Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Moderate
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: about 1 year ago
GSA_kwCzR0hTQS0zZ3ZwLTU0djItMmpycM4AAyhx
Directus API vulnerable to denial of serviceEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: about 1 year ago
GSA_kwCzR0hTQS13OTc0LXJxOXgtbWgzds4AAyhu
Pandao Editor.md vulnerable to cross-site scripting (XSS) in iframe src parameterEcosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: about 1 year ago
GSA_kwCzR0hTQS01cDg0LW1taDktcHhncs4AAyhy
Pandao Editor.md vulnerable to cross-site scripting (XSS) in editor parameterEcosystems: npm
Packages: editor.md
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: about 1 year ago
High
Ecosystems: npm
Packages: matrix-js-sdk
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: about 1 year ago
GSA_kwCzR0hTQS1td3E4LWZqcGYtYzJncs4AAydt
Prototype pollution in matrix-js-sdk (part 2)Ecosystems: npm
Packages: matrix-js-sdk
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 1 year ago
GSA_kwCzR0hTQS0ydnJmLWhmMjYtanJwNc4AAydT
angular vulnerable to regular expression denial of service via the angular.copy() utilityEcosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 1 year ago
GSA_kwCzR0hTQS0ycXF4LXc5aHItcTVneM4AAydS
angular vulnerable to regular expression denial of service via the $resource serviceEcosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 1 year ago
GSA_kwCzR0hTQS1xd3FoLWhtOW0tcDVocs4AAydR
angular vulnerable to regular expression denial of service via the <input type="url"> elementEcosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 1 year ago
High
Ecosystems: npm
Packages: matrix-react-sdk
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: about 1 year ago
GSA_kwCzR0hTQS02ZzQzLTg4Y3AtdzVnds4AAyaU
Prototype pollution in matrix-react-sdkEcosystems: npm
Packages: matrix-react-sdk
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: about 1 year ago
High
Ecosystems: npm
Packages: matrix-react-sdk
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: about 1 year ago
GSA_kwCzR0hTQS0yeDljLXF3Z2YtOTR4cs4AAyX5
matrix-react-sdk Prototype pollution vulnerabilityEcosystems: npm
Packages: matrix-react-sdk
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: about 1 year ago
High
Ecosystems: npm
Packages: matrix-js-sdk
Source: GitHub Advisory Database
Blast Radius: 21.7
Published: about 1 year ago
GSA_kwCzR0hTQS1yZnY5LXg3aGgteGMzMs4AAyX4
matrix-js-sdk Prototype Pollution vulnerabilityEcosystems: npm
Packages: matrix-js-sdk
Source: GitHub Advisory Database
Blast Radius: 21.7
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: angular-server-side-configuration
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: about 1 year ago
GSA_kwCzR0hTQS1nd3ZtLXZycDQtNHBwNc4AAyUN
angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backendEcosystems: npm
Packages: angular-server-side-configuration
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: about 1 year ago
GSA_kwCzR0hTQS04dmcyLXdmM3EtbXd2N84AAyQe
directus vulnerable to Insertion of Sensitive Information into Log FileEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: code-server
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: about 1 year ago
GSA_kwCzR0hTQS1mcmpnLWc3NjctNzM2M84AAyPi
code-server vulnerable to Missing Origin Validation in WebSocketsEcosystems: npm
Packages: code-server
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: about 1 year ago
High
Ecosystems: npm
Packages: collection.js
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: about 1 year ago
GSA_kwCzR0hTQS00N3BqLXEydm0tNDZ4Y84AAyLM
Collection.js vulnerable to Prototype PollutionEcosystems: npm
Packages: collection.js
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @cypress/request, request
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 1 year ago
GSA_kwCzR0hTQS1wOHA3LXgyODgtMjhnNs4AAyJl
Server-Side Request Forgery in RequestEcosystems: npm
Packages: @cypress/request, request
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 1 year ago
High
Ecosystems: npm
Packages: swig, swig-templates
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: about 1 year ago
GSA_kwCzR0hTQS0ycnE1LTY5OWoteDdwNs4AAyIl
Arbitrary local file read vulnerability during template renderingEcosystems: npm
Packages: swig, swig-templates
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: about 1 year ago
High
Ecosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: about 1 year ago
GSA_kwCzR0hTQS03cjd4LTRjNHEtYzRxZs4AAyE2
Missing proper state, nonce and PKCE checks for OAuth authenticationEcosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: about 1 year ago
High
Ecosystems: npm
Packages: sqlite3
Source: GitHub Advisory Database
Blast Radius: 41.8
Published: about 1 year ago
GSA_kwCzR0hTQS1qcXY1LTd4cHgtcWo3NM4AAyEw
sqlite vulnerable to code execution due to Object coercionEcosystems: npm
Packages: sqlite3
Source: GitHub Advisory Database
Blast Radius: 41.8
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: webpack
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: about 1 year ago
GSA_kwCzR0hTQS1oYzZxLTJtcHAtcXc3as4AAyD3
Cross-realm object access in Webpack 5Ecosystems: npm
Packages: webpack
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: @stoqey/gnuplot
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS03OTV3LTc0MjYtbTk0as4AAyCB
stoqey/gnuplot is vulnerable to command injectionEcosystems: npm
Packages: @stoqey/gnuplot
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: node-bluetooth
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 1 year ago
GSA_kwCzR0hTQS1jeHgzLTM2cWMtbTZxbc4AAyAl
node-bluetooth is vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validationEcosystems: npm
Packages: node-bluetooth
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: node-bluetooth-serial-port
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS05amgzLTRwYzktaHEyOc4AAyAn
node-bluetooth-serial-port is vulnerable to Buffer Overflow via the findSerialPortChannelEcosystems: npm
Packages: node-bluetooth-serial-port
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: @builder.io/qwik
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: about 1 year ago
GSA_kwCzR0hTQS05d2Y5LXF2dnAtMjkyOc4AAyAc
builderio/qwik is vulnerable to code injectionEcosystems: npm
Packages: @builder.io/qwik
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: about 1 year ago
GSA_kwCzR0hTQS1tNXEzLTh3Z2YteDh4Zs4AAyAB
Directus vulnerable to extraction of password hashes through export queryingEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: about 1 year ago
High
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: about 1 year ago
GSA_kwCzR0hTQS00aG1xLWdncm0tcWZjNs4AAx-d
directus vulnerable to HTML Injection in Password Reset email to custom Reset URLEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @nestjs/core
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 1 year ago
GSA_kwCzR0hTQS00anB2LThyNTctcHY3as4AAx8Q
@nestjs/core vulnerable to Information Exposure via StreamableFile pipeEcosystems: npm
Packages: @nestjs/core
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 1 year ago
High
Ecosystems: npm
Packages: dot-lens
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: about 1 year ago
GSA_kwCzR0hTQS1ybWhnLTJjdnYtcTd2eM4AAx8U
dot-lens vulnerable to Prototype PollutionEcosystems: npm
Packages: dot-lens
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: about 1 year ago
High
Ecosystems: npm
Packages: @nubosoftware/node-static, node-static
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: about 1 year ago
GSA_kwCzR0hTQS01Zzk3LXdoYzktOGc3as4AAx8P
node-static and @nubosoftware/node-static vulnerable to Directory TraversalEcosystems: npm
Packages: @nubosoftware/node-static, node-static
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: about 1 year ago
High
Ecosystems: npm
Packages: sketchsvg
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS02NzIyLXh2cTgtMzI1NM4AAx8O
SketchSVG Arbitrary Code Injection vulnerabilityEcosystems: npm
Packages: sketchsvg
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: json-logic-js
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: about 1 year ago
GSA_kwCzR0hTQS02N2o0LTJtaDYtODYyN84AAx7w
json-logic-js Command Injection vulnerabilityEcosystems: npm
Packages: json-logic-js
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: about 1 year ago
GSA_kwCzR0hTQS1qM3JnLTNyZ20tNTM3aM4AAx7Z
Directus vulnerable to Server-Side Request Forgery On File ImportEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: about 1 year ago
GSA_kwCzR0hTQS04NzhtLTNnNnEtNTk0cc4AAx7E
OpenZeppelin Contracts contains Incorrect CalculationEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: vega
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1jcDQ3LXIyNTgtcTYyNs4AAx6k
Vega vulnerable to arbitrary code execution when clicking href linksEcosystems: npm
Packages: vega
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: keycloak-connect
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 1 year ago
GSA_kwCzR0hTQS01OWZxLTcyN2otaG0zZs4AAx6i
keycloak-connect contains Open redirect vulnerability in the Node.js adapterEcosystems: npm
Packages: keycloak-connect
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: vega, vega-functions
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 1 year ago
GSA_kwCzR0hTQS00dnE3LTg4Mmctd2NnNM4AAx6g
Vega Expression Language `scale` expression function Cross Site ScriptingEcosystems: npm
Packages: vega, vega-functions
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: vega-functions, vega
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 1 year ago
GSA_kwCzR0hTQS13NW0zLXhoNzUtbXA1Nc4AAx6f
Vega has Cross-site Scripting vulnerability in `lassoAppend` functionEcosystems: npm
Packages: vega-functions, vega
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: rsshub
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: about 1 year ago
GSA_kwCzR0hTQS0zMmdyLTRjcTYtNXc1cc4AAx5M
rsshub vulnerable to Cross-site Scripting via unvalidated URL parametersEcosystems: npm
Packages: rsshub
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: about 1 year ago
Low
Ecosystems: npm
Packages: @zowe/imperative
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 1 year ago
GSA_kwCzR0hTQS02cThtLTQycXEtNjRyN84AAx4s
Imperative CLI vulnerable to Command InjectionEcosystems: npm
Packages: @zowe/imperative
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 1 year ago
High
Ecosystems: npm
Packages: utilities
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: about 1 year ago
GSA_kwCzR0hTQS13eGZqLTg0eGYtN2d4ds4AAx2l
mde utilities contains Prototype PollutionEcosystems: npm
Packages: utilities
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: about 1 year ago
High
Ecosystems: npm
Packages: lite-web-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS04MjM3LTNxNWctOTlmds4AAxzz
Denial of Service vulnerability in lite-web-serverEcosystems: npm
Packages: lite-web-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
Ecosystems: npm
Packages: ecdh
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: about 1 year ago
GSA_kwCzR0hTQS1wMmhwLTN3djMtNHc3NM4AAxzi
ecdh vulnerable to Exposure of Resource to Wrong SphereEcosystems: npm
Packages: ecdh
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: sequelize, @sequelize/core
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
GSA_kwCzR0hTQS1mNTk4LW1mcHYtZ21meM4AAxzf
Sequelize - Default support for “raw attributes” when using parenthesesEcosystems: npm
Packages: sequelize, @sequelize/core
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
High
Ecosystems: npm
Packages: rangy
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: about 1 year ago
GSA_kwCzR0hTQS02NXJwLW1ocWYtOGdqM84AAxy9
rangy vulnerable to Prototype PollutionEcosystems: npm
Packages: rangy
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @braintree/sanitize-url
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: about 1 year ago
GSA_kwCzR0hTQS1xOGdnLXZqNm0taGdtas4AAxy7
@braintree/sanitize-url Cross-site Scripting vulnerabilityEcosystems: npm
Packages: @braintree/sanitize-url
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: @sequelize/core, sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
GSA_kwCzR0hTQS12cWZ4LWdqOTYtM3c5Nc4AAxyK
Unsafe fall-through in getWhereConditionsEcosystems: npm
Packages: @sequelize/core, sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
GSA_kwCzR0hTQS13cmg5LWNqdjMtMmhwd84AAxxu
Sequelize vulnerable to SQL Injection via replacementsEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: versionn
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
GSA_kwCzR0hTQS1majc4LTJ2YzUtZjZjbc4AAxw6
Versionn Command Injection VulnerabilityEcosystems: npm
Packages: versionn
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: textangular
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: about 1 year ago
GSA_kwCzR0hTQS03aDR3LTZwOTgtcjN3eM4AAxwe
textAngular Cross-site Scripting vulnerabilityEcosystems: npm
Packages: textangular
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: izimodal
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: about 1 year ago
GSA_kwCzR0hTQS1oNjg1LTgzdzQtM3BoM84AAxwf
iziModal Cross-site Scripting vulnerabilityEcosystems: npm
Packages: izimodal
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: baremetrics-calendar
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 1 year ago
GSA_kwCzR0hTQS00NjVmLW14eGgtZ3JjNM4AAxwo
Baremetrics date range picker vulnerable to Cross-site ScriptingEcosystems: npm
Packages: baremetrics-calendar
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: vditor
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: about 1 year ago
GSA_kwCzR0hTQS12Zm1wLTk5OTktNndxas4AAxwh
Vditor Cross-site Scripting vulnerabilityEcosystems: npm
Packages: vditor
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @claviska/jquery-minicolors
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: about 1 year ago
GSA_kwCzR0hTQS1jcmg1LXZ2MnYtYzgycc4AAxvj
@claviska/jquery-minicolors vulnerable to Cross-site ScriptingEcosystems: npm
Packages: @claviska/jquery-minicolors
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: erxes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1nOXBoLXI5aGMtMzRyOM4AAxva
Erxes vulnerable to Cross-site ScriptingEcosystems: npm
Packages: erxes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: mind-elixir
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: about 1 year ago
GSA_kwCzR0hTQS1tMjJxLTk3cDUtNzl2Ms4AAxvi
Mind-elixir Cross-site Scripting vulnerabilityEcosystems: npm
Packages: mind-elixir
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: generator-hottowel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1mOGh2LXJ4OXAtZjlyNM4AAxvG
generator-hottowel Cross-site Scripting vulnerabilityEcosystems: npm
Packages: generator-hottowel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: jspreadsheet-ce
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 1 year ago
GSA_kwCzR0hTQS1xODJoLXE0N2otZjQ5Ms4AAxuf
Cross-site Scripting in jspreadsheetEcosystems: npm
Packages: jspreadsheet-ce
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 1 year ago
GSA_kwCzR0hTQS01cjlnLXFoNm0tanhmZs4AAxq9
CRLF Injection in Nodejs ‘undici’ via hostEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 1 year ago
High
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: about 1 year ago
GSA_kwCzR0hTQS1yNmNoLW1xZjktcWM5d84AAxq-
Regular Expression Denial of Service in HeadersEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 37.4
Published: about 1 year ago
High
Ecosystems: npm
Packages: node-jose
Source: GitHub Advisory Database
Blast Radius: 25.7
Published: about 1 year ago
GSA_kwCzR0hTQS01aDRqLXFydmctOXhod84AAxq8
Improper calculations in ECC implementation can trigger a Denial-of-Service (DoS)Ecosystems: npm
Packages: node-jose
Source: GitHub Advisory Database
Blast Radius: 25.7
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @graphql-mesh/http, @graphql-mesh/cli
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: about 1 year ago
GSA_kwCzR0hTQS1qMndoLXdydjMtNHg0Z84AAxq7
Unwanted access to the entire file system vulnerability due to a missing check in `staticFiles` HTTP handlerEcosystems: npm
Packages: @graphql-mesh/http, @graphql-mesh/cli
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @sequelize/core, sequelize
Source: GitHub Advisory Database
Blast Radius: 28.0
Published: about 1 year ago
GSA_kwCzR0hTQS04YzI1LWYzbWotdjZoOM4AAxqp
Sequelize information disclosure vulnerabilityEcosystems: npm
Packages: @sequelize/core, sequelize
Source: GitHub Advisory Database
Blast Radius: 28.0
Published: about 1 year ago
High
Ecosystems: npm
Packages: @fastify/multipart
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: about 1 year ago
GSA_kwCzR0hTQS1ocHAyLTJjcjUtcGY2Z84AAxo9
Denial of service due to unlimited number of partsEcosystems: npm
Packages: @fastify/multipart
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @backstage/plugin-catalog-backend, @backstage/catalog-model, @backstage/core-components
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: about 1 year ago
GSA_kwCzR0hTQS03aHY4LTNmcjktajJods4AAxo8
Cross site scripting Vulnerability in backstage Software CatalogEcosystems: npm
Packages: @backstage/plugin-catalog-backend, @backstage/catalog-model, @backstage/core-components
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: ra-ui-materialui, react-admin
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: about 1 year ago
GSA_kwCzR0hTQS01amNyLTgyZmgtMzM5ds4AAxmS
Cross-Site-Scripting attack on `<RichTextField>`Ecosystems: npm
Packages: ra-ui-materialui, react-admin
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 1 year ago
GSA_kwCzR0hTQS0zaGpoLTVoZ3gtZjV3aM4AAxkv
Path traversal vulnerability in glanceEcosystems: npm
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 1 year ago
High
Ecosystems: npm
Packages: simple-markdown
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: about 1 year ago
GSA_kwCzR0hTQS1qNTMzLTJnOHYtcG1wZ84AAxkV
Regular Expression Denial of Service in simple-markdownEcosystems: npm
Packages: simple-markdown
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: about 1 year ago
High
Ecosystems: npm
Packages: simple-markdown
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: about 1 year ago
GSA_kwCzR0hTQS1ncHZqLWdwOGMtYzdwMs4AAxkL
Regular Expression Denial of Service in simple-markdownEcosystems: npm
Packages: simple-markdown
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: @sideway/formula
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: about 1 year ago
GSA_kwCzR0hTQS1jMmpjLTRmcHItNHZoZ84AAxfy
@sideway/formula contains Regular Expression Denial of Service (ReDoS) VulnerabilityEcosystems: npm
Packages: @sideway/formula
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: about 1 year ago
High
Ecosystems: npm
Packages: @tinacms/cli
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: about 1 year ago
GSA_kwCzR0hTQS1wYzJxLWpjeHEtcmpycs4AAxfT
Sensitive Information leak via Script File in TinaCMSEcosystems: npm
Packages: @tinacms/cli
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: about 1 year ago
High
Ecosystems: npm
Packages: create-choo-app3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1yajdtLTJwM2ctZmp4Z84AAxba
create-choo-app3 is vulnerable to Command Injection via the devInstall functionEcosystems: npm
Packages: create-choo-app3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
Ecosystems: npm
Packages: semver-tags
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: about 1 year ago
GSA_kwCzR0hTQS04aDNnLWhjd3AtNmh4cc4AAxbb
semver-tags is vulnerable to Command Injection via the getGitTagsRemote functionEcosystems: npm
Packages: semver-tags
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: about 1 year ago
High
Ecosystems: npm
Packages: is-url
Source: GitHub Advisory Database
Blast Radius: 41.4
Published: about 1 year ago
GSA_kwCzR0hTQS1wOXc4LTJtcHEtNDloOc4AAxaw
is-url Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: is-url
Source: GitHub Advisory Database
Blast Radius: 41.4
Published: about 1 year ago
High
Ecosystems: npm
Packages: switcher-client
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
GSA_kwCzR0hTQS13cXh3LThoNWctaHE1Ns4AAxVm
Switcher Client contains Regular Expression Denial of Service (ReDoS)Ecosystems: npm
Packages: switcher-client
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
High
Ecosystems: npm
Packages: mt7688-wiscan
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS01aDhjLThjY3AtOGdtaM4AAxUM
mt7688-wiscan is vulnerable to Command Injection due to improper input sanitizationEcosystems: npm
Packages: mt7688-wiscan
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: is-http2
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: over 1 year ago
GSA_kwCzR0hTQS0yMjc1LXJwZjUteHY4aM4AAxUK
is-http2 vulnerable to Improper Input ValidationEcosystems: npm
Packages: is-http2
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: over 1 year ago
High
Ecosystems: npm
Packages: eta
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: over 1 year ago
GSA_kwCzR0hTQS14cmg3LW01cHAtMzlyNs4AAxTf
XSS Attack with Express APIEcosystems: npm
Packages: eta
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: over 1 year ago
High
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 1 year ago
GSA_kwCzR0hTQS12bTVyLWM4N3ItcGY2eM4AAxTe
Parse Server option `masterKeyIps` vulnerability to IP spoofingEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: joplin
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: over 1 year ago
GSA_kwCzR0hTQS1oNmMyLTg3OXItamZmaM4AAxTP
Joplin Desktop App vulnerable to Cross-site ScriptingEcosystems: npm
Packages: joplin
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: over 1 year ago
High
Ecosystems: maven, npm
Packages: org.webjars.npm:http-cache-semantics, http-cache-semantics
Source: GitHub Advisory Database
Blast Radius: 46.9
Published: over 1 year ago
GSA_kwCzR0hTQS1yYzQ3LTY2NjctMmo1as4AAxS-
http-cache-semantics vulnerable to Regular Expression Denial of ServiceEcosystems: maven, npm
Packages: org.webjars.npm:http-cache-semantics, http-cache-semantics
Source: GitHub Advisory Database
Blast Radius: 46.9
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: nemo-appium
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jNnJ4LWd4cXYtdnI1as4AAxTA
nemo-appium vulnerable to OS Command InjectionEcosystems: npm
Packages: nemo-appium
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: jsuites
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 1 year ago
GSA_kwCzR0hTQS1yNGhnLTRjcHEtcTU3Y84AAxS9
jSuites subect to Cross-site ScriptingEcosystems: npm
Packages: jsuites
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 1 year ago
High
Ecosystems: npm
Packages: eta
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: over 1 year ago
GSA_kwCzR0hTQS1tZjZ4LWhyZ3ItNjU4Zs4AAxPw
Eta vulnerable to Code Injection via templates rendered with user-defined dataEcosystems: npm
Packages: eta
Source: GitHub Advisory Database
Blast Radius: 36.8
Published: over 1 year ago
High
Ecosystems: npm
Packages: servst
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
GSA_kwCzR0hTQS04OHY4LXY0NmctNmM5d84AAxPx
Servst vulnerable to Path TraversalEcosystems: npm
Packages: servst
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
High
Ecosystems: npm
Packages: jszip
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 1 year ago
GSA_kwCzR0hTQS0zNmZoLTg0ajctY3Y1aM4AAxPh
JSZip contains Path Traversal via loadAsyncEcosystems: npm
Packages: jszip
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: yapi-vendor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS00anF3LXZmbWotOXJtaM4AAxMd
Cross-site Scripting in yapi-vendorEcosystems: npm
Packages: yapi-vendor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: serve-lite
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS01cXE0LW02YzMteHhtZs4AAxMF
Directory Traversal vulnerability in serve-liteEcosystems: npm
Packages: serve-lite
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: smartctl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS02OWYyLTQzNzUtcXY5aM4AAxMO
Command injection in smartctlEcosystems: npm
Packages: smartctl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: create-choo-electron
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qOHdyLWZ3ZjItdnZyOc4AAxM9
Command Injection in create-choo-electronEcosystems: npm
Packages: create-choo-electron
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: vagrant.js
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS01NGp3LWpxcjktNmNqOc4AAxM2
Command injection in vagrant.jsEcosystems: npm
Packages: vagrant.js
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: over 1 year ago
GSA_kwCzR0hTQS05dzVqLTRtd3YtMndqOM4AAxNC
Remote code execution in simple-gitEcosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: serve-lite
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qOHg3LXFjdzQteHg4Nc4AAxM5
Cross-site Scripting (XSS) in serve-liteEcosystems: npm
Packages: serve-lite
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: puppet-facter
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
GSA_kwCzR0hTQS1nNXFyLXhnZzctOHEyd84AAxND
Command Injection in puppet-facterEcosystems: npm
Packages: puppet-facter
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
High
Ecosystems: npm
Packages: ua-parser-js
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: over 1 year ago
GSA_kwCzR0hTQS1maGc3LW04OXEtMjVyM84AAxIw
ReDoS Vulnerability in ua-parser-js versionEcosystems: npm
Packages: ua-parser-js
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: electerm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS14NzN3LWc4aHgtdjdycM4AAxGk
Code injection in electermEcosystems: npm
Packages: electerm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @builder.io/qwik
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 1 year ago
GSA_kwCzR0hTQS1obTdmLXJxN3Etajl4cM4AAxFC
@builder.io/qwik vulnerable to Cross-site ScriptingEcosystems: npm
Packages: @builder.io/qwik
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 1 year ago
Moderate
Ecosystems: maven, npm
Packages: org.webjars.npm:cookiejar, cookiejar
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oNDUyLTc5OTYtaDQ1aM4AAxDY
cookiejar Regular Expression Denial of Service via Cookie.parse functionEcosystems: maven, npm
Packages: org.webjars.npm:cookiejar, cookiejar
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: mel-spintax
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xam03LTU1dnYtM2M1Zs4AAxDO
mel-spintax has Inefficient Regular Expression ComplexityEcosystems: npm
Packages: mel-spintax
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: web-node-server
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
GSA_kwCzR0hTQS0zZndxLXF2NXYtMnd4Zs4AAxDR
Path Traversal in web-node-serverEcosystems: npm
Packages: web-node-server
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @curveball/a12n-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jcmhnLXhncmctdnZjY84AAw-o
a12nserver vulnerable to potential SQL Injections via Knex dependencyEcosystems: npm
Packages: @curveball/a12n-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: global-modules-path
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 1 year ago
GSA_kwCzR0hTQS12dmozLTg1dmYtZmdtd84AAw93
global-modules-path Command Injection vulnerabilityEcosystems: npm
Packages: global-modules-path
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 1 year ago
Statistics
Advisories: 18,369
Packages: 8,294
Repositories: 1,394
Ecosystems: 12
Packages: 8,294
Repositories: 1,394
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
16
sequelize
16
ghost
14
tinymce
14
swagger-ui
14
next
13
joplin
13
strapi
13
ckeditor4
13
vm2
12
undici
12
handlebars
11
nodebb
11
angular
11
marked
11
@evershop/evershop
9
serve
9
tinymce/tinymce
9
TinyMCE
9
jquery
9
next-auth
9
org.webjars.npm:jquery
9
jquery-rails
9
matrix-js-sdk
8
tar
8
node-forge
8
systeminformation
8
steal
8
npm
8
jQuery
8
@strapi/strapi
8
bootstrap
8
validator
8
urijs
8
express-cart
8
editor.md
8
jsrsasign
8
url-parse
8
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
shescape
7
sanitize-html
7
matrix-appservice-irc
7
hapi
7
jquery-ui
7
nocodb
7
lodash
7
uptime-kuma
7
total.js
7
matrix-react-sdk
7
hermes-engine
7
snyk-broker
7
parse-url
6
safe-eval
6
rsshub
6
aaptjs
6
ua-parser-js
5
rendertron
5
vditor
5
keystone
5
sweetalert2
5
prismjs
5
dojo
5
openpgp
5
ejs
5
yarn
5
mongoose
5
public
5
xlsx
5
total4
5
vite
5
lodash-es
5
@strapi/plugin-users-permissions
5
mongo-express
4
vega
4
valine
4
glance
4
moment
4
apostrophe
4
dompurify
4
safer-eval
4
@keystone-6/core
4
@backstage/plugin-scaffolder-backend
4
meshcentral
4
simple-markdown
4
axios
4
hummus
4
muhammara
4
remarkable
4
katex
4
jsonwebtoken
4
qs
4
follow-redirects
4
ws
4
engine.io
4
materialize-css
4
convert-svg-core
4
apollo-server-core
4
realms-shim
4
fastify
4
ecstatic
4
auth0-lock
4
auth0-js
4
simple-git
4
mysql2
4
awsiotsdk
4
aws-iot-device-sdk-v2
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
generator-jhipster
4
mermaid
4
@strapi/utils
3
typeorm
3
keycloak-connect
3
xmldom
3
locutus
3
m-server
3
apollo-server
3
@cubejs-backend/api-gateway
3
code-server
3
@sequelize/core
3
nodemailer
3
mysql
3
postcss
3
wrangler
3
node-opcua
3
slp-validate
3
feathers-sequelize
3
jspdf
3
dns-sync
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
mathjs
3
grunt
3
passport-wsfed-saml2
3
codecov
3
jointjs
3
node-jose
3
node-ipc
3
js-yaml
3
loader-utils
3
@backstage/techdocs-common
3
jquery-validation
3
n8n
3
object-path
3
protobufjs
3
http-live-simulator
3
notevil
3
ses
3
uap-core
3
socket.io-parser
3
froala-editor
3
docsify
3
tough-cookie
3
raneto
3
jose-node-cjs-runtime
3
jose-node-esm-runtime
3
ids-enterprise
3
@materializecss/materialize
3
libxmljs
3
sails
3
parsel
3
@uppy/companion
3
@ckeditor/ckeditor5-markdown-gfm
3
nadesiko3
3
convict
3
bootstrap
3
dojox
3
blamer
3
simplehttpserver
3
buttle
3
slpjs
3
@commercial/subtext
3
serialize-to-js
3
lodash.defaultsdeep
3
browserify-shim
3
fast-xml-parser
3
socket.io-file
3
@vrite/sdk
3
jose
3
snyk
3
connect
3
mixme
3
@soketi/soketi
3
json-ptr
3
localhost-now
3
openmct
3
highcharts
3
@sveltejs/kit
3
fuxa-server
3
ftp-srv
3
xdLocalStorage
3
bin-links
3
node-fetch
3
@apollo/server
3
subtext
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/sequelize/sequelize
16
https://github.com/directus/directus
15
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/nodejs/undici
12
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/jquery/jquery
11
https://github.com/NodeBB/NodeBB
11
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/evershopcommerce/evershop
9
https://github.com/vercel/next.js
9
https://github.com/pandao/editor.md
8
https://github.com/digitalbazaar/forge
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/apollographql/apollo-server
8
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/nocodb/nocodb
7
https://github.com/unshiftio/url-parse
7
https://github.com/ericcornelissen/shescape
7
https://github.com/louislam/uptime-kuma
7
https://github.com/twbs/bootstrap
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/lodash/lodash
7
https://github.com/npm/node-tar
6
https://github.com/totaljs/framework
6
https://github.com/eclipse-theia/theia
6
https://github.com/DIYgod/RSSHub
6
https://github.com/facebook/hermes
6
https://github.com/jquery/jquery-ui
6
https://github.com/ionicabizau/parse-url
6
https://github.com/panva/jose
6
https://github.com/shenzhim/aaptjs
6
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/vitejs/vite
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/markedjs/marked
5
https://github.com/npm/cli
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/vega/vega
5
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/angular/angular.js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/sidorares/node-mysql2
4
https://github.com/npm/npm
4
https://github.com/steveukx/git-js
4
https://github.com/socketio/engine.io
4
https://github.com/KaTeX/KaTeX
4
https://github.com/axios/axios
4
https://github.com/PrismJS/prism
4
https://github.com/xCss/Valine
4
https://github.com/mrvautin/expressCart
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/follow-redirects/follow-redirects
4
https://github.com/balderdashy/sails
4
https://github.com/Dogfalo/materialize
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/auth0/lock
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/yarnpkg/yarn
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/hapijs/hapi
4
https://github.com/node-opcua/node-opcua
3
https://github.com/hapijs/subtext
3
https://github.com/transloadit/uppy
3
https://github.com/nodemailer/nodemailer
3
https://github.com/node-fetch/node-fetch
3
https://github.com/facebook/react
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/highcharts/highcharts
3
https://github.com/nodejs/llhttp
3
https://github.com/sveltejs/kit
3
https://github.com/immerjs/immer
3
https://github.com/beerpwn/CVE
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/libxmljs/libxmljs
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/renovatebot/renovate
3
https://github.com/moment/moment
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/dojo/dojo
3
https://github.com/dojo/dojox
3
https://github.com/mongo-express/mongo-express
3
https://github.com/mozilla/node-convict
3
https://github.com/dwisiswant0/advisory
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/n8n-io/n8n
3
https://github.com/nasa/openmct
3
https://github.com/neocotic/convert-svg
3
https://github.com/soketi/soketi
3
https://github.com/socketio/socket.io-parser
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/chjj/marked
3
https://github.com/cisco/node-jose
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/mariocasciaro/object-path
3
https://github.com/simpleledger/slpjs
3
https://github.com/clientIO/joint
3
https://github.com/gruntjs/grunt
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/cure53/DOMPurify
3
https://github.com/salesforce/tough-cookie
3
https://github.com/mermaid-js/mermaid
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/zeit/next.js
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/websockets/ws
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/webpack/loader-utils
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jarofghosts/glance
3
https://github.com/adaltas/node-mixme
3
https://github.com/ua-parser/uap-core
3
https://github.com/vriteio/vrite
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/vanessa219/vditor
3
https://github.com/Automattic/mongoose
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/xmldom/xmldom
3
https://github.com/typeorm/typeorm
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/shelljs/shelljs
2
https://github.com/mathjax/MathJax
2
https://github.com/jsuites/jsuites
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/vvakame/fs-git
2
https://github.com/peerigon/angular-expressions
2
https://github.com/ahdinosaur/set-in
2
https://github.com/peterbraden/node-opencv
2
https://github.com/josdejong/jsoneditor
2
https://github.com/mysqljs/mysql
2
https://github.com/cronvel/tree-kit
2
https://github.com/snyk/cli
2
https://github.com/karma-runner/karma
2
https://github.com/Finastra/ssr-pages
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/marudor/libxmljs2
2
https://github.com/vivaxy/here
2
https://github.com/endojs/endo
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/jameswlane/status-board
2
https://github.com/amitmerchant1990/electron-markdownify
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mozilla/nunjucks
2
https://github.com/dfinity/agent-js
2
https://github.com/mithunsatheesh/node-rules
2