Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Moderate
Ecosystems: npm
Packages: hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozZzItbTVqai02MzM2
Unsafe Merging of CORS Configuration Conflict in hapiEcosystems: npm
Packages: hapi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wcmMzLXZqZngtdmhtOc4AAtaT
Angular (deprecated package) Cross-site ScriptingEcosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: snyk-broker
Source: GitHub Advisory Database
Blast Radius: 1.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1ncTc1LTVnYzMtcmZ3Z84AAto_
snyk-broker Path Traversal before v4.73.0Ecosystems: npm
Packages: snyk-broker
Source: GitHub Advisory Database
Blast Radius: 1.5
Published: almost 2 years ago
Moderate
Ecosystems: swift, pypi, pub, packagist, cargo, rubygems, nuget, go, maven, npm
Packages: github.com/pubnub/swift, pubnub, pubnub/pubnub, Pubnub, github.com/pubnub/go/v5, github.com/pubnub/go/v6, github.com/pubnub/go, github.com/pubnub/go/v7, com.pubnub:pubnub, com.pubnub:pubnub-kotlin
Source: GitHub Advisory Database
Blast Radius: 82.5
Published: 5 months ago
GSA_kwCzR0hTQS01ODQ0LXEzZmMtNTZyaM4AA3lZ
pubnub Insufficient Entropy vulnerabilityEcosystems: swift, pypi, pub, packagist, cargo, rubygems, nuget, go, maven, npm
Packages: github.com/pubnub/swift, pubnub, pubnub/pubnub, Pubnub, github.com/pubnub/go/v5, github.com/pubnub/go/v6, github.com/pubnub/go, github.com/pubnub/go/v7, com.pubnub:pubnub, com.pubnub:pubnub-kotlin
Source: GitHub Advisory Database
Blast Radius: 82.5
Published: 5 months ago
Moderate
Ecosystems: npm
Packages: svg2png
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1wcDUtMng1NS00OXh3
XSS in svg2png (NPM package)Ecosystems: npm
Packages: svg2png
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: nhouston
Source: GitHub Advisory Database
Blast Radius: 3.2
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0ZzktdzIzYy01cnc3
Directory Traversal in nhoustonEcosystems: npm
Packages: nhouston
Source: GitHub Advisory Database
Blast Radius: 3.2
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: file-upload-with-preview
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 2 years ago
GSA_kwCzR0hTQS05N3B2LTQzMzgtcjV2cM0Vnw
Cross-site Scripting in file-upload-with-previewEcosystems: npm
Packages: file-upload-with-preview
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: markdown-it-toc
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 2 years ago
GSA_kwCzR0hTQS13ZnZ4LWZ4NzMtM3Jmas4AAtob
markdown-it-toc Cross-site Scripting due to title of generated toc and contents of header not being escapedEcosystems: npm
Packages: markdown-it-toc
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: dojo
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA4MmctMnhwcC1tNXIz
Cross-Site Scripting in dojoEcosystems: npm
Packages: dojo
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: mysql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmN20tbW1wYy1xaGg0
mysql Node.JS Module Vulnerable to Remote Memory ExposureEcosystems: npm
Packages: mysql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: vite
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: over 1 year ago
GSA_kwCzR0hTQS1tdjQ4LWhjdmgtOGpqOM4AAuGt
Vitejs Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's serviceEcosystems: npm
Packages: vite
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: mobiledoc-kit
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 1 year ago
GSA_kwCzR0hTQS1odzJwLXhxaHEtM21qZs4AAuYz
Cross site scripting in mobiledoc-kitEcosystems: npm
Packages: mobiledoc-kit
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @builder.io/qwik
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 1 year ago
GSA_kwCzR0hTQS1obTdmLXJxN3Etajl4cM4AAxFC
@builder.io/qwik vulnerable to Cross-site ScriptingEcosystems: npm
Packages: @builder.io/qwik
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @backstage/techdocs-common
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnZjgtMjhnZy12cHI2
Path traversalEcosystems: npm
Packages: @backstage/techdocs-common
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ2YzQtOHdycC1qOTl2
Improper Validation and Sanitization in url-parseEcosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: about 2 years ago
GSA_kwCzR0hTQS1mOXdnLTVmNDYtY2ptd80_pg
NextAuth.js default redirect callback vulnerable to open redirectsEcosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: express-mock-middleware
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYzOWgtcW0zMi04Z3dx
Improperly Controlled Modification of Dynamically-Determined Object Attributes in express-mock-middlewareEcosystems: npm
Packages: express-mock-middleware
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: over 2 years ago
Moderate
Ecosystems: pypi, npm
Packages: dash-core-components, dash-html-components, dash
Source: GitHub Advisory Database
Blast Radius: 32.3
Published: 3 months ago
GSA_kwCzR0hTQS01NDd4LTc0OHYtdnA2cM4AA5A9
Dash apps vulnerable to Cross-site ScriptingEcosystems: pypi, npm
Packages: dash-core-components, dash-html-components, dash
Source: GitHub Advisory Database
Blast Radius: 32.3
Published: 3 months ago
Moderate
Ecosystems: npm
Packages: video.js
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBwN20tNmo4My1tN3I2
Cross-site Scripting in video.jsEcosystems: npm
Packages: video.js
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: @npmcli/git
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4d20teDU1My14MzU5
Arbitrary Command Injection due to Improper Command SanitizationEcosystems: npm
Packages: @npmcli/git
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: about 1 year ago
GSA_kwCzR0hTQS01cDg0LW1taDktcHhncs4AAyhy
Pandao Editor.md vulnerable to cross-site scripting (XSS) in editor parameterEcosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: grapesjs
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 2 years ago
GSA_kwCzR0hTQS01ODlmLWM2NnAtaHhyNM4AAtpP
grapesjs before 0.19.5 vulnerable to Cross-site ScriptingEcosystems: npm
Packages: grapesjs
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: color-string
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI1N3Ytdmo0cC0zdzJo
Regular Expression Denial of Service (ReDOS)Ecosystems: npm
Packages: color-string
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: @scandipwa/magento-scripts
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUycXAtZ3d3aC1xcmc0
Missing Handler in @scandipwa/magento-scriptsEcosystems: npm
Packages: @scandipwa/magento-scripts
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: strapi-plugin-ezforms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS04bWdxLTZyMnEtODJ3Oc4AAui5
Captcha Bypass in strapi-plugin-ezformsEcosystems: npm
Packages: strapi-plugin-ezforms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @angular/core
Source: GitHub Advisory Database
Blast Radius: 31.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1jNzV2LTJ2cTgtODc4Zs4AArP4
Cross site scripting in AngularEcosystems: npm
Packages: @angular/core
Source: GitHub Advisory Database
Blast Radius: 31.8
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: semver
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 11 months ago
GSA_kwCzR0hTQS1jMnFmLXJ4amotcXFnd84AAz95
semver vulnerable to Regular Expression Denial of ServiceEcosystems: npm
Packages: semver
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: @braintree/sanitize-url
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: about 2 years ago
GSA_kwCzR0hTQS1ocXE3LTJxMnYtODJ4cc0zPQ
Cross-site Scripting in sanitize-urlEcosystems: npm
Packages: @braintree/sanitize-url
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: twitter-fetcher-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tNjg4LWN4MnAtcmdxOc4AAwp5
Twitter-Post-Fetcher vulnerable to Use of Web Link to Untrusted Target with window.opener AccessEcosystems: npm
Packages: twitter-fetcher-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: mongodb-client-encryption
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJqbWYtcDg4Mi02NDVt
mongodb-client-encryption vulnerable to Improper Certificate ValidationEcosystems: npm
Packages: mongodb-client-encryption
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: merge-deep2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qMjhxLXA4d3ctY3A4N80auw
Prototype Pollution in merge-deep2.Ecosystems: npm
Packages: merge-deep2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: larvitbase-www
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg4aDktZmM2di1qY3c3
Unintended Require in larvitbase-wwwEcosystems: npm
Packages: larvitbase-www
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: @grafana/data
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 2 years ago
GSA_kwCzR0hTQS0zajltLWhjdjktcnBqOM0W3Q
XSS vulnerability allowing arbitrary JavaScript executionEcosystems: npm
Packages: @grafana/data
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: matrix-js-sdk
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
GSA_kwCzR0hTQS0yM2NtLXg2ajctNmhxM80Vvw
matrix-js-sdk can be tricked into disclosing E2EE room keys to a participating homeserverEcosystems: npm
Packages: matrix-js-sdk
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: simple-crypto-js
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2N3Itamc5ci12cTQ0
Insecure Cryptography Algorithm in simple-crypto-jsEcosystems: npm
Packages: simple-crypto-js
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzcjQtNW14cC1jN2c1
parse-server new anonymous user session acts as if it's created with passwordEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwOTMtZ2N4NS00dzUy
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: 2 months ago
GSA_kwCzR0hTQS1ybTk3LXg1NTYtcTM2aM4AA5fD
sanitize-html Information Exposure vulnerabilityEcosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: 2 months ago
Moderate
Ecosystems: npm
Packages: gatsby-plugin-sharp
Source: GitHub Advisory Database
Blast Radius: 21.1
Published: about 1 year ago
GSA_kwCzR0hTQS1oMnBtLTM3OGMtcGN4eM4AAy5Z
Path traversal vulnerability in gatsby-plugin-sharpEcosystems: npm
Packages: gatsby-plugin-sharp
Source: GitHub Advisory Database
Blast Radius: 21.1
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @digitalbazaar/zcap
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: 22 days ago
GSA_kwCzR0hTQS1ocDhoLTd4NjktNHdtds4AA63y
zcap has incomplete expiration checks in capability chains.Ecosystems: npm
Packages: @digitalbazaar/zcap
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: 22 days ago
Moderate
Ecosystems: npm
Packages: @xmldom/xmldom, xmldom
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmZzgtMjU0Ny1tcjhx
Misinterpretation of malicious XML inputEcosystems: npm
Packages: @xmldom/xmldom, xmldom
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: nwmatcher
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYzOTQtNmg5aC1jZmpn
Regular Expression Denial of ServiceEcosystems: npm
Packages: nwmatcher
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: @strapi/database, @strapi/utils, @strapi/strapi
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 9 months ago
GSA_kwCzR0hTQS1jaG1yLXJnMmYtOWptZs4AA04b
Making all attributes on a content-type public without noticing itEcosystems: npm
Packages: @strapi/database, @strapi/utils, @strapi/strapi
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 9 months ago
Moderate
Ecosystems: npm
Packages: anchorme
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0d3EtcnZtcS03N3g3
Cross-site scripting in anchormeEcosystems: npm
Packages: anchorme
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: config-shield
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc4aDQtdnc4Zi1ydnZq
Improper Control of Dynamically-Managed Code Resources in config-shieldEcosystems: npm
Packages: config-shield
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: 9 months ago
GSA_kwCzR0hTQS1nZ2dtLTY2cmgtcHA5OM4AA046
Incorrect Permission Checking for GraphQL SubscriptionsEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: 9 months ago
Moderate
Ecosystems: npm
Packages: @eivifj/dot
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdmd3EteGM1Ny1mcTd2
eivindfjeldstad-dot contains prototype pollution vulnerabilityEcosystems: npm
Packages: @eivifj/dot
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: 22 days ago
GSA_kwCzR0hTQS00OWo0LTg2bTgtcTJqd84AA62p
mysql2 vulnerable to Prototype PoisoningEcosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: 22 days ago
Moderate
Ecosystems: npm
Packages: @shopify/koa-shopify-auth
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpxaDctdzVwci1jcjU2
Cross-site scripting in @shopify/koa-shopify-authEcosystems: npm
Packages: @shopify/koa-shopify-auth
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: markdown-it
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 2 years ago
GSA_kwCzR0hTQS02dmZjLXF2M2YtdnI2Y80hTA
Uncontrolled Resource Consumption in markdown-itEcosystems: npm
Packages: markdown-it
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: @easy-team/easywebpack-cli
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: over 1 year ago
GSA_kwCzR0hTQS0yNTJoLTJjbXEtcG1yNs4AAwXI
easywebpack-cli Path Traversal vulnerabilityEcosystems: npm
Packages: @easy-team/easywebpack-cli
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: postcss
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3ajktaDVtcC0zcG0z
Regular Expression Denial of Service in postcssEcosystems: npm
Packages: postcss
Source: GitHub Advisory Database
Blast Radius: 34.8
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: tesseract.js
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgzcngtYzhjci02ajhx
Insecure Default Configuration in tesseract.jsEcosystems: npm
Packages: tesseract.js
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 5 years ago
Moderate
Ecosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdweDctN3hqeC1oeG04
Marked vulnerable to XSS from data URIsEcosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 34.6
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: parse-url
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1xNndxLTVwNTktOTgzd84AAtA4
Cross site scripting in parse-urlEcosystems: npm
Packages: parse-url
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: moment
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3dnYtcjlqNi1nNXF2
Regular Expression Denial of Service in momentEcosystems: npm
Packages: moment
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 37.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3Y2YtcHA4Ny03eDZw
mde ejs vulnerable to XSSEcosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 37.7
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: tinymce
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2bTgtaGhnci1qY2pw
Cross-site scripting vulnerability in TinyMCEEcosystems: npm
Packages: tinymce
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: openmct
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: 6 months ago
GSA_kwCzR0hTQS00Zzg4LTRoZ20tbTk5eM4AA3BK
NASA Open MCT Cross Site Request Forgery (CSRF) vulnerabilityEcosystems: npm
Packages: openmct
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: 6 months ago
Moderate
Ecosystems: packagist, npm
Packages: bassjobsen/bootstrap-3-typeahead, bootstrap-3-typeahead
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tMmhtLWhycjItNnAycc4AAq8b
Cross-site Scripting in Bootstrap-3-TypeaheadEcosystems: packagist, npm
Packages: bassjobsen/bootstrap-3-typeahead, bootstrap-3-typeahead
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: send
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpncWYtaHdjNS1oaDM3
Root Path Disclosure in sendEcosystems: npm
Packages: send
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: ms
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: over 1 year ago
GSA_kwCzR0hTQS13OW1yLTRtZnItNDk5Zs4AAwww
Vercel ms Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: ms
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: over 1 year ago
Moderate
Ecosystems: maven, rubygems, npm, nuget
Packages: org.webjars.npm:jquery, jquery-rails, jquery, jQuery
Source: GitHub Advisory Database
Blast Radius: 104.9
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJteGctNzNnZy00cDk4
Cross-Site Scripting (XSS) in jqueryEcosystems: maven, rubygems, npm, nuget
Packages: org.webjars.npm:jquery, jquery-rails, jquery, jQuery
Source: GitHub Advisory Database
Blast Radius: 104.9
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: readthedocs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS05OHBmLWdmaDMteDNtcM4AAv0C
Read the Docs vulnerable to Cross-Site Scripting (XSS)Ecosystems: npm
Packages: readthedocs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: docsify
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwcWgtNDZxai12d2N3
Cross-site Scripting in docsifyEcosystems: npm
Packages: docsify
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc4ODktcm01ai1ocGdn
Clipboard feature vulnerability allowing to inject arbitrary HTML into the editor using paste functionalityEcosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: parse-url
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1qcHA3LTdjaGgtY2Y2N84AAtAo
Cross site scripting in parse-urlEcosystems: npm
Packages: parse-url
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: fast-string-search
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1obXFnLXA4ZjgtM3Fyd84AArtt
Out-of-bounds Read in fast-string-searchEcosystems: npm
Packages: fast-string-search
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: jplayer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zamNxLWN3cjctNjMzMs4AAecE
jplayer Cross Site Scripting vulnerabilityEcosystems: npm
Packages: jplayer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4bTIteGoycS1xZ3Bq
receiving subscription objects with deleted sessionEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: angular-ui-notification
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 10 months ago
GSA_kwCzR0hTQS1tcmNqLTVxeHItdmhwMs4AA0Jz
angular-ui-notification Cross-site Scripting vulnerabilityEcosystems: npm
Packages: angular-ui-notification
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 10 months ago
Moderate
Ecosystems: npm
Packages: electron-markdownify
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xcWhmLXhmaHctNzg4NM4AAvtB
Markdownify has Files or Directories Accessible to External PartiesEcosystems: npm
Packages: electron-markdownify
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: katex
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: about 1 month ago
GSA_kwCzR0hTQS1mOTh3LTdjeHItZmYyaM4AA6Ra
KaTeX's `\includegraphics` does not escape filenameEcosystems: npm
Packages: katex
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: about 1 month ago
Moderate
Ecosystems: npm
Packages: domokeeper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyNjctNzhqci1qOTRw
Local File Inclusion in domokeeperEcosystems: npm
Packages: domokeeper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: sharp
Source: GitHub Advisory Database
Blast Radius: 34.1
Published: almost 2 years ago
GSA_kwCzR0hTQS1ncDk1LXBwdjUtM2pjNc4AArTZ
sharp vulnerable to Command Injection in post-installation over build environmentEcosystems: npm
Packages: sharp
Source: GitHub Advisory Database
Blast Radius: 34.1
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: @fastify/csrf-protection
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: about 1 year ago
GSA_kwCzR0hTQS1xcmdmLTlncGMtdnJ4d84AAy5b
Bypass of CSRF protection in the presence of predictable userInfoEcosystems: npm
Packages: @fastify/csrf-protection
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: translate
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 1 month ago
GSA_kwCzR0hTQS04ODJqLTR2ajUtN3Ztas4AA6O1
Cache Poisoning VulnerabilityEcosystems: npm
Packages: translate
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 1 month ago
Moderate
Ecosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0aDgtN3FmZi1naDZj
Server-side request forgery in Ghost CMSEcosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: iniparserjs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJmNmctdzVnai1jOTNo
Prototype Pollution in iniparserjsEcosystems: npm
Packages: iniparserjs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: wxchangba
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo2djkteGd2aC1mNzk2
Command Injection in wxchangbaEcosystems: npm
Packages: wxchangba
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: survey-creator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS14Z2o0LTJocmYtajR4Z84AA6Mj
Cross-site scripting in Survey CreatorEcosystems: npm
Packages: survey-creator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
Ecosystems: npm
Packages: valib
Source: GitHub Advisory Database
Blast Radius: 12.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBtcHItdmM1cS1oM2p3
Exposure of Resource to Wrong Sphere in valibEcosystems: npm
Packages: valib
Source: GitHub Advisory Database
Blast Radius: 12.4
Published: about 3 years ago
Moderate
Ecosystems: pypi, npm, maven
Packages: awsiotsdk, aws-iot-device-sdk-v2, software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: over 2 years ago
GSA_kwCzR0hTQS03NDNyLTVnOTItNXZnZs0YEw
Improper certificate management in AWS IoT Device SDK v2Ecosystems: pypi, npm, maven
Packages: awsiotsdk, aws-iot-device-sdk-v2, software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 39.1
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhoMjctZmZyMi1mMmpj
Open redirect in url-parseEcosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 39.1
Published: over 2 years ago
Moderate
Ecosystems: pypi, npm, maven
Packages: awsiotsdk, aws-iot-device-sdk-v2, software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: over 2 years ago
GSA_kwCzR0hTQS1jNHJoLTQzNzYtZ2ZmNM0YEg
Improper certificate management in AWS IoT Device SDK v2Ecosystems: pypi, npm, maven
Packages: awsiotsdk, aws-iot-device-sdk-v2, software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1MmctNmpoeC01ODZw
Denial of Service in handlebarsEcosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: bodymen
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThoODQtOGo0Zi1wOTdx
Injection in bodymenEcosystems: npm
Packages: bodymen
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: @shopify/hydrogen
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: almost 2 years ago
GSA_kwCzR0hTQS02ajIyLXd2OGctODk0Zs4AAga8
Potential Cross-site Scripting vulnerability in HydrogenEcosystems: npm
Packages: @shopify/hydrogen
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: about 2 years ago
GSA_kwCzR0hTQS1mbXZtLXg4bXYtNDdtas0s0Q
Improper CSP in Image Optimization API for Next.js versions between 10.0.0 and 12.1.0Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: about 2 months ago
GSA_kwCzR0hTQS1mcjN3LTJwMjItNnc3cM4AA572
URL Redirection to Untrusted Site in OAuth2/OpenID in directusEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: about 2 months ago
Moderate
Ecosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS04OGo0LXBjeDgtcTRxM84AA3q_
Password Change VulnerabilityEcosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
Ecosystems: npm
Packages: stellar-sdk
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZjZ2gtaGpwdy1xM2dx
Utils.readChallengeTx does not verify the server account signatureEcosystems: npm
Packages: stellar-sdk
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: @excalidraw/excalidraw
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 14 days ago
GSA_kwCzR0hTQS1tNjRxLTRqcWgtZjcyZs4AA7KT
Stored Cross-site Scripting (XSS) in excalidraw's web embed componentEcosystems: npm
Packages: @excalidraw/excalidraw
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 14 days ago
Moderate
Ecosystems: npm
Packages: nodemailer
Source: GitHub Advisory Database
Blast Radius: 33.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3cWYtZ2NxbS03MzUz
Header injection in nodemailerEcosystems: npm
Packages: nodemailer
Source: GitHub Advisory Database
Blast Radius: 33.6
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: shelljs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS02NGc3LW12dzYtdjlxas0jWA
Improper Privilege Management in shelljsEcosystems: npm
Packages: shelljs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: fsa
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNwOTQtdmo5Ny1mbTRx
OS Command Injection in fsaEcosystems: npm
Packages: fsa
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwanAtN3JwMi05YzNm
Moderate severity vulnerability that affects validatorEcosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0cXEtZm03cS1jd3A1
Multiple XSS Filter Bypasses in validatorEcosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: over 6 years ago
Moderate
Ecosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: 22 days ago
GSA_kwCzR0hTQS1tcXIyLXc3d2otampncs4AA62q
mysql2 cache poisoning vulnerabilityEcosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: 22 days ago
Moderate
Ecosystems: npm
Packages: inert
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0eHAtMzZjMy1mN21y
Hidden Directories Always Served in inertEcosystems: npm
Packages: inert
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Statistics
Advisories: 18,311
Packages: 8,276
Repositories: 1,390
Ecosystems: 12
Packages: 8,276
Repositories: 1,390
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
sequelize
16
directus
16
tinymce
14
swagger-ui
14
ghost
14
next
13
joplin
13
strapi
13
ckeditor4
13
undici
12
vm2
12
angular
11
marked
11
handlebars
11
nodebb
11
TinyMCE
9
tinymce/tinymce
9
@evershop/evershop
9
serve
9
org.webjars.npm:jquery
9
jquery-rails
9
jquery
9
next-auth
9
node-forge
8
url-parse
8
express-cart
8
bootstrap
8
jsrsasign
8
tar
8
validator
8
steal
8
@strapi/strapi
8
editor.md
8
urijs
8
npm
8
jQuery
8
systeminformation
8
matrix-js-sdk
8
org.webjars.npm:jquery-ui
7
jquery-ui-rails
7
jquery-ui
7
jQuery.UI.Combined
7
hapi
7
matrix-appservice-irc
7
nocodb
7
lodash
7
snyk-broker
7
shescape
7
matrix-react-sdk
7
total.js
7
sanitize-html
7
hermes-engine
7
uptime-kuma
7
parse-url
6
rsshub
6
aaptjs
6
safe-eval
6
ejs
5
prismjs
5
vite
5
keystone
5
xlsx
5
yarn
5
public
5
openpgp
5
@strapi/plugin-users-permissions
5
dojo
5
sweetalert2
5
lodash-es
5
total4
5
ua-parser-js
5
rendertron
5
mongoose
5
moment
4
ws
4
vega
4
apostrophe
4
axios
4
safer-eval
4
dompurify
4
mysql2
4
vditor
4
realms-shim
4
@keystone-6/core
4
fastify
4
@backstage/plugin-scaffolder-backend
4
meshcentral
4
follow-redirects
4
simple-git
4
simple-markdown
4
katex
4
engine.io
4
hummus
4
muhammara
4
remarkable
4
materialize-css
4
auth0-lock
4
apollo-server-core
4
auth0-js
4
convert-svg-core
4
ecstatic
4
generator-jhipster
4
mermaid
4
glance
4
qs
4
awsiotsdk
4
aws-iot-device-sdk-v2
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
valine
4
mongo-express
4
jsonwebtoken
4
http-live-simulator
3
code-server
3
node-ipc
3
@backstage/techdocs-common
3
socket.io-parser
3
@strapi/utils
3
@cubejs-backend/api-gateway
3
codecov
3
keycloak-connect
3
postcss
3
uap-core
3
node-opcua
3
mathjs
3
loader-utils
3
grunt
3
@sequelize/core
3
js-yaml
3
jspdf
3
nodemailer
3
notevil
3
ses
3
node-jose
3
node-red-dashboard
3
org.webjars.npm:xlsx
3
passport-wsfed-saml2
3
jointjs
3
object-path
3
dns-sync
3
feathers-sequelize
3
protobufjs
3
m-server
3
n8n
3
jquery-validation
3
xmldom
3
locutus
3
apollo-server
3
slp-validate
3
fast-xml-parser
3
tough-cookie
3
stimulsoft-dashboards-js
3
statics-server
3
@vrite/sdk
3
jose-node-cjs-runtime
3
jose-node-esm-runtime
3
@sveltejs/kit
3
mxgraph
3
ids-enterprise
3
blamer
3
@commercial/subtext
3
@materializecss/materialize
3
jose
3
openmct
3
mixme
3
fuxa-server
3
simplehttpserver
3
dojox
3
bootstrap
3
connect
3
convict
3
json-ptr
3
localhost-now
3
nadesiko3
3
@ckeditor/ckeditor5-markdown-gfm
3
@uppy/companion
3
sails
3
highcharts
3
docsify
3
mysql
3
buttle
3
wrangler
3
serialize-to-js
3
froala-editor
3
slpjs
3
llhttp
3
bson
3
bin-links
3
yapi-vendor
3
@frangoteam/fuxa
3
immer
3
json-pointer
3
subtext
3
express-fileupload
3
@soketi/soketi
3
node-fetch
3
parsel
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/sequelize/sequelize
16
https://github.com/directus/directus
15
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/nodejs/undici
12
https://github.com/laurent22/joplin
12
https://github.com/TryGhost/Ghost
12
https://github.com/patriksimek/vm2
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/backstage/backstage
12
https://github.com/NodeBB/NodeBB
11
https://github.com/jquery/jquery
11
https://github.com/keystonejs/keystone
10
https://github.com/nextauthjs/next-auth
10
https://github.com/evershopcommerce/evershop
9
https://github.com/vercel/next.js
9
https://github.com/stealjs/steal
8
https://github.com/apollographql/apollo-server
8
https://github.com/digitalbazaar/forge
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/pandao/editor.md
8
https://github.com/kjur/jsrsasign
8
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/twbs/bootstrap
7
https://github.com/louislam/uptime-kuma
7
https://github.com/nocodb/nocodb
7
https://github.com/lodash/lodash
7
https://github.com/unshiftio/url-parse
7
https://github.com/ericcornelissen/shescape
7
https://github.com/totaljs/framework
6
https://github.com/eclipse-theia/theia
6
https://github.com/jquery/jquery-ui
6
https://github.com/panva/jose
6
https://github.com/ionicabizau/parse-url
6
https://github.com/shenzhim/aaptjs
6
https://github.com/facebook/hermes
6
https://github.com/npm/node-tar
6
https://github.com/DIYgod/RSSHub
6
https://github.com/markedjs/marked
5
https://github.com/npm/cli
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/vitejs/vite
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/vega/vega
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/cloudflare/workers-sdk
4
https://github.com/sidorares/node-mysql2
4
https://github.com/axios/axios
4
https://github.com/KaTeX/KaTeX
4
https://github.com/socketio/engine.io
4
https://github.com/hapijs/hapi
4
https://github.com/auth0/lock
4
https://github.com/balderdashy/sails
4
https://github.com/steveukx/git-js
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/mrvautin/expressCart
4
https://github.com/xCss/Valine
4
https://github.com/follow-redirects/follow-redirects
4
https://github.com/PrismJS/prism
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/yarnpkg/yarn
4
https://github.com/Dogfalo/materialize
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/npm/npm
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/mde/ejs
4
https://github.com/angular/angular.js
4
https://github.com/fastify/fastify
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/nodemailer/nodemailer
3
https://github.com/highcharts/highcharts
3
https://github.com/sveltejs/kit
3
https://github.com/n8n-io/n8n
3
https://github.com/node-opcua/node-opcua
3
https://github.com/nasa/openmct
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/neocotic/convert-svg
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/beerpwn/CVE
3
https://github.com/immerjs/immer
3
https://github.com/transloadit/uppy
3
https://github.com/nodejs/llhttp
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/node-fetch/node-fetch
3
https://github.com/facebook/react
3
https://github.com/gruntjs/grunt
3
https://github.com/cure53/DOMPurify
3
https://github.com/salesforce/tough-cookie
3
https://github.com/clientIO/joint
3
https://github.com/mermaid-js/mermaid
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/renovatebot/renovate
3
https://github.com/simpleledger/slpjs
3
https://github.com/mariocasciaro/object-path
3
https://github.com/moment/moment
3
https://github.com/mongodb/js-bson
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/docsifyjs/docsify
3
https://github.com/cisco/node-jose
3
https://github.com/chjj/marked
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/dojo/dojo
3
https://github.com/dojo/dojox
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/mongo-express/mongo-express
3
https://github.com/mozilla/node-convict
3
https://github.com/socketio/socket.io-parser
3
https://github.com/soketi/soketi
3
https://github.com/dwisiswant0/advisory
3
https://github.com/hapijs/subtext
3
https://github.com/MrRio/jsPDF
3
https://github.com/postcss/postcss
3
https://github.com/ua-parser/uap-core
3
https://github.com/adaltas/node-mixme
3
https://github.com/josdejong/mathjs
3
https://github.com/typeorm/typeorm
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/YMFE/yapi
3
https://github.com/vanessa219/vditor
3
https://github.com/zeit/next.js
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/vriteio/vrite
3
https://github.com/webpack/loader-utils
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/xmldom/xmldom
3
https://github.com/websockets/ws
3
https://github.com/Automattic/mongoose
3
https://github.com/jarofghosts/glance
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/richardgirges/express-fileupload
2
https://github.com/rico345100/socket.io-file
2
https://github.com/amitmerchant1990/electron-markdownify
2
https://github.com/getsentry/sentry-javascript
2
https://github.com/gigafied/decal.js
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/deoxxa/dotty
2
https://github.com/gilbitron/Raneto
2
https://github.com/micromatch/braces
2
https://github.com/DCKT/localhost-now
2
https://github.com/dfinity/agent-js
2
https://github.com/request/request
2
https://github.com/webpack-contrib/webpack-bundle-analyzer
2
https://github.com/dimpu/ngx-md
2
https://github.com/alvarotrigo/fullpage.js
2
https://github.com/moment/moment-timezone
2
https://github.com/wenzhixin/bootstrap-table
2
https://github.com/jaw187/node-traceroute
2
https://github.com/rabobank-blockchain/vp-toolkit
2
https://github.com/Qwerios/madlib-object-utils
2
https://github.com/galkahana/HummusJS
2
https://github.com/quilljs/quill
2
https://github.com/monsterkodi/sds
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/markdown-it/markdown-it
2
https://github.com/jameswlane/status-board
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/vivaxy/here
2
https://github.com/cloudhead/node-static
2
https://github.com/codecov/codecov-node
2
https://github.com/mathjax/MathJax
2
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/jsuites/jsuites
2
https://github.com/shelljs/shelljs
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/guardian/html-janitor
2
https://github.com/vvakame/fs-git
2
https://github.com/cronvel/tree-kit
2
https://github.com/cube-js/cube.js
2
https://github.com/sass/node-sass
2
https://github.com/curveball/a12n-server
2
https://github.com/google/closure-library
2
https://github.com/jaredly/hexo-admin
2
https://github.com/mercurius-js/mercurius
2
https://github.com/js-data/js-data
2