Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Low Security Advisories
Loading...
Low
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3M3gtZjV3eC1meHB3
Cross Site Scripting and RCE in baserCMSEcosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: over 3 years ago
Low
Ecosystems: npm
Packages: es5-ext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS00Z21qLTNwM2gtZ204aM4AA5gl
es5-ext vulnerable to Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`Ecosystems: npm
Packages: es5-ext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wMmdtLWZmcjMtdzJ4d84AAxfS
Nervos CKB vulnerable to low-resource flood DDoS attacks through network messageEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: npm
Packages: fast-xml-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS1ncHY1LTd4M2ctZ2hqds4AAz4I
fast-xml-parser regex vulnerability patch could be improved from a safety perspectiveEcosystems: npm
Packages: fast-xml-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: pypi
Packages: moin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1tOWo3LXhjajctNDJqOc4AAagr
MoinMoin Cross-site Scripting (XSS) vulnerabilityEcosystems: pypi
Packages: moin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Low
Ecosystems: pypi
Packages: ajenti
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS05Y3J4LXAzNTctNXZ3OM4AAeli
Ajenti Cross-site scripting (XSS) vulnerabilityEcosystems: pypi
Packages: ajenti
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Low
Ecosystems: npm
Packages: @apollo/server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS02OGpoLXJmNngtODM2Zs4AAz6F
@apollo/server vulnerable to unsafe application of Content Security Policy via reused noncesEcosystems: npm
Packages: @apollo/server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS14ajV2LTZ2NGctamZ3Ns4AA5mD
Rack has possible DoS Vulnerability with Range HeaderEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: npm
Packages: @floffah/build
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjZ3ItOTY5OC04Mmp4
Improper Neutralization of Special Elements used in a Command ('Command Injection') in @floffah/buildEcosystems: npm
Packages: @floffah/build
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: 3 months ago
GSA_kwCzR0hTQS05eHh2LXE2cHAtOTZ3cc4AA5mo
Concrete CMS Stored XSSEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: 3 months ago
Low
Ecosystems: packagist
Packages: croogo/croogo
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpmdmYtcmZtcS1xd2Y4
Croos-site scripting in CroogoEcosystems: packagist
Packages: croogo/croogo
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: almost 3 years ago
Low
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS05dng2LTd4eGYteDk2N84AA5qR
OpenZeppelin Contracts base64 encoding may read from potentially dirty memoryEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: go
Packages: go.etcd.io/etcd
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wNGc0LXdncmgtcXJnMs4AAxeb
Panic due to malformed WALs in go.etcd.io/etcdEcosystems: go
Packages: go.etcd.io/etcd
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: over 1 year ago
Low
Ecosystems: go
Packages: github.com/opencontainers/runc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc1NGgtbTM5My1jcHdx
devices resource list treated as a blacklist by defaultEcosystems: go
Packages: github.com/opencontainers/runc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Low
Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 2.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMzcDYtZng0Mi03cmY1
Harbor is vulnerable to a limited Server-Side Request Forgery (SSRF) (CVE-2020-13788)Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 2.4
Published: over 2 years ago
Low
Ecosystems: go
Packages: github.com/aws/aws-sdk-go
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmMzMtZjRmNS14d2d3
In-band key negotiation issue in AWS S3 Crypto SDK for golangEcosystems: go
Packages: github.com/aws/aws-sdk-go
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: over 2 years ago
Low
Ecosystems: go
Packages: github.com/tendermint/tendermint
Source: GitHub Advisory Database
Blast Radius: 10.8
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYyNGgtcGpqdi1tY3A2
Denial of service in TendermintEcosystems: go
Packages: github.com/tendermint/tendermint
Source: GitHub Advisory Database
Blast Radius: 10.8
Published: almost 3 years ago
Low
Ecosystems: go
Packages: github.com/cometbft/cometbft
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1ocTU4LXA5bXYtMzM4Y84AA2Jf
CometBFT's default for `BlockParams.MaxBytes` consensus parameter may increase block times and affect consensus participationEcosystems: go
Packages: github.com/cometbft/cometbft
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Low
Ecosystems: go
Packages: github.com/consensys/gnark-crypto
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS1wZmZnLTkyY2cteGY1Y84AA2Qs
gnark-crypto's exponentiation in the pairing target group GT using GLV can give incorrect resultsEcosystems: go
Packages: github.com/consensys/gnark-crypto
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Low
Ecosystems: maven
Packages: org.xmlunit:xmlunit-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 16 days ago
GSA_kwCzR0hTQS1jaGZtLTY4dnYtcHZ3Nc4AA7eI
XMLUnit for Java has Insecure Defaults when Processing XSLT StylesheetsEcosystems: maven
Packages: org.xmlunit:xmlunit-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 16 days ago
Low
Ecosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2ZmMtZzhqNS05Y2Nm
Generation of Error Message Containing Sensitive Information in KeycloakEcosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 2 years ago
Low
Ecosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: 8 months ago
GSA_kwCzR0hTQS0yNG01LXI2aHYtY2NncM4AA2C5
Specific Cilium configurations vulnerable to DoS via Kubernetes annotationsEcosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: 8 months ago
Low
Ecosystems: pypi
Packages: salt
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: about 2 years ago
GSA_kwCzR0hTQS1jdmNjLTV4OTItZ21oY802tg
SaltStack Salt Improper Authentication via Man in the Middle AttackEcosystems: pypi
Packages: salt
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: about 2 years ago
Low
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 7 months ago
GSA_kwCzR0hTQS13cXE0LTV3cHYtbXgyZ84AA2eY
Undici's cookie header not cleared on cross-origin redirect in fetchEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 7 months ago
Low
Ecosystems: npm
Packages: debug
Source: GitHub Advisory Database
Blast Radius: 22.8
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd4cGotY3g3Zy04NThj
Regular Expression Denial of Service in debugEcosystems: npm
Packages: debug
Source: GitHub Advisory Database
Blast Radius: 22.8
Published: almost 6 years ago
Low
Ecosystems: rubygems
Packages: solidus_backend
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: almost 2 years ago
GSA_kwCzR0hTQS04NjM5LXF4NTYtcjQyOM4AArTb
CSRF allows attacker to finalize/unfinalize order adjustments in solidus_backendEcosystems: rubygems
Packages: solidus_backend
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: almost 2 years ago
Low
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 2 months ago
GSA_kwCzR0hTQS1tNzMyLXd2aDItN2NxNM4AA6R7
Unauthenticated views may expose information to anonymous usersEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 2 months ago
Low
Ecosystems: packagist
Packages: phpmyfaq/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 2 months ago
GSA_kwCzR0hTQS1tbWg2LTVjcGYtMmM3Ms4AA6RR
phpMyFAQ Path Traversal in AttachmentsEcosystems: packagist
Packages: phpmyfaq/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ1MmctZjdmcC05amY3
Type confusion during tensor casts lead to dereferencing null pointersEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhjNmMtNzVwNC1obXE0
Reference binding to null pointer in `MatrixDiag*` opsEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM5M2YtMmpyMy1jcDY5
CHECK-fail in DrawBoundingBoxesEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRmZzQtcDc1ai13NXhq
Heap out of bounds in `QuantizedBatchNormWithGlobalNormalization`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 24 days ago
GSA_kwCzR0hTQS1weGh3LTU5NnItcndxNc4AA7Ph
Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission pluginEcosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 24 days ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY3OGctcTdyNC05d2N2
Division by 0 in `FractionalAvgPool`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: packagist
Packages: october/backend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhoZngtaGdtZi12NnZw
Potential Host Header Poisoning on misconfigured serversEcosystems: packagist
Packages: october/backend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Low
Ecosystems: packagist
Packages: admidio/admidio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS12bXhnLXd4NmMtNGYzcs4AA0CZ
Admidio Improper Access Control vulnerabilityEcosystems: packagist
Packages: admidio/admidio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFnNDgtODVoZy1tcWM1
Division by 0 in `DenseCountSparseOutput`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnNTMtNTZjZy00bThx
Token verification bug in next-authEcosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh3OTMtdjU3ai1mY2do
Division by 0 in `SparseMatMul`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThndjMtNTdwNi1nMzVy
Heap buffer overflow in `RaggedTensorToTensor`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: go
Packages: github.com/authzed/spicedb
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 11 months ago
GSA_kwCzR0hTQS1tNTRoLTV4NWYtNW02cs4AA0IM
SpiceDB's LookupResources may return partial resultsEcosystems: go
Packages: github.com/authzed/spicedb
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 11 months ago
Low
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS12NXAyLXZnM2MtcG1ycs2psg
Apache Tomcat Path Traversal VulnerabilityEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Low
Ecosystems: rubygems
Packages: spina
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: 11 months ago
GSA_kwCzR0hTQS05N3doLTZobWotZzhqOc4AA0GL
Spina Cross-site Scripting vulnerabilityEcosystems: rubygems
Packages: spina
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: 11 months ago
Low
Ecosystems: maven
Packages: org.keycloak:keycloak-server-spi-private, org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: 11 months ago
GSA_kwCzR0hTQS1mNWg0LXdtcDUteGhnNs4AA0KF
Client Spoofing within the Keycloak Device Authorisation GrantEcosystems: maven
Packages: org.keycloak:keycloak-server-spi-private, org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: 11 months ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEyNjMtZnZ4bS1tNW13
Heap out of bounds access in MakeEdge in TensorFlowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhodmMtZzVodi00OGM2
Write to immutable memory region in TensorFlowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5ZjMtOXdmci13Z2g3
Lack of validation in data format attributes in TensorFlowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 16 days ago
GSA_kwCzR0hTQS13MnY4LXBocDQtcDhoY84AA7eE
Wagtail has permission check bypass when editing a model with per-field restrictions through `wagtail.contrib.settings` or `ModelViewSet`Ecosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 16 days ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNoOG0tNDgzai03eHht
Heap out of bounds read in `RequantizationRange`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: datasette-graphql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc0aHYtcWpqcS1oN2c1
datasette-graphql leaks details of the schema of private database filesEcosystems: pypi
Packages: datasette-graphql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: plone.restapi
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: 8 months ago
GSA_kwCzR0hTQS1oYzVjLXI4bTUtMmdmaM4AA1_4
plone.restapi vulnerable to Stored Cross Site Scripting with SVG image in user portraitEcosystems: pypi
Packages: plone.restapi
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: 8 months ago
Low
Ecosystems: packagist
Packages: shopware/shopware
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI4ZnctODhocS02am1t
Persistent XSS in shopping worldsEcosystems: packagist
Packages: shopware/shopware
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: shopware/shopware
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhyZmgtZnA0eC1jcnJx
Persistent XSS in newsletter module in ShopwareEcosystems: packagist
Packages: shopware/shopware
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: go
Packages: github.com/flyteorg/flyteadmin
Source: GitHub Advisory Database
Blast Radius: 2.4
Published: 7 months ago
GSA_kwCzR0hTQS1yODQ3LTZ3NmgtcjhnNM4AA2vp
Flyte Admin SQL Injection in List FiltersEcosystems: go
Packages: github.com/flyteorg/flyteadmin
Source: GitHub Advisory Database
Blast Radius: 2.4
Published: 7 months ago
Low
Ecosystems: pypi
Packages: Zope
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 8 months ago
GSA_kwCzR0hTQS13bThxLTk5NzUteGg1ds4AA1_u
Zope vulnerable to Stored Cross Site Scripting with SVG imagesEcosystems: pypi
Packages: Zope
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 8 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 12 months ago
GSA_kwCzR0hTQS12eG1tLWN3aDItcTc2Ms4AAzbG
Vyper's nonpayable default functions are sometimes payableEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 12 months ago
Low
Ecosystems: npm
Packages: markdown-link-extractor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tbWg2LW03djktNTk1Ns4AArVk
Regular expression denial of service in markdown-link-extractorEcosystems: npm
Packages: markdown-link-extractor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS12bThxLW01N2ctcGZmM84AA6CU
Regular expression denial-of-service in DjangoEcosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Low
Ecosystems: go
Packages: github.com/containers/podman/v4
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: over 1 year ago
GSA_kwCzR0hTQS1ycHJnLTR2N3EtODd2N84AAwOX
Buildah (as part of Podman) vulnerable to Path TraversalEcosystems: go
Packages: github.com/containers/podman/v4
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: xmpp-http-upload
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3djUtdzhnbS1mcTlm
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT requestEcosystems: pypi
Packages: xmpp-http-upload
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg4aDYteGdxeC1qcWdw
Undefined behavior and `CHECK`-fail in `FractionalMaxPoolGrad`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZxMnItNXh2bS0zaGMz
Segfault in `CTCBeamSearchDecoder`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: rubygems
Packages: personnummer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwOWMtZnB4eC03NDR2
personnummer/ruby vulnerable to Improper Input ValidationEcosystems: rubygems
Packages: personnummer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:telegrambot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
GSA_kwCzR0hTQS05NHByLXc5NjgtaDkyM84AA7fp
Jenkins Telegram Bot Plugin stores the Telegram Bot token in plaintextEcosystems: maven
Packages: org.jenkins-ci.plugins:telegrambot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Low
Ecosystems: cargo
Packages: vodozemac
Source: GitHub Advisory Database
Blast Radius: 3.5
Published: 14 days ago
GSA_kwCzR0hTQS1jM2htLWh4d2YtZzVjNs4AA7v1
vodozemac has degraded secret zeroization capabilitiesEcosystems: cargo
Packages: vodozemac
Source: GitHub Advisory Database
Blast Radius: 3.5
Published: 14 days ago
Low
Ecosystems: go
Packages: github.com/slsa-framework/slsa-verifier, github.com/slsa-framework/slsa-verifier/v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
GSA_kwCzR0hTQS1yMnh2LXZwcjItNDJtOc4AA2_p
slsa-verifier vulnerable to mproper validation of npm's publish attestationsEcosystems: go
Packages: github.com/slsa-framework/slsa-verifier, github.com/slsa-framework/slsa-verifier/v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
Low
Ecosystems: pypi
Packages: tqdm
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: 14 days ago
GSA_kwCzR0hTQS1nN3Z2LTJ2N3gtZ2o5cM4AA7v0
tqdm CLI arguments injection attackEcosystems: pypi
Packages: tqdm
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: 14 days ago
Low
Ecosystems: npm
Packages: type-graphql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmNjQtMmY5cC02cHFx
Information Exposure in type-graphqlEcosystems: npm
Packages: type-graphql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-openid
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: 8 months ago
GSA_kwCzR0hTQS1wd2g4LTU4dnYtdnc0OM4AA15T
Jetty's OpenId Revoked authentication allows one requestEcosystems: maven
Packages: org.eclipse.jetty:jetty-openid
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: 8 months ago
Low
Ecosystems: npm
Packages: bin-links
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY0NW0tMndjcC1nZzk4
Global node_modules Binary Overwrite in bin-linksEcosystems: npm
Packages: bin-links
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY1MnAtaGZqZi13Zzg4
Division by zero in TFLite's implementation of `SpaceToBatchNd`Ecosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: 6 months ago
GSA_kwCzR0hTQS0zNmZyLTN3ZzgtcTV2OM4AA3O6
Concrete CMS Cross-site Scripting vulnerabilityEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: 6 months ago
Low
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: 10 months ago
GSA_kwCzR0hTQS05amZ4LTg0djktMnJyMs4AA0z2
Nomad Caller ACL Token’s Secret ID is Exposed to SentinelEcosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: 10 months ago
Low
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: over 2 years ago
GSA_kwCzR0hTQS1tNDM0LW01cHYtcDM1d80mbQ
Insufficient user authorization in MoodleEcosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: over 2 years ago
Low
Ecosystems: npm
Packages: apostrophe
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB2NnItdmNoaC1jeGc5
Denial of Service in apostropheEcosystems: npm
Packages: apostrophe
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: firebase-tools
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 15 days ago
GSA_kwCzR0hTQS1yY20yLTIyZjMtcHF2M84AA7fu
Firebase vulnerable to CRSF attackEcosystems: npm
Packages: firebase-tools
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 15 days ago
Low
Ecosystems: npm
Packages: put
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2Z3YtZmc0Ni1oODlq
Sensitive Data Exposure in putEcosystems: npm
Packages: put
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: bigint-money
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlyM20tbWhmbS0zOWNt
Incorrect Calculation in bigint-moneyEcosystems: npm
Packages: bigint-money
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: merge-objects
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk5MmYtd2Y0dy14MzZ2
Prototype Pollution in merge-objectsEcosystems: npm
Packages: merge-objects
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: ascii-art
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlocWotMzhqMi01amdt
Command Injection in ascii-artEcosystems: npm
Packages: ascii-art
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: npm
Packages: njwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWczcXctOXBncC14cGo0
Out-of-bounds Read in njwtEcosystems: npm
Packages: njwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF3NWgtN2Y1My14cnA2
Stack overflow in `ParseAttrValue` with nested tensorsEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: go
Packages: github.com/canonical/lxd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
GSA_kwCzR0hTQS14OXFxLTIzNmotZ2o5N84AA3lE
Canonical LXD documentation improvement to make clear restricted.devices.disk=allow without restricted.devices.disk.paths also allows shift=trueEcosystems: go
Packages: github.com/canonical/lxd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Low
Ecosystems: npm
Packages: hooka-tools
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zNm0teDRjNS1yanhq
Silently Runs Cryptocoin Miner in hooka-toolsEcosystems: npm
Packages: hooka-tools
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd2anctcDlmNS12cTI4
Segfault in `tf.raw_ops.SparseCountSparseOutput`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: npm
Packages: seneca
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4d3YtM2NjOS1mcDdj
Sensitive Data Exposure in senecaEcosystems: npm
Packages: seneca
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
Low
Ecosystems: pypi
Packages: RPLY
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS05Z2NmLXBxOTktcmp3M84AAZrR
RPLY Predictable Tmpfile Names Allows Cache SpoofingEcosystems: pypi
Packages: RPLY
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Low
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS1yMzJnLXc5Y3YtOWZnY84AA6g_
RosarioSIS cross site scripting vulnerabilityEcosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Low
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 1 month ago
GSA_kwCzR0hTQS03NWhxLWg2ZzktaDRxNc4AA6jC
Wasmtime vulnerable to panic when using a dropped extenref-typed element segmentEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 1 month ago
Low
Ecosystems: cargo
Packages: zerocopy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
GSA_kwCzR0hTQS0zbXY1LTM0M2MtdzJxZ84AA3yl
Ref methods into_ref, into_mut, into_slice, and into_slice_mut are unsound when used with cell::Ref or cell::RefMutEcosystems: cargo
Packages: zerocopy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Low
Ecosystems: packagist
Packages: kimai/kimai
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: 10 days ago
GSA_kwCzR0hTQS02ZjN2LTJyMmotMnJwcs4AA70x
Kimai information disclosure vulnerabilityEcosystems: packagist
Packages: kimai/kimai
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: 10 days ago
Low
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2d3AtNG02Zi1nY2pn
`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: about 3 years ago
Low
Ecosystems: pypi
Packages: keylime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS1nNHdnLWNmcGYtOTY4Oc4AA0zn
keylime fails to flag device as untrusted when signature does not validateEcosystems: pypi
Packages: keylime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Low
Ecosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 11 months ago
GSA_kwCzR0hTQS1qaHByLWo3Y3EtM2pwM84AAz_s
Flask-AppBuilder vulnerable to possible disclosure of sensitive information on user errorEcosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 11 months ago
Low
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: about 2 years ago
GSA_kwCzR0hTQS1mcDZwLTV4dnctbTc0Zs4AAZQc
Django User Enumeration VulnerabilityEcosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: about 2 years ago
Low
Ecosystems: pypi, nuget, maven
Packages: mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 1 year ago
GSA_kwCzR0hTQS1qZjJwLTRncWotODQ5Z84AAwED
Temporary File Information Disclosure vulnerability in MPXJEcosystems: pypi, nuget, maven
Packages: mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 1 year ago
Low
Ecosystems: rubygems
Packages: kafo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1oeHZwLTY1NXgteHhxds4AAekI
Kafo allows local users to obtain passwords and other sensitive information by reading default_values.yamlEcosystems: rubygems
Packages: kafo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Low
Ecosystems: go
Packages: go.elastic.co/apm
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFxYzUtcmdjYy1janFo
Information Disclosure in go.elastic.co/apmEcosystems: go
Packages: go.elastic.co/apm
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: almost 3 years ago
Low
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyM20tajZ4NS00OG0z
Cross Site Scripting(XSS) Vulnerability in Latest Release 4.3.6 Site basic settingsEcosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: mindspore
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 12 months ago
GSA_kwCzR0hTQS14NjdnLTQ3cDMtcmM3Zs4AAzg9
MindSpore vulnerable to memory corruptionEcosystems: pypi
Packages: mindspore
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 12 months ago
Statistics
Advisories: 18,752
Packages: 8,375
Repositories: 449
Ecosystems: 12
Packages: 8,375
Repositories: 449
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
109
tensorflow-gpu
93
tensorflow-cpu
93
moodle/moodle
17
concrete5/concrete5
13
shopware/platform
12
typo3/cms
11
phpmyadmin/phpmyadmin
10
shopware/core
10
github.com/mattermost/mattermost/server/v8
10
nova
9
org.jenkins-ci.main:jenkins-core
9
org.apache.tomcat:tomcat
9
vyper
7
matrix-synapse
7
Umbraco.CMS
6
puppet
6
ansible
5
sweetalert2
5
baserproject/basercms
5
october/backend
5
undici
5
k8s.io/kubernetes
5
typo3/cms-core
5
wasmtime
5
helm.sh/helm/v3
5
rack
5
org.keycloak:keycloak-services
4
electron
4
helm.sh/helm
4
github.com/cilium/cilium
4
github.com/mattermost/mattermost-server/v6
4
magento/community-edition
4
actionpack
4
simplesamlphp/simplesamlphp
4
shopware/shopware
4
com.vaadin:flow-server
4
plone
3
github.com/cosmos/cosmos-sdk
3
sylius/sylius
3
bin-links
3
@openzeppelin/contracts-upgradeable
3
nautobot
3
passenger
3
com.vaadin:vaadin-bom
3
ckb
3
httplib2
3
ethyca-fides
3
glance
3
node-forge
3
org.apache.hive:hive-exec
3
org.graylog2:graylog2-server
3
go.etcd.io/etcd
3
cryptography
3
org.apache.hive:hive
3
org.apache.hive:hive-service
3
github.com/mattermost/mattermost-server
3
symfony/symfony
3
wagtail
3
moin
2
org.jenkins-ci.plugins:azure-ad
2
tuf
2
ceph-deploy
2
github.com/opencontainers/runc
2
silverstripe/framework
2
pip
2
org.apache.activemq:activemq-parent
2
typo3/cms-frontend
2
craftcms/cms
2
@openzeppelin/contracts
2
@apollo/server
2
Pillow
2
github.com/answerdev/answer
2
github.com/authzed/spicedb
2
github.com/containerd/containerd
2
next-auth
2
node-ipc
2
org.jenkins-ci.plugins:ec2
2
Django
2
org.jenkins-ci.plugins:bigpanda-jenkins
2
django
2
braces
2
winter/wn-backend-module
2
github.com/sigstore/cosign
2
salt
2
Flask-Security-Too
2
com.inedo.proget:inedo-proget
2
tools.devnull:build-notifications
2
org.jenkins-ci.plugins:mercurial
2
org.eclipse.jetty:jetty-server
2
cargo
2
s2n-quic
2
vantage6
2
symfony/security-http
2
org.xwiki.platform:xwiki-platform-oldcore
2
horizon
2
october/cms
2
github.com/mattermost/mattermost-plugin-jira
2
com.ruoyi:ruoyi
2
Nova
2
parse-server
2
flarum/core
2
activesupport
2
org.jenkins-ci.plugins:artifactory
2
github.com/ntbosscher/gobase
2
langchain
2
org.jenkins-ci.plugins:wso2id-oauth
2
keystone
2
microweber/microweber
2
github.com/cometbft/cometbft
2
org.bouncycastle:bcprov-jdk14
2
gilacms/gila
2
github.com/hashicorp/nomad
2
OctoPrint
2
Zope
2
grumpydictator/firefly-iii
2
aiohttp
2
typo3/cms-install
2
github.com/mutagen-io/mutagen
2
go.etcd.io/etcd/client/v3
2
ezsystems/ezpublish-kernel
2
ezsystems/ezplatform-kernel
2
org.jenkins-ci.plugins:repository-connector
2
Flask-AppBuilder
2
es5-ext
1
fast-xml-parser
1
org.scala-sbt:sbt
1
rabbit_common
1
org.scala-sbt:io_2.12
1
org.scala-sbt:io_2.13
1
org.wiremock:wiremock
1
org.wiremock:wiremock-standalone
1
org.scala-sbt:io_3
1
ajenti
1
org.jenkins-ci.plugins:snsnotify
1
com.github.tomakehurst:wiremock-jre8
1
github.com/oauth2-proxy/oauth2-proxy
1
com.github.tomakehurst:wiremock-jre8-standalone
1
wiremock
1
github.com/nats-io/nats-server/v2
1
org.keycloak:keycloak-core
1
org.jenkins-ci.plugins:openshift-deployer
1
@liquity/contracts
1
org.xwiki.platform:xwiki-platform-security-authentication-script
1
@diez/generation
1
hyper
1
github.com/oauth2-proxy/oauth2-proxy/v7
1
github.com/Masterminds/goutils
1
qutebrowser
1
automad/automad
1
mindspore
1
go.elastic.co/apm
1
kafo
1
net.sf.mpxj:mpxj
1
net.sf.mpxj
1
net.sf.mpxj-for-csharp
1
net.sf.mpxj-for-vb
1
mpxj
1
keylime
1
kimai/kimai
1
zerocopy
1
francoisjacquet/rosariosis
1
RPLY
1
seneca
1
hooka-tools
1
github.com/canonical/lxd
1
org.bouncycastle:bcprov-jdk15to18
1
org.bouncycastle:bcprov-jdk13
1
org.bouncycastle:bcprov-jdk12
1
io.jenkins.plugins:gitlab-branch-source
1
org.springframework.batch:spring-batch-core
1
org.jenkins-ci.plugins:ghprb
1
com.xuxueli:xxl-job-core
1
virtualenv
1
com.typesafe.play:play
1
nokogiri
1
ember-source
1
@aedart/support
1
streamlit
1
org.jenkins-ci.plugins:reverse-proxy-auth-plugin
1
thelounge
1
flarum/framework
1
Werkzeug
1
markdown-link-extractor
1
github.com/flyteorg/flyteadmin
1
plone.restapi
1
datasette-graphql
1
org.keycloak:keycloak-server-spi-private
1
spina
1
admidio/admidio
1
phpmyfaq/phpmyfaq
1
solidus_backend
1
debug
1
org.keycloak:keycloak-parent
1
org.xmlunit:xmlunit-core
1
github.com/consensys/gnark-crypto
1
github.com/tendermint/tendermint
1
github.com/aws/aws-sdk-go
1
github.com/goharbor/harbor
1
croogo/croogo
1
Filter by Repository
https://github.com/tensorflow/tensorflow
109
https://github.com/moodle/moodle
17
https://github.com/concretecms/concretecms
13
https://github.com/shopware/platform
12
https://github.com/openstack/nova
11
https://github.com/etcd-io/etcd
8
https://github.com/umbraco/Umbraco-CMS
7
https://github.com/matrix-org/synapse
7
https://github.com/phpmyadmin/phpmyadmin
7
https://github.com/eclipse/jetty.project
7
https://github.com/vyperlang/vyper
7
https://github.com/octobercms/october
7
https://github.com/rails/rails
6
https://github.com/sweetalert2/sweetalert2
5
https://github.com/nodejs/undici
5
https://github.com/rack/rack
5
https://github.com/ansible/ansible
5
https://github.com/helm/helm
5
https://github.com/kubernetes/kubernetes
5
https://github.com/keycloak/keycloak
5
https://github.com/bytecodealliance/wasmtime
5
https://github.com/baserproject/basercms
5
https://github.com/TYPO3/typo3
5
https://github.com/xwiki/xwiki-platform
5
https://github.com/puppetlabs/puppet
5
https://github.com/jenkinsci/jenkins
5
https://github.com/simplesamlphp/simplesamlphp
4
https://github.com/apache/tomcat
4
https://github.com/cilium/cilium
4
https://github.com/wintercms/winter
4
https://github.com/shopware/shopware
4
https://github.com/electron/electron
4
https://github.com/mattermost/mattermost
4
https://github.com/vaadin/platform
4
https://github.com/Graylog2/graylog2-server
3
https://github.com/nautobot/nautobot
3
https://github.com/wagtail/wagtail
3
https://github.com/digitalbazaar/forge
3
https://github.com/CVEProject/cvelist
3
https://github.com/httplib2/httplib2
3
https://github.com/vaadin/flow
3
https://github.com/symfony/symfony
3
https://github.com/ethyca/fides
3
https://github.com/cosmos/cosmos-sdk
3
https://github.com/django/django
3
https://github.com/pyca/cryptography
3
https://github.com/Sylius/Sylius
3
https://github.com/vantage6/vantage6
3
https://github.com/nervosnetwork/ckb
3
https://github.com/phusion/passenger
3
https://github.com/openstack/keystone
3
https://github.com/jenkinsci/ec2-plugin
2
https://github.com/saltstack/salt
2
https://github.com/quarkusio/quarkus
2
https://github.com/ezsystems/ezplatform-kernel
2
https://github.com/openstack/glance
2
https://github.com/nats-io/nats-server
2
https://github.com/craftcms/cms
2
https://github.com/RIAEvangelist/node-ipc
2
https://github.com/containerd/containerd
2
https://github.com/zopefoundation/Zope
2
https://github.com/microweber/microweber
2
https://github.com/ceph/ceph-deploy
2
https://github.com/cometbft/cometbft
2
https://github.com/nextauthjs/next-auth
2
https://github.com/ntbosscher/gobase
2
https://github.com/aws/s2n-quic
2
https://github.com/apollographql/apollo-server
2
https://github.com/apache/activemq
2
https://github.com/aio-libs/aiohttp
2
https://github.com/octoprint/octoprint
2
https://gitlab.com/sequoia-pgp/sequoia
2
https://github.com/answerdev/answer
2
https://github.com/mutagen-io/mutagen
2
https://github.com/opencontainers/runc
2
https://github.com/GilaCMS/gila
2
https://github.com/micromatch/braces
2
https://github.com/pypa/pip
2
https://github.com/TYPO3/TYPO3.CMS
2
https://github.com/Flask-Middleware/flask-security
2
https://github.com/firefly-iii/firefly-iii
2
https://github.com/hashicorp/nomad
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/theupdateframework/python-tuf
2
https://github.com/mattermost/mattermost-plugin-jira
2
https://github.com/bcgit/bc-java
2
https://github.com/parse-community/parse-server
2
https://github.com/opencontainers/distribution-spec
2
https://github.com/dpgaspar/Flask-AppBuilder
2
https://github.com/flarum/framework
2
https://github.com/rust-lang/cargo
2
https://github.com/authzed/spicedb
2
https://github.com/openstack/horizon
2
https://github.com/sigstore/cosign
2
https://github.com/thelounge/thelounge
1
https://github.com/plone/Products.CMFPlone
1
https://github.com/dojo/dijit
1
https://github.com/jenkinsci/mercurial-plugin
1
https://github.com/Consensys/gnark-crypto
1
https://github.com/personnummer/csharp
1
https://github.com/joeferner/redis-commander
1
https://github.com/fastify/fastify-http-proxy
1
https://github.com/brefphp/bref
1
https://github.com/electron-userland/electron-packager
1
https://github.com/knative-extensions/eventing-github
1
https://github.com/swagger-api/swagger-codegen
1
https://github.com/Azure/setup-kubectl
1
https://github.com/httpie/httpie
1
https://github.com/canonical/lxd
1
https://github.com/jquery-validation/jquery-validation
1
https://github.com/yiisoft/yii2-authclient
1
https://github.com/vapor/postgres-nio
1
https://github.com/waysact/webpack-subresource-integrity
1
https://github.com/google/zerocopy
1
https://github.com/keystonejs/keystone
1
https://github.com/ezsystems/ezpublish-kernel
1
https://github.com/tinymce/tinymce
1
https://github.com/NVIDIA/NeMo
1
https://github.com/croogo/croogo
1
https://github.com/derbyjs/derby
1
https://github.com/puma/puma
1
https://github.com/endojs/endo
1
https://github.com/moq/moq
1
https://github.com/rails/globalid
1
https://github.com/medikoo/es5-ext
1
https://github.com/jenkinsci/email-ext-plugin
1
https://github.com/python-imaging/Pillow
1
https://github.com/jenkinsci/qmetry-for-jira-test-management-plugin
1
https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID
1
https://github.com/simplegeo/python-oauth2
1
https://github.com/decidim/decidim
1
https://github.com/spinacms/spina
1
https://github.com/keylime/keylime
1
https://github.com/vega/vega
1
https://github.com/Masterminds/goutils
1
https://github.com/skylot/jadx
1
https://github.com/cloudfoundry/uaa
1
https://github.com/directus/directus
1
https://github.com/Twipped/ircdkit
1
https://github.com/spring-projects/spring-data-rest
1
https://github.com/ktorio/ktor
1
https://github.com/PrestaShop/productcomments
1
https://github.com/mlflow/mlflow
1
https://github.com/kopia/kopia
1
https://github.com/fluent/fluentd
1
https://github.com/jcubic/jquery.terminal
1
https://github.com/lexik/LexikJWTAuthenticationBundle
1
https://github.com/kitabisa/teler
1
https://github.com/firebase/firebase-tools
1
https://github.com/jeremylong/DependencyCheck
1
https://github.com/tauri-apps/tauri
1
https://github.com/node-red/node-red
1
https://github.com/ubernostrum/django-registration
1
https://github.com/personnummer/php
1
https://github.com/openjdk/jfx
1
https://github.com/livehelperchat/livehelperchat
1
https://github.com/CosmWasm/cosmwasm
1
https://github.com/cjvnjde/google-translate-api-browser
1
https://github.com/floriangaerber/Magnesium-PHP
1
https://github.com/zowe/imperative
1
https://github.com/jenkinsci/digitalocean-plugin
1
https://github.com/theupdateframework/go-tuf
1
https://github.com/admidio/admidio
1
https://github.com/jenkinsci/inedo-buildmaster-plugin
1
https://github.com/onionshare/onionshare
1
https://github.com/sparklemotion/sqlite3-ruby
1
https://github.com/memorysafety/sudo-rs
1
https://github.com/ericcornelissen/shescape
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/tailscale/tailscale
1
https://github.com/Nebulosus/shamir
1
https://github.com/ajenti/ajenti
1
https://github.com/xuxueli/xxl-job
1
https://github.com/yourls/yourls
1
https://github.com/bbatsov/rubocop
1
https://github.com/dan1hc/fgr
1
https://github.com/jenkinsci/github-plugin
1
https://github.com/kiwitcms/Kiwi
1
https://github.com/gradle/gradle
1
https://gitlab.com/edneville/please
1
https://github.com/xmlunit/xmlunit
1
https://github.com/octokit/octopoller.rb
1
https://github.com/disintegration/imaging
1
https://github.com/node-js-libs/cli
1
https://github.com/Brondahl/EnumStringValues
1
https://github.com/foxcpp/maddy
1
https://github.com/jenkinsci/git-client-plugin
1
https://github.com/personnummer/go
1
https://github.com/amundsen-io/amundsenfrontendlibrary
1
https://github.com/elastic/apm-agent-go
1
https://github.com/rust-vmm/linux-loader
1
https://github.com/jenkinsci/resource-disposer-plugin
1
https://github.com/zopefoundation/Products.GenericSetup
1
https://github.com/npm/npm
1
https://github.com/triaxtec/openapi-python-client
1
https://github.com/arguiot/EyeJS
1
https://github.com/dub-flow/vulnerability-research
1
https://github.com/jenkinsci/gitlab-plugin
1
https://github.com/impredicative/bitlyshortener
1