Packages: ethereumjs-vm
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: request
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd4ZnAtOWM1NS01dnFq
Remote Memory Exposure in requestEcosystems: npm
Packages: request
Source: GitHub Advisory Database
Blast Radius: 35.0
Published: over 5 years ago
High
Ecosystems: npm
Packages: mout
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: almost 2 years ago
GSA_kwCzR0hTQS12dnY4LXh3NWYtM2Y4OM4AArtg
Prototype Pollution in moutEcosystems: npm
Packages: mout
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: almost 2 years ago
High
Ecosystems: npm
Packages: mout
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBjNTgtd2dtYy1oZmpy
Prototype Pollution in moutEcosystems: npm
Packages: mout
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: over 2 years ago
High
Ecosystems: npm
Packages: resolve-path
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYyZzktNmh3NS1yd2Zw
Path Traversal in resolve-pathEcosystems: npm
Packages: resolve-path
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: almost 6 years ago
Moderate
Ecosystems: npm
Packages: postcss
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU2Nm0tcWo3OC1yd3c1
Regular Expression Denial of Service in postcssEcosystems: npm
Packages: postcss
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: postcss
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3ajktaDVtcC0zcG0z
Regular Expression Denial of Service in postcssEcosystems: npm
Packages: postcss
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: postcss
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: 8 months ago
GSA_kwCzR0hTQS03Zmg1LTY0cDItM3Yyas4AA2Js
PostCSS line return parsing errorEcosystems: npm
Packages: postcss
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: 8 months ago
Moderate
Ecosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc5bXgtODh3Ny04Zjdx
XSS Filter Bypass via Encoded URL in validatorEcosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 5 years ago
Moderate
Ecosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU1MnctcnFnOC1neHht
Moderate severity vulnerability that affects validatorEcosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0cXEtZm03cS1jd3A1
Multiple XSS Filter Bypasses in validatorEcosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwanAtN3JwMi05YzNm
Moderate severity vulnerability that affects validatorEcosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJoNmMtcTkzOC0zcjlx
Moderate severity vulnerability that affects validatorEcosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: prismjs
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 2 years ago
GSA_kwCzR0hTQS1ocWhwLTVwODMtaHg5Ns0Vzg
prismjs Regular Expression Denial of Service vulnerabilityEcosystems: npm
Packages: prismjs
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: defaults-deep
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqeHctMjJ4Zi02cHdj
Prototype Pollution in defaults-deepEcosystems: npm
Packages: defaults-deep
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 5 years ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
18
sequelize
16
next
15
swagger-ui
14
tinymce
14
ghost
14
strapi
13
joplin
13
ckeditor4
13
undici
12
vm2
12
nodebb
11
handlebars
11
marked
11
angular
11
nocodb
10
@evershop/evershop
9
serve
9
next-auth
9
TinyMCE
9
tinymce/tinymce
9
node-forge
8
urijs
8
jsrsasign
8
express-cart
8
editor.md
8
validator
8
npm
8
@strapi/strapi
8
url-parse
8
tar
8
steal
8
systeminformation
8
bootstrap
8
matrix-js-sdk
8
org.webjars.npm:jquery
8
jquery
8
jquery-rails
8
total.js
7
sanitize-html
7
uptime-kuma
7
jquery-ui
7
jquery-ui-rails
7
matrix-appservice-irc
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
snyk-broker
7
jQuery
7
shescape
7
lodash
7
matrix-react-sdk
7
hermes-engine
7
hapi
7
safe-eval
6
aaptjs
6
rsshub
6
parse-url
6
lodash-es
5
total4
5
openpgp
5
sweetalert2
5
public
5
ejs
5
prismjs
5
vite
5
mongoose
5
dojo
5
yarn
5
vditor
5
ua-parser-js
5
@strapi/plugin-users-permissions
5
rendertron
5
xlsx
5
keystone
5
safer-eval
4
muhammara
4
remarkable
4
convert-svg-core
4
axios
4
hummus
4
simple-git
4
engine.io
4
jsonwebtoken
4
realms-shim
4
ws
4
fastify
4
katex
4
dompurify
4
apostrophe
4
vega
4
auth0-js
4
@keystone-6/core
4
materialize-css
4
moment
4
mongo-express
4
valine
4
mermaid
4
auth0-lock
4
@backstage/plugin-scaffolder-backend
4
qs
4
ecstatic
4
simple-markdown
4
generator-jhipster
4
mysql2
4
meshcentral
4
aws-iot-device-sdk-v2
4
glance
4
apollo-server-core
4
awsiotsdk
4
follow-redirects
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
ses
3
loader-utils
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
notevil
3
object-path
3
passport-wsfed-saml2
3
js-yaml
3
grunt
3
jspdf
3
n8n
3
locutus
3
jointjs
3
codecov
3
feathers-sequelize
3
mysql
3
wrangler
3
yapi-vendor
3
@frangoteam/fuxa
3
ftp-srv
3
renovate
3
blamer
3
bootstrap
3
@ckeditor/ckeditor5-markdown-gfm
3
raneto
3
tough-cookie
3
froala-editor
3
highcharts
3
localhost-now
3
mixme
3
connect
3
jose
3
socket.io-file
3
fast-xml-parser
3
browserify-shim
3
slpjs
3
dns-sync
3
protobufjs
3
http-live-simulator
3
uap-core
3
xmldom
3
m-server
3
keycloak-connect
3
@strapi/utils
3
@cubejs-backend/api-gateway
3
nodemailer
3
slp-validate
3
apollo-server
3
node-opcua
3
postcss
3
jquery-validation
3
socket.io-parser
3
@backstage/techdocs-common
3
node-ipc
3
mathjs
3
node-jose
3
parsel
3
@uppy/companion
3
nadesiko3
3
convict
3
dojox
3
simplehttpserver
3
fuxa-server
3
mxgraph
3
statics-server
3
stimulsoft-dashboards-js
3
express-fileupload
3
node-fetch
3
xdLocalStorage
3
@hapi/subtext
3
subtext
3
@apollo/server
3
json-pointer
3
immer
3
serialize-to-js
3
buttle
3
typeorm
3
lodash.defaultsdeep
3
@vrite/sdk
3
@commercial/subtext
3
json-ptr
3
@sveltejs/kit
3
snyk
3
@soketi/soketi
3
ids-enterprise
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/directus/directus
17
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/nodejs/undici
12
https://github.com/NodeBB/NodeBB
11
https://github.com/vercel/next.js
11
https://github.com/jquery/jquery
10
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/nocodb/nocodb
10
https://github.com/evershopcommerce/evershop
9
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/apollographql/apollo-server
8
https://github.com/pandao/editor.md
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/digitalbazaar/forge
8
https://github.com/twbs/bootstrap
7
https://github.com/unshiftio/url-parse
7
https://github.com/lodash/lodash
7
https://github.com/louislam/uptime-kuma
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/ericcornelissen/shescape
7
https://github.com/jquery/jquery-ui
6
https://github.com/facebook/hermes
6
https://github.com/DIYgod/RSSHub
6
https://github.com/npm/node-tar
6
https://github.com/panva/jose
6
https://github.com/totaljs/framework
6
https://github.com/shenzhim/aaptjs
6
https://github.com/ionicabizau/parse-url
6
https://github.com/eclipse-theia/theia
6
https://github.com/vitejs/vite
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/markedjs/marked
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/npm/cli
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/vega/vega
5
https://github.com/follow-redirects/follow-redirects
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/xCss/Valine
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/mrvautin/expressCart
4
https://github.com/hapijs/hapi
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/PrismJS/prism
4
https://github.com/sidorares/node-mysql2
4
https://github.com/steveukx/git-js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/axios/axios
4
https://github.com/KaTeX/KaTeX
4
https://github.com/auth0/lock
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/socketio/engine.io
4
https://github.com/balderdashy/sails
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/yarnpkg/yarn
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/angular/angular.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/npm/npm
4
https://github.com/Dogfalo/materialize
4
https://github.com/nodejs/llhttp
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/highcharts/highcharts
3
https://github.com/neocotic/convert-svg
3
https://github.com/sveltejs/kit
3
https://github.com/node-fetch/node-fetch
3
https://github.com/libxmljs/libxmljs
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/beerpwn/CVE
3
https://github.com/immerjs/immer
3
https://github.com/node-opcua/node-opcua
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/transloadit/uppy
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/nodemailer/nodemailer
3
https://github.com/n8n-io/n8n
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/dwisiswant0/advisory
3
https://github.com/mozilla/node-convict
3
https://github.com/mongo-express/mongo-express
3
https://github.com/dojo/dojox
3
https://github.com/dojo/dojo
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/facebook/react
3
https://github.com/moment/moment
3
https://github.com/nasa/openmct
3
https://github.com/renovatebot/renovate
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/mermaid-js/mermaid
3
https://github.com/salesforce/tough-cookie
3
https://github.com/cure53/DOMPurify
3
https://github.com/gruntjs/grunt
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/clientIO/joint
3
https://github.com/simpleledger/slpjs
3
https://github.com/mariocasciaro/object-path
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/cisco/node-jose
3
https://github.com/chjj/marked
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/socketio/socket.io-parser
3
https://github.com/soketi/soketi
3
https://github.com/hapijs/subtext
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/webpack/loader-utils
3
https://github.com/ua-parser/uap-core
3
https://github.com/adaltas/node-mixme
3
https://github.com/typeorm/typeorm
3
https://github.com/zeit/next.js
3
https://github.com/websockets/ws
3
https://github.com/vriteio/vrite
3
https://github.com/xmldom/xmldom
3
https://github.com/jarofghosts/glance
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/Automattic/mongoose
3
https://github.com/vanessa219/vditor
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/jsuites/jsuites
2
https://github.com/mathjax/MathJax
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/jameswlane/status-board
2
https://github.com/shelljs/shelljs
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/vvakame/fs-git
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/peerigon/angular-expressions
2
https://github.com/peterbraden/node-opencv
2
https://github.com/ahdinosaur/set-in
2
https://github.com/josdejong/jsoneditor
2
https://github.com/cronvel/tree-kit
2
https://github.com/karma-runner/karma
2
https://github.com/snyk/cli
2
https://github.com/Finastra/ssr-pages
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/marudor/libxmljs2
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/jcubic/jquery.terminal
2
https://github.com/endojs/endo
2
https://github.com/vivaxy/here
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/mysqljs/mysql
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/dfinity/agent-js
2
https://github.com/mozilla/pdf.js
2