Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
High
Ecosystems: npm
Packages: serve-lite
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS01cXE0LW02YzMteHhtZs4AAxMF
Directory Traversal vulnerability in serve-liteEcosystems: npm
Packages: serve-lite
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: smartctl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS02OWYyLTQzNzUtcXY5aM4AAxMO
Command injection in smartctlEcosystems: npm
Packages: smartctl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: create-choo-electron
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qOHdyLWZ3ZjItdnZyOc4AAxM9
Command Injection in create-choo-electronEcosystems: npm
Packages: create-choo-electron
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: vagrant.js
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS01NGp3LWpxcjktNmNqOc4AAxM2
Command injection in vagrant.jsEcosystems: npm
Packages: vagrant.js
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: serve-lite
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qOHg3LXFjdzQteHg4Nc4AAxM5
Cross-site Scripting (XSS) in serve-liteEcosystems: npm
Packages: serve-lite
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: over 1 year ago
GSA_kwCzR0hTQS05dzVqLTRtd3YtMndqOM4AAxNC
Remote code execution in simple-gitEcosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: over 1 year ago
High
Ecosystems: npm
Packages: puppet-facter
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
GSA_kwCzR0hTQS1nNXFyLXhnZzctOHEyd84AAxND
Command Injection in puppet-facterEcosystems: npm
Packages: puppet-facter
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
High
Ecosystems: npm
Packages: ua-parser-js
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: over 1 year ago
GSA_kwCzR0hTQS1maGc3LW04OXEtMjVyM84AAxIw
ReDoS Vulnerability in ua-parser-js versionEcosystems: npm
Packages: ua-parser-js
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: electerm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS14NzN3LWc4aHgtdjdycM4AAxGk
Code injection in electermEcosystems: npm
Packages: electerm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @builder.io/qwik
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 1 year ago
GSA_kwCzR0hTQS1obTdmLXJxN3Etajl4cM4AAxFC
@builder.io/qwik vulnerable to Cross-site ScriptingEcosystems: npm
Packages: @builder.io/qwik
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 1 year ago
Moderate
Ecosystems: maven, npm
Packages: org.webjars.npm:cookiejar, cookiejar
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oNDUyLTc5OTYtaDQ1aM4AAxDY
cookiejar Regular Expression Denial of Service via Cookie.parse functionEcosystems: maven, npm
Packages: org.webjars.npm:cookiejar, cookiejar
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: web-node-server
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
GSA_kwCzR0hTQS0zZndxLXF2NXYtMnd4Zs4AAxDR
Path Traversal in web-node-serverEcosystems: npm
Packages: web-node-server
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: mel-spintax
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xam03LTU1dnYtM2M1Zs4AAxDO
mel-spintax has Inefficient Regular Expression ComplexityEcosystems: npm
Packages: mel-spintax
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @curveball/a12n-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jcmhnLXhncmctdnZjY84AAw-o
a12nserver vulnerable to potential SQL Injections via Knex dependencyEcosystems: npm
Packages: @curveball/a12n-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: global-modules-path
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 1 year ago
GSA_kwCzR0hTQS12dmozLTg1dmYtZmdtd84AAw93
global-modules-path Command Injection vulnerabilityEcosystems: npm
Packages: global-modules-path
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 1 year ago
High
Ecosystems: npm
Packages: rsshub
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: over 1 year ago
GSA_kwCzR0hTQS02NHdwLWpoOXAtNWNnMs4AAw6f
RSSHub SSRF vulnerabilityEcosystems: npm
Packages: rsshub
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: over 1 year ago
High
Ecosystems: npm
Packages: gry
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 1 year ago
GSA_kwCzR0hTQS13NW13LWYyaHEtNWZ3OM4AAw6U
gry vulnerable to Command InjectionEcosystems: npm
Packages: gry
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 1 year ago
High
Ecosystems: npm
Packages: gatsby-transformer-remark
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: over 1 year ago
GSA_kwCzR0hTQS03Y2g0LXJyOTktY3Fjd84AAw6Q
gatsby-transformer-remark has possible unsanitized JavaScript code injectionEcosystems: npm
Packages: gatsby-transformer-remark
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: over 1 year ago
High
Ecosystems: npm
Packages: papaparse
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: over 1 year ago
GSA_kwCzR0hTQS03OThoLWc0ajUtNTUzN84AAw6E
PapaParse Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: papaparse
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: over 1 year ago
High
Ecosystems: npm
Packages: skeemas
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 1 year ago
GSA_kwCzR0hTQS1xdjY2LWY4NzYtdmp2cs4AAw6F
skeemas Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: skeemas
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 1 year ago
High
Ecosystems: npm
Packages: convict
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: over 1 year ago
GSA_kwCzR0hTQS00anJtLWMzMngtdzRqZs4AAw3Y
convict vulnerable to Prototype PollutionEcosystems: npm
Packages: convict
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: over 1 year ago
Moderate
Ecosystems: hex, npm
Packages: phoenix_html
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: over 1 year ago
GSA_kwCzR0hTQS01ZzJoLTl4NXYtNWgzeM4AAw18
phoenix_html allows Cross-site Scripting in HEEx class attributesEcosystems: hex, npm
Packages: phoenix_html
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: mercurius
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 1 year ago
GSA_kwCzR0hTQS1jbThoLXE5MnYteGNmY84AAw1D
mercurius has Uncaught Exception when using subscriptionsEcosystems: npm
Packages: mercurius
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @okta/oidc-middleware
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: over 1 year ago
GSA_kwCzR0hTQS01OGg0LTltN20tajltNM4AAw0w
@okta/oidc-middlewareOpen Redirect vulnerabilityEcosystems: npm
Packages: @okta/oidc-middleware
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: over 1 year ago
High
Ecosystems: npm
Packages: luxon
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 1 year ago
GSA_kwCzR0hTQS0zeHE1LXdqZmgtcHBqY84AAw0p
Luxon Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: luxon
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 1 year ago
High
Ecosystems: npm
Packages: debug
Source: GitHub Advisory Database
Blast Radius: 46.1
Published: over 1 year ago
GSA_kwCzR0hTQS05dnZ3LWNjOXctZjI3aM4AAw0l
debug Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: debug
Source: GitHub Advisory Database
Blast Radius: 46.1
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: wifey
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS14ajl2LTZxMmYtdnFoeM4AAw0A
wifey vulnerable to Command Injection due to improper input sanitizationEcosystems: npm
Packages: wifey
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: baobab
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 1 year ago
GSA_kwCzR0hTQS13dnIyLXE4Nm0tNndocM4AAwzO
Baobab vulnerable to Prototype PollutionEcosystems: npm
Packages: baobab
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 1 year ago
High
Ecosystems: npm
Packages: terminal-kit
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: over 1 year ago
GSA_kwCzR0hTQS13eGdoLThnbXItM3FoM84AAwzL
terminal-kit Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: terminal-kit
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: nodebatis
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS04cGg4LTlxMmotYzNycc4AAwx-
nodebatis SQL Injection vulnerabilityEcosystems: npm
Packages: nodebatis
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: exec-local-bin
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
GSA_kwCzR0hTQS1mMjU5LWg2bTgtaG04bc4AAwx2
exec-local-bin vulnerable to Command InjectionEcosystems: npm
Packages: exec-local-bin
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
High
Ecosystems: npm
Packages: robots-txt-guard
Source: GitHub Advisory Database
Blast Radius: 27.0
Published: over 1 year ago
GSA_kwCzR0hTQS02ZzMzLTh3MnEtNGh4ds4AAwwq
robots-txt-guard Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: robots-txt-guard
Source: GitHub Advisory Database
Blast Radius: 27.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: ms
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: over 1 year ago
GSA_kwCzR0hTQS13OW1yLTRtZnItNDk5Zs4AAwww
Vercel ms Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: ms
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: over 1 year ago
High
Ecosystems: npm
Packages: @mattkrick/sanitize-svg
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
GSA_kwCzR0hTQS1oODU3LTJnNTYtNDY4Z84AAwwo
@mattkrick/sanitize-svg vulnerable to Cross-Site Scripting (XSS)Ecosystems: npm
Packages: @mattkrick/sanitize-svg
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
High
Ecosystems: npm
Packages: @uniswap/universal-router
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 1 year ago
GSA_kwCzR0hTQS03bTM3LWN4MzUtcWdtcs4AAwvt
Uniswap Universal Router Incorrect Authorization vulnerabilityEcosystems: npm
Packages: @uniswap/universal-router
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 1 year ago
High
Ecosystems: npm
Packages: window-control
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS05bWp4LXdmcXAtajVwaM4AAwvv
window-control vulnerable to Command Injection due to improper input sanitizationEcosystems: npm
Packages: window-control
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: mootools
Source: GitHub Advisory Database
Blast Radius: 18.9
Published: over 1 year ago
GSA_kwCzR0hTQS12NjNxLWhncWMtcXZwZ84AAwuZ
MooTools Regular Expression Denial of ServiceEcosystems: npm
Packages: mootools
Source: GitHub Advisory Database
Blast Radius: 18.9
Published: over 1 year ago
High
Ecosystems: npm
Packages: string-kit
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 1 year ago
GSA_kwCzR0hTQS1wZnJtLTRyanctZzlxNc4AAwsv
string-kit Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: string-kit
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: over 1 year ago
High
Ecosystems: npm
Packages: rgb2hex
Source: GitHub Advisory Database
Blast Radius: 31.9
Published: over 1 year ago
GSA_kwCzR0hTQS03NTk5LWZxZ20tdjg0cM4AAwrj
rgb2hex vulnerable to inefficient regular expression complexityEcosystems: npm
Packages: rgb2hex
Source: GitHub Advisory Database
Blast Radius: 31.9
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: express-param
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
GSA_kwCzR0hTQS1mcjU0LTcyd3ItY3F2cc4AAwri
express-param vulnerable to Improper Handling of Extra ParametersEcosystems: npm
Packages: express-param
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: twitter-fetcher-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tNjg4LWN4MnAtcmdxOc4AAwp5
Twitter-Post-Fetcher vulnerable to Use of Web Link to Untrusted Target with window.opener AccessEcosystems: npm
Packages: twitter-fetcher-js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: json5
Source: GitHub Advisory Database
Blast Radius: 42.8
Published: over 1 year ago
GSA_kwCzR0hTQS05YzQ3LW02cXEtN3A0aM4AAwpn
Prototype Pollution in JSON5 via Parse MethodEcosystems: npm
Packages: json5
Source: GitHub Advisory Database
Blast Radius: 42.8
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: node-json2html
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 1 year ago
GSA_kwCzR0hTQS03OW1wLWN4cDQtOXA2cs4AAwo2
Json2html vulnerable to cross-site scriptingEcosystems: npm
Packages: node-json2html
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: email-existence
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: over 1 year ago
GSA_kwCzR0hTQS1wMjdoLTRjcGYtZnc0OM4AAwnR
email-existence Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: email-existence
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: over 1 year ago
High
Ecosystems: npm
Packages: markdown-it
Source: GitHub Advisory Database
Blast Radius: 39.8
Published: over 1 year ago
GSA_kwCzR0hTQS1qNXA3LWpmNHEtNzQycc4AAwnP
markdown-it vulnerable to Inefficient Regular Expression ComplexityEcosystems: npm
Packages: markdown-it
Source: GitHub Advisory Database
Blast Radius: 39.8
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: json-pointer
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
GSA_kwCzR0hTQS02eHJmLXE5NzctNXZnY84AAwmb
json-pointer vulnerable to Prototype PollutionEcosystems: npm
Packages: json-pointer
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
High
Ecosystems: npm
Packages: fast-json-patch
Source: GitHub Advisory Database
Blast Radius: 31.9
Published: over 1 year ago
GSA_kwCzR0hTQS04Z2g4LWhxd2cteGYzNM4AAwl1
Starcounter-Jack JSON-Patch Prototype Pollution vulnerabilityEcosystems: npm
Packages: fast-json-patch
Source: GitHub Advisory Database
Blast Radius: 31.9
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: flat
Source: GitHub Advisory Database
Blast Radius: 55.3
Published: over 1 year ago
GSA_kwCzR0hTQS0yajJ4LTJncHctZzhmbc4AAwl4
flat vulnerable to Prototype PollutionEcosystems: npm
Packages: flat
Source: GitHub Advisory Database
Blast Radius: 55.3
Published: over 1 year ago
High
Ecosystems: npm
Packages: tree-kit
Source: GitHub Advisory Database
Blast Radius: 23.8
Published: over 1 year ago
GSA_kwCzR0hTQS1tdzR4LWcyeDgtcWN2Zs4AAwlu
tree-kit vulnerable to Prototype PollutionEcosystems: npm
Packages: tree-kit
Source: GitHub Advisory Database
Blast Radius: 23.8
Published: over 1 year ago
High
Ecosystems: npm
Packages: httpster
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: over 1 year ago
GSA_kwCzR0hTQS1wOGo4LXd4dnAtaDY5Nc4AAwln
SimbCo httpster vulnerable to Path TraversalEcosystems: npm
Packages: httpster
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: liquidjs
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: over 1 year ago
GSA_kwCzR0hTQS00NXJtLTI4OTMtNWY0Oc4AAwgi
liquidjs may leak properties of a prototypeEcosystems: npm
Packages: liquidjs
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: over 1 year ago
GSA_kwCzR0hTQS1oanJmLTJtNjgtNTk1Oc4AAwgh
jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMACEcosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: over 1 year ago
GSA_kwCzR0hTQS1xd3BoLTQ5NTItN3hyNs4AAwgg
jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()Ecosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS04Y2Y3LTMyZ3ctd3IzM84AAwgf
jsonwebtoken unrestricted key type could lead to legacy keys usageEcosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: dustjs-linkedin
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
GSA_kwCzR0hTQS1jNnJwLXdycDktcXI0cc4AAwf6
dustjs-linkedin vulnerable to Prototype PollutionEcosystems: npm
Packages: dustjs-linkedin
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: smoothie
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 1 year ago
GSA_kwCzR0hTQS1nNjYyLXFxNDUtcHB3bc4AAwd8
Smoothie vulnerable to Cross-site Scripting when tooltipLabel or strokeStyle are controlled by usersEcosystems: npm
Packages: smoothie
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 1 year ago
High
Ecosystems: npm
Packages: abacus-ext-cmdline
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tNXY4LXdwdzQtcmozeM4AAwd9
abacus-ext-cmdline vulnerable to Command InjectionEcosystems: npm
Packages: abacus-ext-cmdline
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: lite-dev-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wcHB2LWNoOHAtcnAyd84AAwd6
lite-dev-server vulnerable to Directory TraversalEcosystems: npm
Packages: lite-dev-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: over 1 year ago
GSA_kwCzR0hTQS00dzJqLTJyZzQtNW1qd84AAweA
vm2 vulnerable to Arbitrary Code ExecutionEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: over 1 year ago
GSA_kwCzR0hTQS0zM3ZoLTd4OHEtbWczNc4AAwbl
safe-eval vulnerable to Prototype PollutionEcosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: over 1 year ago
High
Ecosystems: npm
Packages: p4
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qZm04LWh3aGctcjZnZ84AAwbj
p4 vulnerable to Command Injection due to improper input sanitizationEcosystems: npm
Packages: p4
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: easy-static-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS13Y3dtLWMzbXItcHhjcs4AAwbk
easy-static-server vulnerable to Directory TraversalEcosystems: npm
Packages: easy-static-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: maven, npm
Packages: org.webjars.npm:lite-server, lite-server
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: over 1 year ago
GSA_kwCzR0hTQS04OXc3LTVxNDUtcjUzd84AAwbi
lite-server vulnerable to Denial of ServiceEcosystems: maven, npm
Packages: org.webjars.npm:lite-server, lite-server
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: whois
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: over 1 year ago
GSA_kwCzR0hTQS05N2p2LWMzNDItNXhoY84AAwaR
FurqanSoftware/node-whois vulnerable to Prototype PollutionEcosystems: npm
Packages: whois
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: oils
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS12Mjc5LXYyeG0td2hxOc4AAwaQ
Oils JS vulnerable to Open RedirectEcosystems: npm
Packages: oils
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: knex
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: over 1 year ago
GSA_kwCzR0hTQS00anY5LTM1NjMtMjNqM84AAwZv
Knex.js has a limited SQL injection vulnerabilityEcosystems: npm
Packages: knex
Source: GitHub Advisory Database
Blast Radius: 37.3
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @easy-team/easywebpack-cli
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: over 1 year ago
GSA_kwCzR0hTQS0yNTJoLTJjbXEtcG1yNs4AAwXI
easywebpack-cli Path Traversal vulnerabilityEcosystems: npm
Packages: @easy-team/easywebpack-cli
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: replicator
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 1 year ago
GSA_kwCzR0hTQS1odzQ2LXZnNnctODhmas4AAwXM
replicator vulnerable to Deserialization of Untrusted DataEcosystems: npm
Packages: replicator
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: rfc6902
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: over 1 year ago
GSA_kwCzR0hTQS1wNDk1LWp4aDItd3JmZ84AAwYT
npm package rfc6902 vulnerable to Prototype PollutionEcosystems: npm
Packages: rfc6902
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: cycle-import-check
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
GSA_kwCzR0hTQS05OTV4LTMzd3EtOGdjOc4AAwVt
cycle-import-check vulnerable to Command InjectionEcosystems: npm
Packages: cycle-import-check
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: passport-wsfed-saml2
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: over 1 year ago
GSA_kwCzR0hTQS1wcGpxLXF4aHgtbTI1Zs4AAwSb
Authentication Bypass for passport-wsfed-saml2Ecosystems: npm
Packages: passport-wsfed-saml2
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: over 1 year ago
High
Ecosystems: npm
Packages: @cubejs-backend/api-gateway
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: over 1 year ago
GSA_kwCzR0hTQS02anFtLTNjOWctcGNoN84AAwRq
@cubejs-backend/api-gateway row level security bypassEcosystems: npm
Packages: @cubejs-backend/api-gateway
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: over 1 year ago
Moderate
Ecosystems: nuget, packagist, npm
Packages: TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 1 year ago
GSA_kwCzR0hTQS1nZzhyLXhqd3EtNHc5Ms4AAwOk
Cross-site scripting vulnerability in TinyMCE alertsEcosystems: nuget, packagist, npm
Packages: TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 1 year ago
High
Ecosystems: npm
Packages: libp2p
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: over 1 year ago
GSA_kwCzR0hTQS1mNDRxLTYzNGMtanZ3ds4AAwM5
libp2p DoS vulnerability from lack of resource managementEcosystems: npm
Packages: libp2p
Source: GitHub Advisory Database
Blast Radius: 26.3
Published: over 1 year ago
High
Ecosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: over 1 year ago
GSA_kwCzR0hTQS05cDk1LWZ4dmctcWdxMs4AAwKh
simple-git vulnerable to Remote Code Execution when enabling the ext transport protocolEcosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 40.3
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: over 1 year ago
GSA_kwCzR0hTQS1yZjNnLXY4cDUtcDY3Nc4AAwJ4
NodeBB vulnerable to account takeover via prototype vulnerabilityEcosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: over 1 year ago
High
Ecosystems: npm
Packages: muhammara, hummus
Source: GitHub Advisory Database
Blast Radius: 18.4
Published: over 1 year ago
GSA_kwCzR0hTQS0ycjd2LWNtY2gtNXgyNs4AAwJT
muhammara and hummus vulnerable to Unchecked Return Value to NULL Pointer DereferenceEcosystems: npm
Packages: muhammara, hummus
Source: GitHub Advisory Database
Blast Radius: 18.4
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: nadesiko3
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: over 1 year ago
GSA_kwCzR0hTQS14Mmp4LXczd20tOXAzcM4AAwI2
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3editEcosystems: npm
Packages: nadesiko3
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: nadesiko3
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
GSA_kwCzR0hTQS03MjQ5LTh4MjItNHJnNM4AAwI3
nadesiko3 vulnerable to OS Command InjectionEcosystems: npm
Packages: nadesiko3
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: nadesiko3
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
GSA_kwCzR0hTQS1tOHI1LTd3ZjQtNjNtd84AAwI7
Nadesiko3 OS Command Injection vulnerabilityEcosystems: npm
Packages: nadesiko3
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @snyk/snyk-cocoapods-plugin, snyk-docker-plugin, snyk-gradle-plugin, @snyk/snyk-hex-plugin, snyk-python-plugin, snyk-sbt-plugin, snyk-mvn-plugin, snyk
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: over 1 year ago
GSA_kwCzR0hTQS00eDZnLTNjbXgtdzc2cs4AAwGD
Snyk plugins vulnerable to Command InjectionEcosystems: npm
Packages: @snyk/snyk-cocoapods-plugin, snyk-docker-plugin, snyk-gradle-plugin, @snyk/snyk-hex-plugin, snyk-python-plugin, snyk-sbt-plugin, snyk-mvn-plugin, snyk
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: over 1 year ago
High
Ecosystems: npm
Packages: static-dev-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS03ZnhtLWM4NDgtODlxOM4AAwEt
static-dev-server vulnerable to path traversalEcosystems: npm
Packages: static-dev-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: over 1 year ago
GSA_kwCzR0hTQS05Z2g4LXdwNTMtY2NjNs4AAwEB
ghost vulnerable to unauthorized newsletter modification via improper access controlsEcosystems: npm
Packages: ghost
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: over 1 year ago
High
Ecosystems: npm
Packages: decode-uri-component
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 1 year ago
GSA_kwCzR0hTQS13NTczLTRoZzctN3dncc4AAwD1
decode-uri-component vulnerable to Denial of Service (DoS)Ecosystems: npm
Packages: decode-uri-component
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 1 year ago
High
Ecosystems: npm
Packages: qs
Source: GitHub Advisory Database
Blast Radius: 47.4
Published: over 1 year ago
GSA_kwCzR0hTQS1ocnBwLWg5OTgtajNwcM4AAwDM
qs vulnerable to Prototype PollutionEcosystems: npm
Packages: qs
Source: GitHub Advisory Database
Blast Radius: 47.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 48.2
Published: over 1 year ago
GSA_kwCzR0hTQS05OTVmLTl4NXItMnJjas4AAwCZ
Heap buffer overflow in GPUEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 48.2
Published: over 1 year ago
Low
Ecosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS04amg5LXdxcGYtcTUyY84AAwBV
sweetalert2 v8.19.1 and above contains hidden functionalityEcosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wZzk4LTZ2N2YtMnhmds4AAwBU
sweetalert2 v9.17.4 and above contains hidden functionalityEcosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS00NTdyLWNxYzgtOXZqOc4AAwBT
sweetalert2 v10.16.10 and above contains hidden functionalityEcosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xcTZoLTVnNmotcTNjbc4AAwBN
sweetalert2 v11.4.9 and above contains hidden functionalityEcosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: tooljet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oZ3A4LXc4ZmotcjRjbc4AAv_v
ToolJet is vulnerable to Denial of Service (DoS)Ecosystems: npm
Packages: tooljet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: engine.io
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: over 1 year ago
GSA_kwCzR0hTQS1yN3FwLWNmaHYtcDg0d84AAv_b
Uncaught exception in engine.ioEcosystems: npm
Packages: engine.io
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: fastify
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: over 1 year ago
GSA_kwCzR0hTQS0zZmpqLXA3OWotYzloaM4AAv_I
Fastify: Incorrect Content-Type parsing can lead to CSRF attackEcosystems: npm
Packages: fastify
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: over 1 year ago
GSA_kwCzR0hTQS01Z3d4LXdmOWctcjVteM4AAv2W
NodeBB vulnerable to Cross-Site Request ForgeryEcosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: matrix-appservice-irc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1mZndmLTQ3eDItanByOM4AAv2P
Matrix-appservice-irc vulnerable to sql injection via roomIds argumentEcosystems: npm
Packages: matrix-appservice-irc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: readthedocs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS05OHBmLWdmaDMteDNtcM4AAv0C
Read the Docs vulnerable to Cross-Site Scripting (XSS)Ecosystems: npm
Packages: readthedocs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: @redwoodjs/api
Source: GitHub Advisory Database
Blast Radius: 23.1
Published: over 1 year ago
GSA_kwCzR0hTQS0zcW1jLTJyNzYtNHJxcM4AAv0B
Redwood is vulnerable to account takeover via dbAuth "forgot-password"Ecosystems: npm
Packages: @redwoodjs/api
Source: GitHub Advisory Database
Blast Radius: 23.1
Published: over 1 year ago
High
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: over 1 year ago
GSA_kwCzR0hTQS05M3Z3LThmbTUtcDJqZs4AAv0A
Parse Server is vulnerable to Prototype Pollution via Cloud Code WebhooksEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 1 year ago
GSA_kwCzR0hTQS1wMmpoLTQ0cWotcGYyds4AAvz_
Exfiltration of hashed SMB credentials on Windows via file:// redirectEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 1 year ago
High
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: over 1 year ago
GSA_kwCzR0hTQS14cHJ2LXd2aDctcXFxeM4AAvxw
Parse Server vulnerable to Prototype Pollution via Cloud Code Webhooks or Cloud Code TriggersEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: over 1 year ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Packages: 8,381
Repositories: 1,400
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
18
sequelize
16
next
15
swagger-ui
14
tinymce
14
ghost
14
strapi
13
joplin
13
ckeditor4
13
undici
12
vm2
12
nodebb
11
handlebars
11
marked
11
angular
11
nocodb
10
@evershop/evershop
9
serve
9
next-auth
9
TinyMCE
9
tinymce/tinymce
9
node-forge
8
urijs
8
jsrsasign
8
express-cart
8
editor.md
8
validator
8
npm
8
@strapi/strapi
8
url-parse
8
tar
8
steal
8
systeminformation
8
bootstrap
8
matrix-js-sdk
8
org.webjars.npm:jquery
8
jquery
8
jquery-rails
8
total.js
7
sanitize-html
7
uptime-kuma
7
jquery-ui
7
jquery-ui-rails
7
matrix-appservice-irc
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
snyk-broker
7
jQuery
7
shescape
7
lodash
7
matrix-react-sdk
7
hermes-engine
7
hapi
7
safe-eval
6
aaptjs
6
rsshub
6
parse-url
6
lodash-es
5
total4
5
openpgp
5
sweetalert2
5
public
5
ejs
5
prismjs
5
vite
5
mongoose
5
dojo
5
yarn
5
vditor
5
ua-parser-js
5
@strapi/plugin-users-permissions
5
rendertron
5
xlsx
5
keystone
5
safer-eval
4
muhammara
4
remarkable
4
convert-svg-core
4
axios
4
hummus
4
simple-git
4
engine.io
4
jsonwebtoken
4
realms-shim
4
ws
4
fastify
4
katex
4
dompurify
4
apostrophe
4
vega
4
auth0-js
4
@keystone-6/core
4
materialize-css
4
moment
4
mongo-express
4
valine
4
mermaid
4
auth0-lock
4
@backstage/plugin-scaffolder-backend
4
qs
4
ecstatic
4
simple-markdown
4
generator-jhipster
4
mysql2
4
meshcentral
4
aws-iot-device-sdk-v2
4
glance
4
apollo-server-core
4
awsiotsdk
4
follow-redirects
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
ses
3
loader-utils
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
notevil
3
object-path
3
passport-wsfed-saml2
3
js-yaml
3
grunt
3
jspdf
3
n8n
3
locutus
3
jointjs
3
codecov
3
feathers-sequelize
3
mysql
3
wrangler
3
yapi-vendor
3
@frangoteam/fuxa
3
ftp-srv
3
renovate
3
blamer
3
bootstrap
3
@ckeditor/ckeditor5-markdown-gfm
3
raneto
3
tough-cookie
3
froala-editor
3
highcharts
3
localhost-now
3
mixme
3
connect
3
jose
3
socket.io-file
3
fast-xml-parser
3
browserify-shim
3
slpjs
3
dns-sync
3
protobufjs
3
http-live-simulator
3
uap-core
3
xmldom
3
m-server
3
keycloak-connect
3
@strapi/utils
3
@cubejs-backend/api-gateway
3
nodemailer
3
slp-validate
3
apollo-server
3
node-opcua
3
postcss
3
jquery-validation
3
socket.io-parser
3
@backstage/techdocs-common
3
node-ipc
3
mathjs
3
node-jose
3
parsel
3
@uppy/companion
3
nadesiko3
3
convict
3
dojox
3
simplehttpserver
3
fuxa-server
3
mxgraph
3
statics-server
3
stimulsoft-dashboards-js
3
express-fileupload
3
node-fetch
3
xdLocalStorage
3
@hapi/subtext
3
subtext
3
@apollo/server
3
json-pointer
3
immer
3
serialize-to-js
3
buttle
3
typeorm
3
lodash.defaultsdeep
3
@vrite/sdk
3
@commercial/subtext
3
json-ptr
3
@sveltejs/kit
3
snyk
3
@soketi/soketi
3
ids-enterprise
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/directus/directus
17
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/nodejs/undici
12
https://github.com/NodeBB/NodeBB
11
https://github.com/vercel/next.js
11
https://github.com/jquery/jquery
10
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/nocodb/nocodb
10
https://github.com/evershopcommerce/evershop
9
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/apollographql/apollo-server
8
https://github.com/pandao/editor.md
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/digitalbazaar/forge
8
https://github.com/twbs/bootstrap
7
https://github.com/unshiftio/url-parse
7
https://github.com/lodash/lodash
7
https://github.com/louislam/uptime-kuma
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/ericcornelissen/shescape
7
https://github.com/jquery/jquery-ui
6
https://github.com/facebook/hermes
6
https://github.com/DIYgod/RSSHub
6
https://github.com/npm/node-tar
6
https://github.com/panva/jose
6
https://github.com/totaljs/framework
6
https://github.com/shenzhim/aaptjs
6
https://github.com/ionicabizau/parse-url
6
https://github.com/eclipse-theia/theia
6
https://github.com/vitejs/vite
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/markedjs/marked
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/npm/cli
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/vega/vega
5
https://github.com/follow-redirects/follow-redirects
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/xCss/Valine
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/mrvautin/expressCart
4
https://github.com/hapijs/hapi
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/PrismJS/prism
4
https://github.com/sidorares/node-mysql2
4
https://github.com/steveukx/git-js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/axios/axios
4
https://github.com/KaTeX/KaTeX
4
https://github.com/auth0/lock
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/socketio/engine.io
4
https://github.com/balderdashy/sails
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/yarnpkg/yarn
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/angular/angular.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/npm/npm
4
https://github.com/Dogfalo/materialize
4
https://github.com/nodejs/llhttp
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/highcharts/highcharts
3
https://github.com/neocotic/convert-svg
3
https://github.com/sveltejs/kit
3
https://github.com/node-fetch/node-fetch
3
https://github.com/libxmljs/libxmljs
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/beerpwn/CVE
3
https://github.com/immerjs/immer
3
https://github.com/node-opcua/node-opcua
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/transloadit/uppy
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/nodemailer/nodemailer
3
https://github.com/n8n-io/n8n
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/dwisiswant0/advisory
3
https://github.com/mozilla/node-convict
3
https://github.com/mongo-express/mongo-express
3
https://github.com/dojo/dojox
3
https://github.com/dojo/dojo
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/facebook/react
3
https://github.com/moment/moment
3
https://github.com/nasa/openmct
3
https://github.com/renovatebot/renovate
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/mermaid-js/mermaid
3
https://github.com/salesforce/tough-cookie
3
https://github.com/cure53/DOMPurify
3
https://github.com/gruntjs/grunt
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/clientIO/joint
3
https://github.com/simpleledger/slpjs
3
https://github.com/mariocasciaro/object-path
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/cisco/node-jose
3
https://github.com/chjj/marked
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/socketio/socket.io-parser
3
https://github.com/soketi/soketi
3
https://github.com/hapijs/subtext
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/webpack/loader-utils
3
https://github.com/ua-parser/uap-core
3
https://github.com/adaltas/node-mixme
3
https://github.com/typeorm/typeorm
3
https://github.com/zeit/next.js
3
https://github.com/websockets/ws
3
https://github.com/vriteio/vrite
3
https://github.com/xmldom/xmldom
3
https://github.com/jarofghosts/glance
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/Automattic/mongoose
3
https://github.com/vanessa219/vditor
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/jsuites/jsuites
2
https://github.com/mathjax/MathJax
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/jameswlane/status-board
2
https://github.com/shelljs/shelljs
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/vvakame/fs-git
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/peerigon/angular-expressions
2
https://github.com/peterbraden/node-opencv
2
https://github.com/ahdinosaur/set-in
2
https://github.com/josdejong/jsoneditor
2
https://github.com/cronvel/tree-kit
2
https://github.com/karma-runner/karma
2
https://github.com/snyk/cli
2
https://github.com/Finastra/ssr-pages
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/marudor/libxmljs2
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/jcubic/jquery.terminal
2
https://github.com/endojs/endo
2
https://github.com/vivaxy/here
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/mysqljs/mysql
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mithunsatheesh/node-rules
2
https://github.com/dfinity/agent-js
2
https://github.com/mozilla/pdf.js
2