Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Critical
Ecosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd3NnYtNjc3Zy1wNjU2
Sandbox Breakout in safe-evalEcosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
GSA_kwCzR0hTQS03OXhmLTY3cjQtcTJqas4AAyqY
safe-eval vulnerable to Sandbox Bypass due to improper input sanitizationEcosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: remark-html
Source: GitHub Advisory Database
Blast Radius: 43.1
Published: over 2 years ago
GSA_kwCzR0hTQS05cTV3LTc5Y3YtOTQ3bc0Vog
Unsafe defaults in `remark-html`Ecosystems: npm
Packages: remark-html
Source: GitHub Advisory Database
Blast Radius: 43.1
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: apex-publish-static-files
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlqbTMtNTgzNS01Mzdt
Command Injection in apex-publish-static-filesEcosystems: npm
Packages: apex-publish-static-files
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
GSA_kwCzR0hTQS1oY2czLTU2amYteDR2aM4AAyqc
safe-eval vulnerable to Prototype Pollution via the safeEval functionEcosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
GSA_kwCzR0hTQS13cmg5LWNqdjMtMmhwd84AAxxu
Sequelize vulnerable to SQL Injection via replacementsEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: gitlabhook
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0OWYtNzNoaC1tajM4
Command Injection in gitlabhookEcosystems: npm
Packages: gitlabhook
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: fastify-reply-from
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFtdzgtM3Y0Zy1nd2o0
Prefix escapeEcosystems: npm
Packages: fastify-reply-from
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: xml-crypto
Source: GitHub Advisory Database
Blast Radius: 38.7
Published: about 8 hours ago
GSA_kwCzR0hTQS0yeHAzLTU3cDctcWY0ds4AA7eK
xml-crypto vulnerable to XML signature verification bypass due improper verification of signature/signature spoofingEcosystems: npm
Packages: xml-crypto
Source: GitHub Advisory Database
Blast Radius: 38.7
Published: about 8 hours ago
Low
Ecosystems: npm
Packages: fastify-http-proxy
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM0cXItZ21yOS12MjN3
Prefix escapeEcosystems: npm
Packages: fastify-http-proxy
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnY2gtamptci1ncDd3
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZnNDctM2MyeC1tMndy
TimelockController vulnerability in OpenZeppelin ContractsEcosystems: npm
Packages: @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 64.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB2NGMtcDJqNS0zOGo0
Open Redirect in url-parseEcosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 64.1
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 47.2
Published: over 1 year ago
GSA_kwCzR0hTQS1tcmdwLW1yaGMtNWpycc4AAvGK
vm2 vulnerable to Sandbox Escape resulting in Remote Code Execution on hostEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 47.2
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzeDQtd3I0aC1wdzMz
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 2 months ago
GSA_kwCzR0hTQS02OTI3LTN2cjktZnhmMs4AA5sK
ZDI-CAN-19105: Parse Server literalizeRegexPart SQL InjectionEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 2 months ago
Critical
Ecosystems: npm
Packages: react-editable-json-tree
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 1 year ago
GSA_kwCzR0hTQS1qM3J2LXc0M3EtZjl4Ms4AAuFt
React Editable Json Tree vulnerable to arbitrary code execution via function parsingEcosystems: npm
Packages: react-editable-json-tree
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: cruddl
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xbTR3LTQ5OTUtdmc3Zs4AAu1l
cruddl vulnerable to ArangoDB Query Language (AQL) injection through flexSearchEcosystems: npm
Packages: cruddl
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: sequelize, @sequelize/core
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
GSA_kwCzR0hTQS1mNTk4LW1mcHYtZ21meM4AAxzf
Sequelize - Default support for “raw attributes” when using parenthesesEcosystems: npm
Packages: sequelize, @sequelize/core
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: @asyncapi/modelina
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: over 2 years ago
GSA_kwCzR0hTQS00amcyLTg0YzItcGo5Nc0V7A
Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelinaEcosystems: npm
Packages: @asyncapi/modelina
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: total4
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: almost 2 years ago
GSA_kwCzR0hTQS12Mjg3LTl3M3YteDVjNc4AAh-W
Total.js CMS RCE VulnerabilityEcosystems: npm
Packages: total4
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: 9 months ago
GSA_kwCzR0hTQS12aDJnLTZjNHgtNWhtcM4AA04I
Path traversal and code execution via prototype vulnerabilityEcosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: 9 months ago
Critical
Ecosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: 10 months ago
GSA_kwCzR0hTQS05bTkzLXc4dzYtNzZoaM4AA0uj
Mongoose Prototype Pollution vulnerabilityEcosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: 10 months ago
Critical
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 2 years ago
GSA_kwCzR0hTQS1wNmg0LTkzcXAtamhjbc0yJA
Command injection in Parse Server through prototype pollutionEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: @sequelize/core, sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
GSA_kwCzR0hTQS12cWZ4LWdqOTYtM3c5Nc4AAxyK
Unsafe fall-through in getWhereConditionsEcosystems: npm
Packages: @sequelize/core, sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: constantinople
Source: GitHub Advisory Database
Blast Radius: 53.3
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2bW0tbWhjcS00eDlq
Sandbox Bypass Leading to Arbitrary Code Execution in constantinopleEcosystems: npm
Packages: constantinople
Source: GitHub Advisory Database
Blast Radius: 53.3
Published: almost 5 years ago
Critical
Ecosystems: npm
Packages: @vrite/sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS13MzVwLXd4d2otcmNtOc4AA2bq
Server-Side Request Forgery (SSRF) in vriteio/vriteEcosystems: npm
Packages: @vrite/sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Critical
Ecosystems: npm
Packages: @seal-security/mongoose-fixed
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1yYzR2LTk5Y3ItcGpjbc4AA2gY
Prototype Pollution in ali-security/mongooseEcosystems: npm
Packages: @seal-security/mongoose-fixed
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZydzQtdzczci02bW04
TimelockController vulnerability in OpenZeppelin ContractsEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0N2otaGM2eC1oM3Fx
Remote Code Execution Vulnerability in NPM mongo-expressEcosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: @nuxtlabs/github-module
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: about 1 year ago
GSA_kwCzR0hTQS1mcDJ3LWc5MmctZmdxNM4AAy0_
@nuxtlabs/github-module made Use of Hard-coded CredentialsEcosystems: npm
Packages: @nuxtlabs/github-module
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: jsreport
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: 12 months ago
GSA_kwCzR0hTQS1nN3JqLXE3MjItMjQ1Z84AAzH0
jsreport vulnerable to code injectionEcosystems: npm
Packages: jsreport
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: 12 months ago
Critical
Ecosystems: npm
Packages: @strapi/plugin-email, @strapi/plugin-users-permissions
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: about 1 year ago
GSA_kwCzR0hTQS0yaDg3LTRxMnctdjRoZs4AAy4o
Strapi plugins vulnerable to Server-Side Template Injection and Remote Code Execution in the Users-Permissions PluginEcosystems: npm
Packages: @strapi/plugin-email, @strapi/plugin-users-permissions
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: hellojs
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdqaDktNmNwZi1oNG03
XSS in hello.jsEcosystems: npm
Packages: hellojs
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: angular-server-side-configuration
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: about 1 year ago
GSA_kwCzR0hTQS1nd3ZtLXZycDQtNHBwNc4AAyUN
angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backendEcosystems: npm
Packages: angular-server-side-configuration
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: picotts
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdxN3EtNXY2ai14ZnY2
Command Injection in picottsEcosystems: npm
Packages: picotts
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: steal
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 1 year ago
GSA_kwCzR0hTQS04ZjhnLTlqNzMtN3A4Ms4AAu0C
steal vulnerable to Prototype Pollution via optionName variableEcosystems: npm
Packages: steal
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: arr-flatten-unflatten
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc4ZjMtcHZ4NC00YzNo
Prototype Pollution in arr-flatten-unflattenEcosystems: npm
Packages: arr-flatten-unflatten
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: steal
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 1 year ago
GSA_kwCzR0hTQS12d2hxLXBtM3ItZmptOc4AAu0V
steal vulnerable to Prototype Pollution via key variable in babel.jsEcosystems: npm
Packages: steal
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: asyync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJtN2MteDQyNC1nMm13
Malicious Package in asyyncEcosystems: npm
Packages: asyync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: deeply
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqNHctNWZ3NC1ybTI3
Prototype Pollution in deeplyEcosystems: npm
Packages: deeply
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: ses
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: 9 months ago
GSA_kwCzR0hTQS05YzRoLTNmN2gtMzIycs4AA1Lc
SES's dynamic import and spread operator provides possible path to arbitrary exfiltration and executionEcosystems: npm
Packages: ses
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: 9 months ago
Critical
Ecosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: almost 2 years ago
GSA_kwCzR0hTQS00NHZyLXJ3d2otcDg4aM4AAtaE
Shescape vulnerable to insufficient escaping of whitespaceEcosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: ntesseract
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13ODY4LTQ1NzYtcnYyNM4AAtpK
ntesseract vulnerable to Command InjectionEcosystems: npm
Packages: ntesseract
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2M3gteGM5ai1oaHZx
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: buffer-yor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWcyYzQtNG02NC12eG0z
Malicious Package in buffer-yorEcosystems: npm
Packages: buffer-yor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: diskusage-ng
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMyNjkteDRwdy12ZmZn
OS Command Injection in diskusage-ngEcosystems: npm
Packages: diskusage-ng
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: socket.io-parser
Source: GitHub Advisory Database
Blast Radius: 59.8
Published: over 1 year ago
GSA_kwCzR0hTQS1xbTk1LXBnY2ctcXFmcc4AAvix
Insufficient validation when decoding a Socket.IO packetEcosystems: npm
Packages: socket.io-parser
Source: GitHub Advisory Database
Blast Radius: 59.8
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: electerm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS14NzN3LWc4aHgtdjdycM4AAxGk
Code injection in electermEcosystems: npm
Packages: electerm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: buffermxor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzNmYtMjY4Zi02Z3hj
Malicious Package in buffermxorEcosystems: npm
Packages: buffermxor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: bqffer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB4cXAtbXY2Ny1nNTI4
Malicious Package in bqffer-xorEcosystems: npm
Packages: bqffer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: requesst
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZjMzctMnJ3NS05ajd4
Malicious Package in requesstEcosystems: npm
Packages: requesst
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: safe-obj
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdwZ2gtaG12NC1yM3Y1
Prototype pollution in safe-objEcosystems: npm
Packages: safe-obj
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: buffer-xmr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzMjctZ2ZxNS04ZjRt
Malicious Package in buffer-xmrEcosystems: npm
Packages: buffer-xmr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: chrome-launcher
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1ncDJqLW1nNHctMnJoNc4AAkmW
chrome-launcher subject to OS Command InjectionEcosystems: npm
Packages: chrome-launcher
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: multi-ini
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc3OGYtNTQ5dy1jMzU0
Prototype Pollution in multi-iniEcosystems: npm
Packages: multi-ini
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: flattenizer
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: almost 2 years ago
GSA_kwCzR0hTQS12cTMzLTI2cHItcjRoNs4AAnA7
flattenizer vulnerable to prototype pollutionEcosystems: npm
Packages: flattenizer
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: buffeb-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVnZ3gtZzI5NC1xajNx
Malicious Package in buffeb-xorEcosystems: npm
Packages: buffeb-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @tomphttp/bare-server-node
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: about 2 months ago
GSA_kwCzR0hTQS04NmZjLWY5Z3ItdjUzM84AA5xc
HTTP Handling Vulnerability in the Bare serverEcosystems: npm
Packages: @tomphttp/bare-server-node
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: about 2 months ago
Critical
Ecosystems: npm
Packages: buffer-8or
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRobTctNzNjaC12bTU5
Malicious Package in buffer-8orEcosystems: npm
Packages: buffer-8or
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: rrgod
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3N3AteHdwcC0zamY3
Malicious Package in rrgodEcosystems: npm
Packages: rrgod
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: strong-nginx-controller
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2OXctcHZ3ci0zOGgz
OS Command Injection in strong-nginx-controllerEcosystems: npm
Packages: strong-nginx-controller
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: sonar-wrapper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13cjR2LTNmMmgtNmhoaM4AAtpE
sonar-wrapper Command Injection vulnerabilityEcosystems: npm
Packages: sonar-wrapper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: @rkesters/gnuplot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYyanctcHIyYy05eDk2
Code injection in @rkesters/gnuplotEcosystems: npm
Packages: @rkesters/gnuplot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: decompress
Source: GitHub Advisory Database
Blast Radius: 53.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFnZnItNWhxcC12cnc5
Path Traversal in decompressEcosystems: npm
Packages: decompress
Source: GitHub Advisory Database
Blast Radius: 53.4
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: react-datepicker-plus
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3Y3gtYzljNC04OXAy
Malicious Package in react-datepicker-plusEcosystems: npm
Packages: react-datepicker-plus
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: erquest
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRwbWctamdtNS0zamc2
Malicious Package in erquestEcosystems: npm
Packages: erquest
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: bowee
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdndmotNnY1Ny13amgz
Malicious Package in boweeEcosystems: npm
Packages: bowee
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: about 2 years ago
GSA_kwCzR0hTQS1mZmhxLWc4NTYtOWYycM06-g
Arbitrary file upload in GhostEcosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: reqest
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnNXEtcmo2Mi1jNDNn
Malicious Package in reqestEcosystems: npm
Packages: reqest
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: cuffer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4bTQtcDZyMi1td3Jj
Malicious Package in cuffer-xorEcosystems: npm
Packages: cuffer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: tenvoy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3MjUtaHhwNS1oOGM5
Improper Verification of Cryptographic SignatureEcosystems: npm
Packages: tenvoy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: curljs
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 1 year ago
GSA_kwCzR0hTQS1jcWZjLTk0NTItcjM2as4AAtxy
curljs Command Injection vulnerabilityEcosystems: npm
Packages: curljs
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: ali-contributors
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThtNXYtZjJ3cC13cXI5
Malicious Package in ali-contributorsEcosystems: npm
Packages: ali-contributors
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: keycloak-js, keycloak-connect
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW13MzUtMjRnaC1mODJ3
keycloak-connect and keycloak-js improperly handle invalid tokensEcosystems: npm
Packages: keycloak-js, keycloak-connect
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: tenvoy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdyOTYtOGczeC1nMzZt
Improper Verification of Cryptographic SignatureEcosystems: npm
Packages: tenvoy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: require-port
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJydm0tZ3FxOC1xMnd4
Malicious Package in require-portEcosystems: npm
Packages: require-port
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: yeoman-genrator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY3ZzQtZm00Yy01NG05
Malicious Package in yeoman-genratorEcosystems: npm
Packages: yeoman-genrator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: node-prompt-here
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY4ZmgtOHJnbS0yMjdo
OS Command Injection in node-prompt-hereEcosystems: npm
Packages: node-prompt-here
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: arsenic-tabasco-cyborg-peanut-butter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI3NDItN2o0aC1oanI4
Malicious Package in arsenic-tabasco-cyborg-peanut-butterEcosystems: npm
Packages: arsenic-tabasco-cyborg-peanut-butter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: buffur-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA3cXAtM2ZoNy1wdjRw
Malicious Package in buffur-xorEcosystems: npm
Packages: buffur-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: giting
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzeGotdjU3Ni0zY2gy
OS Command Injection in gitingEcosystems: npm
Packages: giting
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: set-in
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFyNHAtYzl3ci1waHI2
Prototype pollution in set-inEcosystems: npm
Packages: set-in
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: object-collider
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1ZzItMjltOC1xZjJw
Prototype Pollution Vulnerability in object-colliderEcosystems: npm
Packages: object-collider
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: mogobd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjaGctZzk0ci02NHFn
Malicious Package in mogobdEcosystems: npm
Packages: mogobd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: json-serializer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd4ZnEteGg2di00bXJt
Malicious Package in json-serializerEcosystems: npm
Packages: json-serializer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: jc-sha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdmajYtcDI0Zy02aHBt
Malicious Package in jc-sha3Ecosystems: npm
Packages: jc-sha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: hs-sha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZtcnEtN3I3bS1oaDRw
Malicious Package in hs-sha3Ecosystems: npm
Packages: hs-sha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: juffer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdxcTQtOTM3Yy0yMjgy
Malicious Package in juffer-xorEcosystems: npm
Packages: juffer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: linux-cmdline
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0yYzI5LXdjNjUtNGN4Oc4AAlq3
linux-cmdline is vulnerable to Prototype Pollution via the constructorEcosystems: npm
Packages: linux-cmdline
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: jr-sha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3bXAtcGN2OS12dnE2
Malicious Package in jr-sha3Ecosystems: npm
Packages: jr-sha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: tensorplow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0yZnAtYzc5aC1ycjc5
Malicious Package in tensorplowEcosystems: npm
Packages: tensorplow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: bwffer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxZzctNmczZy04dnhn
Malicious Package in bwffer-xorEcosystems: npm
Packages: bwffer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: bugfer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThnNjQtOWNtMi04Mzhq
Malicious Package in bugfer-xorEcosystems: npm
Packages: bugfer-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: bufver-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyNHgtdzJ2Ny00bW1m
Malicious Package in bufver-xorEcosystems: npm
Packages: bufver-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: buffmr-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd2MzktY2dtbS1jcTI5
Malicious Package in buffmr-xorEcosystems: npm
Packages: buffmr-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: boogeyman
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTloYzItdzlnZy1xNmp3
Malicious Package in boogeymanEcosystems: npm
Packages: boogeyman
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: ladder-text-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMzZ2MtZjh2OS12OGht
Malicious Package in ladder-text-jsEcosystems: npm
Packages: ladder-text-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: buffer-xos
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgyajMtZ2c4dy00ODU4
Malicious Package in buffer-xosEcosystems: npm
Packages: buffer-xos
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: heroku-env
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
GSA_kwCzR0hTQS1qcDQ1LTY1anctOTRtas4AAtx2
heroku-env susceptible to command injectionEcosystems: npm
Packages: heroku-env
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
Statistics
Advisories: 18,303
Packages: 8,274
Repositories: 1,390
Ecosystems: 12
Packages: 8,274
Repositories: 1,390
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
sequelize
16
directus
16
tinymce
14
swagger-ui
14
ghost
14
next
13
joplin
13
strapi
13
ckeditor4
13
undici
12
vm2
12
angular
11
marked
11
handlebars
11
nodebb
11
TinyMCE
9
tinymce/tinymce
9
@evershop/evershop
9
serve
9
org.webjars.npm:jquery
9
jquery-rails
9
jquery
9
next-auth
9
node-forge
8
url-parse
8
express-cart
8
bootstrap
8
jsrsasign
8
tar
8
validator
8
steal
8
@strapi/strapi
8
editor.md
8
urijs
8
npm
8
jQuery
8
systeminformation
8
matrix-js-sdk
8
org.webjars.npm:jquery-ui
7
jquery-ui-rails
7
jquery-ui
7
matrix-appservice-irc
7
hapi
7
jQuery.UI.Combined
7
nocodb
7
lodash
7
total.js
7
matrix-react-sdk
7
shescape
7
hermes-engine
7
sanitize-html
7
snyk-broker
7
uptime-kuma
7
safe-eval
6
rsshub
6
aaptjs
6
parse-url
6
yarn
5
xlsx
5
public
5
openpgp
5
keystone
5
dojo
5
lodash-es
5
sweetalert2
5
rendertron
5
prismjs
5
total4
5
ejs
5
mongoose
5
vite
5
@strapi/plugin-users-permissions
5
ua-parser-js
5
safer-eval
4
follow-redirects
4
fastify
4
axios
4
dompurify
4
ws
4
apostrophe
4
realms-shim
4
katex
4
engine.io
4
hummus
4
muhammara
4
remarkable
4
simple-markdown
4
simple-git
4
meshcentral
4
@backstage/plugin-scaffolder-backend
4
vditor
4
mysql2
4
vega
4
@keystone-6/core
4
moment
4
materialize-css
4
auth0-lock
4
apollo-server-core
4
auth0-js
4
convert-svg-core
4
ecstatic
4
generator-jhipster
4
qs
4
glance
4
awsiotsdk
4
aws-iot-device-sdk-v2
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
mermaid
4
valine
4
mongo-express
4
jsonwebtoken
4
socket.io-parser
3
code-server
3
@backstage/techdocs-common
3
uap-core
3
node-opcua
3
postcss
3
http-live-simulator
3
@cubejs-backend/api-gateway
3
codecov
3
@strapi/utils
3
keycloak-connect
3
slp-validate
3
mathjs
3
loader-utils
3
grunt
3
@sequelize/core
3
js-yaml
3
jspdf
3
nodemailer
3
notevil
3
ses
3
node-red-dashboard
3
node-jose
3
org.webjars.npm:xlsx
3
passport-wsfed-saml2
3
jointjs
3
jquery-validation
3
feathers-sequelize
3
object-path
3
dns-sync
3
m-server
3
n8n
3
node-ipc
3
xmldom
3
apollo-server
3
locutus
3
protobufjs
3
tough-cookie
3
fast-xml-parser
3
stimulsoft-dashboards-js
3
jose-node-cjs-runtime
3
@vrite/sdk
3
ids-enterprise
3
mxgraph
3
jose-node-esm-runtime
3
@materializecss/materialize
3
@commercial/subtext
3
blamer
3
openmct
3
jose
3
fuxa-server
3
@sveltejs/kit
3
mixme
3
simplehttpserver
3
dojox
3
convict
3
bootstrap
3
connect
3
json-ptr
3
nadesiko3
3
@ckeditor/ckeditor5-markdown-gfm
3
@uppy/companion
3
localhost-now
3
parsel
3
docsify
3
sails
3
highcharts
3
froala-editor
3
buttle
3
serialize-to-js
3
mysql
3
wrangler
3
slpjs
3
llhttp
3
bson
3
bin-links
3
yapi-vendor
3
immer
3
json-pointer
3
typeorm
3
@frangoteam/fuxa
3
express-fileupload
3
@soketi/soketi
3
renovate
3
node-fetch
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/sequelize/sequelize
16
https://github.com/directus/directus
15
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/nodejs/undici
12
https://github.com/laurent22/joplin
12
https://github.com/TryGhost/Ghost
12
https://github.com/patriksimek/vm2
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/backstage/backstage
12
https://github.com/NodeBB/NodeBB
11
https://github.com/jquery/jquery
11
https://github.com/keystonejs/keystone
10
https://github.com/nextauthjs/next-auth
10
https://github.com/evershopcommerce/evershop
9
https://github.com/vercel/next.js
9
https://github.com/stealjs/steal
8
https://github.com/apollographql/apollo-server
8
https://github.com/digitalbazaar/forge
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/pandao/editor.md
8
https://github.com/kjur/jsrsasign
8
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/twbs/bootstrap
7
https://github.com/louislam/uptime-kuma
7
https://github.com/nocodb/nocodb
7
https://github.com/lodash/lodash
7
https://github.com/unshiftio/url-parse
7
https://github.com/ericcornelissen/shescape
7
https://github.com/totaljs/framework
6
https://github.com/eclipse-theia/theia
6
https://github.com/jquery/jquery-ui
6
https://github.com/panva/jose
6
https://github.com/ionicabizau/parse-url
6
https://github.com/shenzhim/aaptjs
6
https://github.com/facebook/hermes
6
https://github.com/npm/node-tar
6
https://github.com/DIYgod/RSSHub
6
https://github.com/markedjs/marked
5
https://github.com/npm/cli
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/vitejs/vite
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/vega/vega
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/cloudflare/workers-sdk
4
https://github.com/sidorares/node-mysql2
4
https://github.com/axios/axios
4
https://github.com/KaTeX/KaTeX
4
https://github.com/socketio/engine.io
4
https://github.com/hapijs/hapi
4
https://github.com/auth0/lock
4
https://github.com/balderdashy/sails
4
https://github.com/steveukx/git-js
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/mrvautin/expressCart
4
https://github.com/xCss/Valine
4
https://github.com/follow-redirects/follow-redirects
4
https://github.com/PrismJS/prism
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/yarnpkg/yarn
4
https://github.com/Dogfalo/materialize
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/npm/npm
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/mde/ejs
4
https://github.com/angular/angular.js
4
https://github.com/fastify/fastify
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/nodemailer/nodemailer
3
https://github.com/highcharts/highcharts
3
https://github.com/sveltejs/kit
3
https://github.com/n8n-io/n8n
3
https://github.com/node-opcua/node-opcua
3
https://github.com/nasa/openmct
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/neocotic/convert-svg
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/beerpwn/CVE
3
https://github.com/immerjs/immer
3
https://github.com/transloadit/uppy
3
https://github.com/nodejs/llhttp
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/node-fetch/node-fetch
3
https://github.com/facebook/react
3
https://github.com/gruntjs/grunt
3
https://github.com/cure53/DOMPurify
3
https://github.com/salesforce/tough-cookie
3
https://github.com/clientIO/joint
3
https://github.com/mermaid-js/mermaid
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/renovatebot/renovate
3
https://github.com/simpleledger/slpjs
3
https://github.com/mariocasciaro/object-path
3
https://github.com/moment/moment
3
https://github.com/mongodb/js-bson
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/docsifyjs/docsify
3
https://github.com/cisco/node-jose
3
https://github.com/chjj/marked
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/dojo/dojo
3
https://github.com/dojo/dojox
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/mongo-express/mongo-express
3
https://github.com/mozilla/node-convict
3
https://github.com/socketio/socket.io-parser
3
https://github.com/soketi/soketi
3
https://github.com/dwisiswant0/advisory
3
https://github.com/hapijs/subtext
3
https://github.com/MrRio/jsPDF
3
https://github.com/postcss/postcss
3
https://github.com/ua-parser/uap-core
3
https://github.com/adaltas/node-mixme
3
https://github.com/josdejong/mathjs
3
https://github.com/typeorm/typeorm
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/YMFE/yapi
3
https://github.com/vanessa219/vditor
3
https://github.com/zeit/next.js
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/vriteio/vrite
3
https://github.com/webpack/loader-utils
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/xmldom/xmldom
3
https://github.com/websockets/ws
3
https://github.com/Automattic/mongoose
3
https://github.com/jarofghosts/glance
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/richardgirges/express-fileupload
2
https://github.com/rico345100/socket.io-file
2
https://github.com/amitmerchant1990/electron-markdownify
2
https://github.com/getsentry/sentry-javascript
2
https://github.com/gigafied/decal.js
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/deoxxa/dotty
2
https://github.com/gilbitron/Raneto
2
https://github.com/micromatch/braces
2
https://github.com/DCKT/localhost-now
2
https://github.com/dfinity/agent-js
2
https://github.com/request/request
2
https://github.com/webpack-contrib/webpack-bundle-analyzer
2
https://github.com/dimpu/ngx-md
2
https://github.com/alvarotrigo/fullpage.js
2
https://github.com/moment/moment-timezone
2
https://github.com/wenzhixin/bootstrap-table
2
https://github.com/jaw187/node-traceroute
2
https://github.com/rabobank-blockchain/vp-toolkit
2
https://github.com/Qwerios/madlib-object-utils
2
https://github.com/galkahana/HummusJS
2
https://github.com/quilljs/quill
2
https://github.com/monsterkodi/sds
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/markdown-it/markdown-it
2
https://github.com/jameswlane/status-board
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/vivaxy/here
2
https://github.com/cloudhead/node-static
2
https://github.com/codecov/codecov-node
2
https://github.com/mathjax/MathJax
2
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/jsuites/jsuites
2
https://github.com/shelljs/shelljs
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/guardian/html-janitor
2
https://github.com/vvakame/fs-git
2
https://github.com/cronvel/tree-kit
2
https://github.com/cube-js/cube.js
2
https://github.com/sass/node-sass
2
https://github.com/curveball/a12n-server
2
https://github.com/google/closure-library
2
https://github.com/jaredly/hexo-admin
2
https://github.com/mercurius-js/mercurius
2
https://github.com/js-data/js-data
2