Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1yZmg2LW1nNmgtaDY2OM4AAyuy
xwiki-platform-administration-ui vulnerable to privilege escalationEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: karma-mojo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBmOGotdmhnOC14bWMz
karma-mojo enables OS Command InjectionEcosystems: npm
Packages: karma-mojo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Critical
Ecosystems: cargo
Packages: slice-deque
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMzbTMtYzM5cS1wdjIz
Out of bounds write in slice-dequeEcosystems: cargo
Packages: slice-deque
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: almost 2 years ago
GSA_kwCzR0hTQS03eGZqLTRqcGctNTh2Zs4AAUsi
ThinkPHP SQLi VulnerabilityEcosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: linea
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo1Mm0tNDg5eC12NjM0
Double free in lineaEcosystems: cargo
Packages: linea
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: cremefraiche
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02ZjctNDZody1ncmNq
Creme Fraiche contains OS Command InjectionEcosystems: rubygems
Packages: cremefraiche
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
Critical
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
GSA_kwCzR0hTQS05d2M5LTQ5OHctaDh4ds4AAjcc
Magento deserialization vulnerabilityEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: blake2
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR4MjUtcHZody01MjI0
Algorithms compute incorrect results in blake2Ecosystems: cargo
Packages: blake2
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS13N3Y5LWZjNDktNHFnNM4AAyuq
org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki Eval Injection vulnerabilityEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 8 months ago
GSA_kwCzR0hTQS02MndmLWgyNnYtNW01N84AA19I
Cross Site Scripting vulnerability in Dolibarr ERP CRMEcosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 8 months ago
Critical
Ecosystems: packagist
Packages: october/october
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: almost 2 years ago
GSA_kwCzR0hTQS04dmg2LTh3NzYtdjZtM84AAQVU
October CMS File Upload VulnerabilityEcosystems: packagist
Packages: october/october
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: chttp
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVycnYtbTM2aC1xd2Y4
Use-after-free in chttpEcosystems: cargo
Packages: chttp
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: lucet-runtime-internals
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM5MzMtd3ZqZi1wY3Zj
Out of bounds access in lucet-runtime-internalsEcosystems: cargo
Packages: lucet-runtime-internals
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.nifi:nifi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qcmNjLTdqZjUtM3B4Z84AAYP1
Injection in Apache NiFiEcosystems: maven
Packages: org.apache.nifi:nifi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: over 1 year ago
GSA_kwCzR0hTQS1tbW1oLXdjeG0tMndyNM4AAvnr
Spring Security authorization rules can be bypassed via forward or include dispatcher typesEcosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: over 1 year ago
Critical
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: over 1 year ago
GSA_kwCzR0hTQS04cndyLXgzN3AtbXgyM84AAvn2
X.509 Email Address 4-byte Buffer OverflowEcosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
GSA_kwCzR0hTQS1oY2czLTU2amYteDR2aM4AAyqc
safe-eval vulnerable to Prototype Pollution via the safeEval functionEcosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: dompdf/dompdf
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: about 2 years ago
GSA_kwCzR0hTQS14NzUyLXFqdjQtYzRoY804Ig
Remote code injection in dompdf/dompdfEcosystems: packagist
Packages: dompdf/dompdf
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
GSA_kwCzR0hTQS03OXhmLTY3cjQtcTJqas4AAyqY
safe-eval vulnerable to Sandbox Bypass due to improper input sanitizationEcosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
GSA_kwCzR0hTQS0ycnIzLXJ2NDktcDQyZs4AAvl1
phpMyFAQ contains Weak Password RequirementsEcosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: feathers-sequelize
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: over 1 year ago
GSA_kwCzR0hTQS1xcHY4LTRwanEtcXFoN84AAvis
feathers-sequelize contains improper input validation leading to SQL injectionEcosystems: npm
Packages: feathers-sequelize
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: studio-42/elfinder
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: almost 2 years ago
GSA_kwCzR0hTQS00NXgzLW13N3Etd2Y3Zs3stw
elFinder Path Traversal vulnerabilityEcosystems: packagist
Packages: studio-42/elfinder
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: @fangrong/xoc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqeHAtZjM3OS02Mjg0
Malicious Package in @fangrong/xocEcosystems: npm
Packages: @fangrong/xoc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: stream-combine
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2eGotNDVndi1mdzM1
Malicious Package in stream-combineEcosystems: npm
Packages: stream-combine
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00NDhoLTdobXAtOTlmZ84AAbWe
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: rusqlite
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0dzctM3FyOC01NjIz
Improper type usage in rusqliteEcosystems: cargo
Packages: rusqlite
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: bitvec
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjamMtaHZ4Zi1ncWg3
Use after free and double free in bitvecEcosystems: cargo
Packages: bitvec
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: over 2 years ago
Critical
Ecosystems: go
Packages: github.com/sagernet/sing, github.com/sagernet/sing-box
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 7 months ago
GSA_kwCzR0hTQS1yNWhtLW1wM2otMjg1Z84AA2C4
sing-box vulnerable to improper authentication in the SOCKS inboundEcosystems: go
Packages: github.com/sagernet/sing, github.com/sagernet/sing-box
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 7 months ago
Critical
Ecosystems: npm
Packages: umami
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS04d3d3LWNmZmgtNHE5OM4AA08I
Anyone with a share link can RESET all website data in UmamiEcosystems: npm
Packages: umami
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Critical
Ecosystems: cargo
Packages: ozone
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAycTktOWNxNi1oM2p3
Out of bounds read in OzoneEcosystems: cargo
Packages: ozone
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: opensymphony:oscore
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: 9 months ago
GSA_kwCzR0hTQS04NTltLTJwZngtZndoZs4AA08D
Code injection in oscoreEcosystems: maven
Packages: opensymphony:oscore
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: 9 months ago
Critical
Ecosystems: packagist
Packages: zendframework/zendframework
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: almost 2 years ago
GSA_kwCzR0hTQS14ZmpxLXczY3ctaDVmcc4AAVUw
Zend Framework Allows SQL InjectionEcosystems: packagist
Packages: zendframework/zendframework
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: rusqlite
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThoNGotdm0zci12Y3Ez
Use after free in rusqliteEcosystems: cargo
Packages: rusqlite
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: plist
Source: GitHub Advisory Database
Blast Radius: 55.3
Published: about 2 years ago
GSA_kwCzR0hTQS00Y3BnLTN2Z3ctNDg3N80s1Q
Prototype pollution in Plist before 3.0.5 can cause denial of serviceEcosystems: npm
Packages: plist
Source: GitHub Advisory Database
Blast Radius: 55.3
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.eventmesh:eventmesh-connector-rabbitmq
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1majhmLTU2d2MtcTM2cs4AA0u5
rabbitmq-connector plugin module in Apache EventMesh platforms allows attackers to send controlled messageEcosystems: maven
Packages: org.apache.eventmesh:eventmesh-connector-rabbitmq
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
GSA_kwCzR0hTQS1oeDhwLTltNDgtZzc2cs4AAyiO
Ming-Soft MCMS vulnerable to SQL injectionEcosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
Critical
Ecosystems: cargo
Packages: simple-slab
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzOGctZngzNC00aDlt
Out of bounds read in simple-slabEcosystems: cargo
Packages: simple-slab
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05Mjl3LXE0MzMtNGg5eM4AAqj-
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: about 2 years ago
GSA_kwCzR0hTQS03OWd2LTVjZ3gteDZyeM0-8Q
Typo3 Authentication BypassEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: about 2 years ago
Critical
Ecosystems: nuget
Packages: System.Drawing.Common
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: almost 2 years ago
GSA_kwCzR0hTQS1yeGc5LXhyaHAtNjRnas4AAnr8
.NET Core Remote Code Execution VulnerabilityEcosystems: nuget
Packages: System.Drawing.Common
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: feathers-sequelize
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: over 1 year ago
GSA_kwCzR0hTQS1wNW0zLTI3dmgtNTJqNM4AAvit
Feather-Sequelize cleanQuery method vulnerable to Prototype PollutionEcosystems: npm
Packages: feathers-sequelize
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1qdnh4LTh4eGYtNTQ5Nc4AAbYo
phpMyAdmin CSRF VulnerabilityEcosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: actix-codec
Source: GitHub Advisory Database
Blast Radius: 37.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJxZ3gtaHBnNC00NTZy
Use-after-free in actix-codecEcosystems: cargo
Packages: actix-codec
Source: GitHub Advisory Database
Blast Radius: 37.0
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: farm-haystack
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: about 1 year ago
GSA_kwCzR0hTQS13N3FnLWo0MzUtNzhxd84AAydg
Use of hard-coded, security-relevant constants in deepset-ai/haystackEcosystems: pypi
Packages: farm-haystack
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: morgan-json
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: over 1 year ago
GSA_kwCzR0hTQS1md3Y0LTZteGMteDVoM84AAuh1
morgan-json vulnerable to Arbitrary Code ExecutionEcosystems: npm
Packages: morgan-json
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: over 1 year ago
Critical
Ecosystems: rubygems
Packages: karo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xZndxLWNoZjQtanZ3Z84AAUl6
karo Metacharacter Handling Remote Command ExecutionEcosystems: rubygems
Packages: karo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tcWMyLXc5cjgtbW14bc4AAvde
Jenkins Pipeline: Groovy Plugin allows sandbox protection bypass and arbitrary code executionEcosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1oZjYyLTV2eGgtanB3as4AAitU
Pimcore 2FA Vulnerable to Brute ForcingEcosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: almost 2 years ago
Critical
Ecosystems: go
Packages: helm.sh/helm
Source: GitHub Advisory Database
Blast Radius: 16.5
Published: almost 2 years ago
GSA_kwCzR0hTQS14NnI1LXZ4ZmctZ3Ezds4AAhU1
Helm Improper Certificate ValidationEcosystems: go
Packages: helm.sh/helm
Source: GitHub Advisory Database
Blast Radius: 16.5
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: Radicale
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: almost 2 years ago
GSA_kwCzR0hTQS04NGN3LW14aHYtcXZ2NM4AAdCH
Radicale is vulnerable to directory traversal on Windows Filesystem Storage Backend componentEcosystems: pypi
Packages: Radicale
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1ybXBqLTdjOTYtbXJnOM4AArin
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
GSA_kwCzR0hTQS1mcjV3LTk4bWMtamp2Z80l5Q
Arbitrary file upload in Mingsoft MCMSEcosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.contrib:application-ckeditor-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS02bWpwLTJybTYtOWc4Nc4AAwyI
XWiki CKEditor.HTMLConverter vulnerable to Remote Code Execution via Cross-Site Request ForgeryEcosystems: maven
Packages: org.xwiki.contrib:application-ckeditor-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: angular-server-side-configuration
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: about 1 year ago
GSA_kwCzR0hTQS1nd3ZtLXZycDQtNHBwNc4AAyUN
angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backendEcosystems: npm
Packages: angular-server-side-configuration
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: io.quarkus:quarkus-core-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1td2h3LTZwMjctNGNyY84AAuk7
Quarkus does not terminate HTTP requests header contextEcosystems: maven
Packages: io.quarkus:quarkus-core-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: us.codecraft:webmagic-core
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: 9 months ago
GSA_kwCzR0hTQS1ncnZxLXZqcXIteDh2bc4AA076
Code injection in webmagic-coreEcosystems: maven
Packages: us.codecraft:webmagic-core
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 1 year ago
GSA_kwCzR0hTQS00NXg5LXE2dmotY3Fncc4AAvPr
Apache Shiro Authentication Bypass vulnerabilityEcosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: AsyncSSH
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: almost 2 years ago
GSA_kwCzR0hTQS05N2N2LTZwamYtNWY5cc4AAUF3
AsyncSSH SSH Server Authentication BypassEcosystems: pypi
Packages: AsyncSSH
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: traitobject
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wcDhyLXZ2MmotOWo1ds4AAu1P
traitobject is UnmaintainedEcosystems: cargo
Packages: traitobject
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: com.itextpdf:itext-rups
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qNjlmLWZnaDUtZjdtY84AAwqU
iText RUPS XML External Entity vulnerabilityEcosystems: maven
Packages: com.itextpdf:itext-rups
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: be.e_contract.dssp:dssp-client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS03N2NjLXczd20tNndocM4AAwyB
dssp vulnerable to Improper Restriction of XML External Entity ReferenceEcosystems: maven
Packages: be.e_contract.dssp:dssp-client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 1 year ago
GSA_kwCzR0hTQS1xMngzLTJmOWctaDU1Oc4AAyQm
Moodle's Mustache pix helper contained a potential Mustache injection risk if combined with user inputEcosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: @vrite/sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS13MzVwLXd4d2otcmNtOc4AA2bq
Server-Side Request Forgery (SSRF) in vriteio/vriteEcosystems: npm
Packages: @vrite/sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Critical
Ecosystems: npm
Packages: angular-material-sidenav-rnd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFteGYtZnhxNy13NTlm
Malicious Package in angular-material-sidenav-rndEcosystems: npm
Packages: angular-material-sidenav-rnd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: org.apache.zookeeper:zookeeper
Source: GitHub Advisory Database
Blast Radius: 41.3
Published: 7 months ago
GSA_kwCzR0hTQS03Mjg2LXBnZnYtdnh2aM4AA2YZ
Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeperEcosystems: maven
Packages: org.apache.zookeeper:zookeeper
Source: GitHub Advisory Database
Blast Radius: 41.3
Published: 7 months ago
Critical
Ecosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 41.2
Published: 7 months ago
GSA_kwCzR0hTQS1neDZyLXFjMnYtM3Azds4AA1_3
systeminformation SSID Command Injection VulnerabilityEcosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 41.2
Published: 7 months ago
Critical
Ecosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 60.1
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJwNjgtZjc0di05d2M2
ActiveSupport potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStoreEcosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 60.1
Published: almost 4 years ago
Critical
Ecosystems: actions
Packages: atlassian/gajira-create
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS00eHF4LXBxcGotOWZxd84AAvMB
gajira-create GitHub action vulnerable to arbitrary code executionEcosystems: actions
Packages: atlassian/gajira-create
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.bedework.caleng:bw-calendar-engine
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhtdmctdzRmOS05OXI3
XML External Entity (XXE) vulnerability in bw-calendar-engineEcosystems: maven
Packages: org.bedework.caleng:bw-calendar-engine
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Critical
Ecosystems: go
Packages: github.com/antchfx/xmlquery
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: over 1 year ago
GSA_kwCzR0hTQS05M203LWM2OWYtNWNmas4AAvMA
xmlquery lacks check for whether LoadURL response is in XML format, causing denial of serviceEcosystems: go
Packages: github.com/antchfx/xmlquery
Source: GitHub Advisory Database
Blast Radius: 32.5
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:keycloak
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS05OTYzLWdtaDgtdnZtNs4AAxJN
Session fixation vulnerability in Jenkins Keycloak Authentication PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:keycloak
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: dotty
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1YzkteDlqNi04N3Fw
Prototype pollution in dottyEcosystems: npm
Packages: dotty
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 3 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3ODItcjMyOS0zcTY3
Deserialization of Untrusted Data in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
Critical
Ecosystems: packagist
Packages: wwbn/avideo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wZ3ZoLXAzZzQtODZqd84AAxVl
AVideo contains Command injection when embedding a video linkEcosystems: packagist
Packages: wwbn/avideo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.kylin:kylin-server-base, org.apache.kylin:kylin-spark-project, org.apache.kylin:kylin-core-common
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: 10 months ago
GSA_kwCzR0hTQS1wcHh4LW05MjYtZzU2Oc4AA0RP
Apache Kylin vulnerable to remote code executionEcosystems: maven
Packages: org.apache.kylin:kylin-server-base, org.apache.kylin:kylin-spark-project, org.apache.kylin:kylin-core-common
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: 10 months ago
Critical
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoajktY2pqaC0yN3Zt
Active Record contains deserialization of arbitrary YAMLEcosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Critical
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 year ago
GSA_kwCzR0hTQS1tZnZnLXF3Y3ctcXZjOM4AAyQi
baserCMS allows any file to be uploadedEcosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.hsqldb:hsqldb
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 1 year ago
GSA_kwCzR0hTQS03N3h4LXJ4dmgtcTY4Ms4AAvLg
HyperSQL DataBase vulnerable to remote code execution when processing untrusted inputEcosystems: maven
Packages: org.hsqldb:hsqldb
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: fixpunkt/fp-newsletter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1mNjgzLTM1dzktMjhnNc4AAwWi
Multiple vulnerabilities in extension "Newsletter subscriber management" (fp_newsletter)Ecosystems: packagist
Packages: fixpunkt/fp-newsletter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: prestashop/prestashop
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 9 months ago
GSA_kwCzR0hTQS1nZjQ2LXBybTQtNTZwY84AA1LW
PrestaShop SQL manager vulnerabilityEcosystems: packagist
Packages: prestashop/prestashop
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 9 months ago
Critical
Ecosystems: npm
Packages: tree-kit
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: 9 months ago
GSA_kwCzR0hTQS01cDQyLW02ZjMtaHBtas4AA1Wh
tree-kit Prototype Pollution vulnerabilityEcosystems: npm
Packages: tree-kit
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.apache.inlong:manager-pojo
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: 7 months ago
GSA_kwCzR0hTQS1ycDZ4LWdndzYtOGc1Ns4AA2do
Authorization Bypass in Apache InLongEcosystems: maven
Packages: org.apache.inlong:manager-pojo
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: 7 months ago
Critical
Ecosystems: maven
Packages: org.geoserver.community:gs-jdbcconfig
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS03ZzVmLXdyeDgtNWNjZs4AAxxV
GeoServer OGC Filter SQL Injection VulnerabilitiesEcosystems: maven
Packages: org.geoserver.community:gs-jdbcconfig
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-annotation-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1oNmY1LThqajUtY3hocs4AAx6L
xwiki-platform vulnerable to Remote Code Execution in AnnotationsEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-annotation-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: almost 2 years ago
GSA_kwCzR0hTQS01d3c2LXB4NDItd2M4Nc4AApqI
SM2 Decryption Buffer OverflowEcosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: com.aerospike:aerospike-client
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: 9 months ago
GSA_kwCzR0hTQS1qajk1LTU1Y3ItOTU5N84AA1Co
Aerospike Java Client vulnerable to unsafe deserialization of server responsesEcosystems: maven
Packages: com.aerospike:aerospike-client
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-legacy-oldcore, org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS0zNzM4LXA5eDMtbXY5cs4AAx7O
XWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong authorEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-legacy-oldcore, org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.alluxio:alluxio-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS14cnJoLWg4NnctcHdmas4AA1T6
Alluxio vulnerable to arbitrary code executionEcosystems: maven
Packages: org.alluxio:alluxio-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 9 months ago
GSA_kwCzR0hTQS1majMyLXE2MjYtcGpqY84AA1UA
LangChain vulnerable to arbitrary code executionEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 9 months ago
Critical
Ecosystems: npm
Packages: keyget
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04bXA4LTI4eGgtcjQ4Ns4AAmv-
keyget vulnerable to prototype pollutionEcosystems: npm
Packages: keyget
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: go
Packages: github.com/loft-sh/devspace
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: almost 2 years ago
GSA_kwCzR0hTQS02aDhjLWd3MzMtY2ptMs4AAlcw
DevSpace vulnerable to remote code executionEcosystems: go
Packages: github.com/loft-sh/devspace
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: pandasai
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 9 months ago
GSA_kwCzR0hTQS04ZnA5LTQzcHctNTZ2d84AA1UK
PandasAI vulnerable to arbitrary code executionEcosystems: pypi
Packages: pandasai
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 9 months ago
Critical
Ecosystems: packagist
Packages: bacula-web/bacula-web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1mdjRtLTVqMmMtNzg3cs4AAWOg
Bacula-web SQL Injection VulnerabilitiesEcosystems: packagist
Packages: bacula-web/bacula-web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: mxgraph
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: almost 2 years ago
GSA_kwCzR0hTQS13dnB2LTg1MjQtd2c2eM4AAXRX
mxGraph vulnerable to XXE attacksEcosystems: npm
Packages: mxgraph
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.yamcs:yamcs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS00M2Z3LTUzNmotdzM3as4AA2kO
Yamcs API Directory Traversal vulnerabilityEcosystems: maven
Packages: org.yamcs:yamcs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-panels-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1xeGpnLWpoZ3ctcWhyds4AAyAC
org.xwiki.platform:xwiki-platform-panels-ui vulnerable to Eval InjectionEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-panels-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wdnA2LTUzcjktOHZ4aM4AAyAe
SQL Injection in FunadminEcosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: about 2 years ago
GSA_kwCzR0hTQS1qNjhmLThoNnAtOWg1cc0-5A
Struts ParameterInterceptor vulnerability allows remote command executionEcosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: hellojs
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: 9 months ago
GSA_kwCzR0hTQS1nM3ZmLTQ3ZnYtOGYzY84AA1QP
MrSwitch hello.js vulnerable to prototype pollutionEcosystems: npm
Packages: hellojs
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: 9 months ago
Critical
Ecosystems: maven, npm
Packages: org.webjars.bowergithub.wycats:handlebars.js, org.webjars.npm:handlebars, org.webjars:handlebars, handlebars
Source: GitHub Advisory Database
Blast Radius: 79.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYyanYtcjlyZi03OTg4
Remote code execution in handlebars when compiling templatesEcosystems: maven, npm
Packages: org.webjars.bowergithub.wycats:handlebars.js, org.webjars.npm:handlebars, org.webjars:handlebars, handlebars
Source: GitHub Advisory Database
Blast Radius: 79.2
Published: almost 3 years ago
Statistics
Advisories: 18,303
Packages: 8,274
Repositories: 1,285
Ecosystems: 12
Packages: 8,274
Repositories: 1,285
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
27
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
org.jenkins-ci.main:jenkins-core
18
net.mingsoft:ms-mcms
18
moodle/moodle
15
salt
15
com.liferay.portal:release.portal.bom
13
topthink/framework
12
mlflow
12
com.liferay.portal:release.dxp.bom
12
langchain
12
org.apache.dubbo:dubbo
12
org.apache.struts:struts2-core
11
magento/core
11
drupal/core
11
vm2
10
apache-airflow
10
phpmyadmin/phpmyadmin
9
org.xwiki.platform:xwiki-platform-oldcore
9
tensorflow
9
funadmin/funadmin
9
org.xwiki.platform:xwiki-platform-web-templates
8
shopware/platform
8
paddlepaddle
8
org.jeecgframework.boot:jeecg-boot-common
8
drupal/drupal
8
rdiffweb
8
tensorflow-gpu
8
tensorflow-cpu
8
symfony/symfony
7
gogs.io/gogs
7
rusqlite
7
studio-42/elfinder
7
org.xwiki.platform:xwiki-platform-administration-ui
7
sequelize
7
ansible
7
froxlor/froxlor
7
parse-server
6
thorsten/phpmyfaq
6
github.com/argoproj/argo-cd
6
aaptjs
6
github.com/answerdev/answer
6
ezsystems/ezpublish-kernel
6
org.jeecgframework.boot:jeecg-boot-parent
5
org.apache.activemq:activemq-client
5
django
5
centreon/centreon
5
steal
5
Pillow
5
mercurial
5
nodebb
5
ckb
5
org.xwiki.platform:xwiki-platform-web
5
Microsoft.ChakraCore
5
org.apache.shiro:shiro-core
5
org.jenkins-ci.plugins:script-security
5
org.xwiki.commons:xwiki-commons-xml
5
zendframework/zendframework
5
safe-eval
5
shopware/core
5
org.apache.inlong:manager-pojo
5
org.apache.tomcat.embed:tomcat-embed-core
5
code.gitea.io/gitea
4
PaddlePaddle
4
org.apache.inlong:manager-service
4
openssl-src
4
net.opentsdb:opentsdb
4
baserproject/basercms
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
nukeviet/nukeviet
4
Django
4
apache-airflow-providers-apache-hive
4
calibreweb
4
spree_auth_devise
4
librenms/librenms
4
smallvec
4
feehi/cms
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
prestashop/prestashop
4
org.apache.openmeetings:openmeetings-parent
4
org.apache.kylin:kylin-server-base
4
hermes-engine
4
nilsteampassnet/teampass
4
realms-shim
4
pyload-ng
4
org.apache.tapestry:tapestry-core
4
github.com/hashicorp/vault
4
contao/contao
4
swagger-ui
4
safer-eval
4
github.com/usememos/memos
4
messagepack-rs
4
org.eclipse.jetty:jetty-server
4
contao/core-bundle
4
org.jeecgframework.boot:jeecg-boot-base-core
4
org.cloudfoundry.identity:cloudfoundry-identity-server
4
github.com/argoproj/argo-cd/v2
4
github.com/rancher/rancher
3
rubygems-update
3
craftcms/cms
3
ibexa/core
3
github.com/hashicorp/nomad
3
github.com/dexidp/dex
3
org.xwiki.platform:xwiki-platform-panels-ui
3
codeigniter4/framework
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
facade/ignition
3
id-map
3
cobbler
3
slpjs
3
typo3/cms
3
org.apache.dolphinscheduler:dolphinscheduler
3
jsrsasign
3
com.jflyfox:jflyfox_jfinal
3
slp-validate
3
log4j:log4j
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
org.apache.ignite:ignite-core
3
org.jeecgframework.boot:jeecg-boot-base
3
@openzeppelin/contracts-upgradeable
3
org.jenkins-ci.plugins:active-directory
3
nvflare
3
org.keycloak:keycloak-core
3
org.apache.logging.log4j:log4j-core
3
dompdf/dompdf
3
org.xwiki.platform:xwiki-platform-icon-ui
3
edu.stanford.nlp:stanford-corenlp
3
com.hazelcast:hazelcast
3
browserify-shim
3
mongoose
3
org.springframework.security:spring-security-core
3
showdoc/showdoc
3
ro.pippo:pippo-core
3
ezsystems/ezplatform-kernel
3
org.apache.hadoop:hadoop-common
3
francoisjacquet/rosariosis
3
strapi
3
impresscms/impresscms
3
codiad/codiad
3
org.apache.inlong:manager-web
3
handlebars
3
mautic/core
3
phpmailer/phpmailer
3
actix-web
3
org.apache.ozone:ozone-main
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
org.apache.any23:apache-any23
3
symfony/security
3
symfony/security-core
3
com.alibaba:dubbo
3
github.com/pterodactyl/wings
3
io.undertow:undertow-core
3
org.apache.jmeter:ApacheJMeter
3
zendframework/zendframework1
3
io.dataease:dataease-plugin-common
3
github.com/go-gitea/gitea
3
org.apache.storm:storm
3
smarty/smarty
3
feathers-sequelize
3
lmdb
3
nokogiri
3
publify_core
3
org.apache.linkis:linkis
3
tribalsystems/zenario
3
org.xwiki.platform:xwiki-platform-search-ui
3
ray
3
xcb
3
pimcore/pimcore
3
org.apache.solr:solr-core
3
elefant/cms
3
modoboa
3
org.apache.solr:solr-parent
3
org.richfaces:richfaces-core
3
total4
2
pandasai
2
org.xwiki.platform:xwiki-platform-scheduler-ui
2
alextselegidis/easyappointments
2
net.bull.javamelody:javamelody-core
2
js-data
2
zendframework/zend-db
2
pdfkit
2
github.com/gofiber/fiber/v2
2
github.com/crewjam/saml
2
pyyaml
2
async-git
2
nadesiko3
2
silverstripe/framework
2
flatmap-stream
2
org.springframework.amqp:spring-amqp
2
org.apache.shiro:shiro-web
2
wwbn/avideo
2
apache-superset
2
activerecord
2
org.jenkins-ci.plugins:semantic-versioning-plugin
2
url-parse
2
xmlhttprequest-ssl
2
stack_dst
2
puma
2
openmage/magento-lts
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/apache/airflow
14
https://github.com/saltstack/salt
13
https://github.com/PaddlePaddle/Paddle
11
https://github.com/mlflow/mlflow
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/tensorflow/tensorflow
9
https://github.com/funadmin/funadmin
9
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/top-think/framework
8
https://github.com/django/django
8
https://github.com/apache/inlong
8
https://github.com/langchain-ai/langchain
8
https://github.com/magento/magento2
8
https://github.com/ikus060/rdiffweb
8
https://github.com/ansible/ansible
7
https://github.com/python-pillow/Pillow
7
https://github.com/argoproj/argo-cd
7
https://github.com/gogs/gogs
7
https://github.com/Studio-42/elFinder
7
https://github.com/apache/struts
7
https://github.com/rusqlite/rusqlite
7
https://github.com/go-gitea/gitea
7
https://github.com/sequelize/sequelize
7
https://github.com/shopware/platform
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/parse-community/parse-server
6
https://github.com/shenzhim/aaptjs
6
https://github.com/answerdev/answer
6
https://github.com/symfony/symfony
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/moodle/moodle
5
https://github.com/apache/activemq
5
https://github.com/nervosnetwork/ckb
5
https://github.com/apache/tomcat
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/NodeBB/NodeBB
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/keycloak/keycloak
5
https://github.com/froxlor/froxlor
5
https://github.com/stealjs/steal
5
https://github.com/pippo-java/pippo
4
https://github.com/cloudfoundry/uaa
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/hwchase17/langchain
4
https://github.com/otake84/messagepack-rs
4
https://github.com/PrestaShop/PrestaShop
4
https://github.com/janeczku/calibre-web
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/swagger-api/swagger-ui
4
https://github.com/usememos/memos
4
https://github.com/dromara/hutool
4
https://github.com/spring-projects/spring-framework
4
https://github.com/liufee/cms
4
https://github.com/contao/contao
4
https://github.com/servo/rust-smallvec
4
https://github.com/CVEProject/cvelist
4
https://github.com/dompdf/dompdf
4
https://github.com/pyload/pyload
4
https://github.com/run-llama/llama_index
3
https://github.com/crewjam/saml
3
https://github.com/github/securitylab
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/facebook/hermes
3
https://github.com/rubygems/rubygems
3
https://github.com/apache/shiro
3
https://github.com/dataease/dataease
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/simpleledger/slpjs
3
https://github.com/twisted/twisted
3
https://github.com/pimcore/pimcore
3
https://github.com/jbroadway/elefant
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/opencast/opencast
3
https://github.com/strapi/strapi
3
https://github.com/mbechler/marshalsec
3
https://github.com/apache/camel
3
https://github.com/cobbler/cobbler
3
https://github.com/hazelcast/hazelcast
3
https://github.com/denoland/deno
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/smarty-php/smarty
3
https://github.com/dwisiswant0/advisory
3
https://github.com/centreon/centreon-archived
3
https://github.com/actix/actix-web
3
https://github.com/shopware/shopware
3
https://github.com/andrewhickman/id-map
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/star7th/showdoc
3
https://github.com/craftcms/cms
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/kjur/jsrsasign
3
https://github.com/octobercms/october
3
https://github.com/nukeviet/nukeviet
3
https://github.com/baserproject/basercms
3
https://github.com/rubygems/rubygems.org
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/dexidp/dex
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/publify/publify
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/facade/ignition
3
https://github.com/modoboa/modoboa
3
https://github.com/pterodactyl/wings
3
https://github.com/rancher/rancher
3
https://github.com/ibexa/core
3
https://github.com/neorazorx/facturascripts
3
https://github.com/netvl/acc_reader
2
https://github.com/ibexa/admin-ui
2
https://github.com/evmos/evmos
2
https://github.com/Automattic/mongoose
2
https://github.com/javamelody/javamelody
2
https://github.com/ADOdb/ADOdb
2
https://github.com/beego/beego
2
https://github.com/Kozea/Radicale
2
https://github.com/rochacbruno/quokka
2
https://github.com/graphite-project/graphite-web
2
https://github.com/jfinal/jfinal
2
https://github.com/intelliants/subrion
2
https://github.com/IceWhaleTech/CasaOS
2
https://github.com/MrSwitch/hello.js
2
https://github.com/josdejong/mathjs
2
https://github.com/apache/jmeter
2
https://github.com/rust-lang-nursery/failure
2
https://github.com/yaml/pyyaml
2
https://github.com/enonic/xp
2
https://github.com/jenkinsci/script-security-plugin
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/mautic/mautic
2
https://github.com/TribalSystems/Zenario
2
https://github.com/russellhaering/gosaml2
2
https://github.com/keystonejs/keystone
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/ahdinosaur/set-in
2
https://github.com/neo4j-contrib/neo4j-apoc-procedures
2
https://github.com/sidorares/node-mysql2
2
https://github.com/rest-client/rest-client
2
https://github.com/http4s/http4s
2
https://github.com/dominictarr/libnested
2
https://github.com/unshiftio/url-parse
2
https://github.com/totaljs/framework
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/puma/puma
2
https://github.com/fluxcd/flux2
2
https://github.com/thepowersgang/stack_dst-rs
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/scalyr/scalyr-agent-2
2
https://github.com/hashicorp/vault
2
https://github.com/noear/solon
2
https://github.com/js-data/js-data
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/top-think/thinkphp
2
https://github.com/kubernetes/kubernetes
2
https://github.com/getgrav/grav
2
https://github.com/SAP/cloud-pysec
2
https://github.com/nats-io/jwt
2
https://github.com/moby/buildkit
2
https://github.com/qcubed/qcubed
2
https://github.com/ionicabizau/parse-url
2
https://github.com/h2database/h2database
2
https://github.com/web2py/web2py
2
https://github.com/hashicorp/go-getter
2
https://github.com/apache/kylin
2
https://github.com/gnzlbg/slice_deque
2
https://github.com/apache/karaf
2
https://github.com/markevans/dragonfly
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/Codiad/Codiad
2
https://github.com/Netflix/security-bulletins
2
https://github.com/folio-org/mod-data-export-spring
2
https://github.com/vert-x3/vertx-web
2
https://github.com/TYPO3/phar-stream-wrapper
2
https://github.com/gventuri/pandas-ai
2
https://github.com/hashicorp/nomad
2
https://github.com/benbusby/whoogle-search
2
https://github.com/michaelschwarz/Ajax.NET-Professional
2
https://github.com/openstack/python-keystoneclient
2
https://github.com/drupal/core
2
https://github.com/reem/rust-traitobject
2
https://github.com/Agoric/realms-shim
2
https://github.com/codeigniter4/CodeIgniter4
2
https://github.com/ezsystems/ezplatform-admin-ui
2
https://github.com/laurent22/joplin
2
https://github.com/dominictarr/event-stream
2
https://github.com/dfinity/agent-js
2
https://github.com/KnpLabs/snappy
2
https://github.com/omrilotan/async-git
2
https://github.com/apache/incubator-streampark
2
https://gitlab.com/francoisjacquet/rosariosis
2
https://github.com/apache/dolphinscheduler
2