Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

High Security Advisories

Loading...
High
GSA_kwCzR0hTQS05ZzMzLTQ4amgtanE3ds4AAgZF
Cross Site Request Forgery in Jenkins SSH Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ssh
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS14NWptLXJqMzctNXFoN83maA
Sandbox Bypass in Script Security Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI0d2YtN3ZmMi1wdjU5
XXE vulnerability on Launch import with externally-defined DTD file
Ecosystems: maven
Packages: com.epam.reportportal:service-api
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNwd2gtNW1tYy1td3J4
Denial of Service in nes
Ecosystems: npm
Packages: nes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4aGYteDQ5Yy1tNW02
Github Token Leak in aegir
Ecosystems: npm
Packages: aegir
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
High
GSA_kwCzR0hTQS04NzZwLTgyNTkteGpnZ84AA1LS
libp2p nodes vulnerable to attack using large RSA keys
Ecosystems: go
Packages: github.com/libp2p/go-libp2p
Source: GitHub Advisory Database
Blast Radius: 25.5
Published: 9 months ago
High
GSA_kwCzR0hTQS14dzJyLWY4eHYtYzh4cM4AA1LX
PrestaShop XSS injection through Validate::isCleanHTML method
Ecosystems: packagist
Packages: prestashop/prestashop
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: 9 months ago
High
GSA_kwCzR0hTQS1nN3dtLTIybTYtNTc3NM4AAUex
Asset Pipeline plugin for Grails vulnerable to Path Traversal
Ecosystems: maven
Packages: org.grails.plugins:asset-pipeline
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS12cmg3LXg2NHYtN3Z4cc4AAxfo
openssl-src contains `NULL` dereference during PKCS7 data verification
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdydnItOG1weC1yN3Bw
mime Regular Expression Denial of Service when MIME lookup performed on untrusted user input
Ecosystems: npm
Packages: mime
Source: GitHub Advisory Database
Blast Radius: 48.1
Published: almost 6 years ago
High
GSA_kwCzR0hTQS1mcTU2LWM3cmotajNqOc0sKg
Missing permission checks in Jenkins Chef Sinatra Plugin allow XXE
Ecosystems: maven
Packages: org.jenkins-ci.plugins:sinatra-chef-builder
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS02OTg4LWc4OW0tMjd2Zs4AAniS
Magento stored cross-site scripting (XSS) in the customer address upload feature
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1tNXdwLXAzZ2otN3E1Z80sLA
Missing Authorization in Jenkins dbCharts Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dbCharts
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS01cDRoLTMzNzctN3c2N839kg
golang.org/x/net/html NULL Pointer Dereference vulnerability
Ecosystems: go
Packages: golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYyZzktNmh3NS1yd2Zw
Path Traversal in resolve-path
Ecosystems: npm
Packages: resolve-path
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: almost 6 years ago
High
GSA_kwCzR0hTQS1oOGptLTJ4NTMteGhwNc4AAvn1
X.509 Email Address Variable Length Buffer Overflow
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 1 year ago
High
GSA_kwCzR0hTQS02NTVxLTlndmctcTRjbc4AAjQ_
Remote code execution in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.Http.Connections, Microsoft.AspNetCore.App, Microsoft.AspNetCore.All
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS05Nnh2LXJtd2otNnA5d84AAz6C
Grav Server-side Template Injection (SSTI) via Twig Default Filters
Ecosystems: packagist
Packages: getgrav/grav
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 11 months ago
High
GSA_kwCzR0hTQS1tdjQyLXB4NTQtODdqd84AATn6
Improper Access Control in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2bXItcHhnNC02OGh4
Symlink Arbitrary File Overwrite in bower
Ecosystems: npm
Packages: bower
Source: GitHub Advisory Database
Blast Radius: 39.2
Published: over 4 years ago
High
GSA_kwCzR0hTQS03anczLTVxNHctODlxZ84AAQY6
Improper Input Validation in Apache Struts
Ecosystems: maven
Packages: org.apache.struts:struts-core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: about 2 years ago
High
GSA_kwCzR0hTQS01dzVtLXBmdzktYzhmcM4AAzxe
Snowflake Python Connector vulnerable to Command Injection
Ecosystems: pypi
Packages: snowflake-connector-python
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: 11 months ago
High
GSA_kwCzR0hTQS00djY3LXdnODgtMzdwOc4AAbLR
Apache OpenMeetings displays Tomcat version and detailed error stack trace
Ecosystems: maven
Packages: org.apache.openmeetings:openmeetings-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1tZzNtLWY0NzUtMjhods0YQg
Path Traversal in @backstage/plugin-scaffolder-backend
Ecosystems: npm
Packages: @backstage/plugin-scaffolder-backend
Source: GitHub Advisory Database
Blast Radius: 22.3
Published: over 2 years ago
High
GSA_kwCzR0hTQS1oZjRwLW1oYzgteDJncM4AATm7
Apache Archiva vulnerable to Cross Site Request Forgery
Ecosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1ycjMzLWo1cDUtcHBmOM3X3w
GeoServer allows SSRF via the option for setting a proxy host
Ecosystems: maven
Packages: org.geoserver:gs-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS13cnhmLXg4cm0tNmdnZ84AAyiM
Fluent Fluentd and Fluent-ui use default password
Ecosystems: rubygems
Packages: fluentd-ui, fluentd
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: about 1 year ago
High
GSA_kwCzR0hTQS0yangyLXFjbTQtcmY5aM4AAzw_
Incomplete Internal State Distinction in GRPCWebToHTTP2ServerCodec
Ecosystems: swift
Packages: github.com/grpc/grpc-swift
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM5cGotZ3E4cS05cGZq
Authentication Weakness in keystone
Ecosystems: npm
Packages: keystone
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: almost 6 years ago
High
GSA_kwCzR0hTQS1xNG1wLWp2aDItNzZmas4AAv2m
Pillow subject to DoS via SAMPLESPERPIXEL tag
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: over 1 year ago
High
GSA_kwCzR0hTQS04bTQ5LTJ4ajgtNjd2Oc03OA
Data Loss/Denial of Service in SWHKD
Ecosystems: cargo
Packages: Simple-Wayland-HotKey-Daemon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1ndzQyLWY5MzktZmh2bc4AAzcT
Administration Console authentication bypass in openfire xmppserver
Ecosystems: maven
Packages: org.igniterealtime.openfire:xmppserver
Source: GitHub Advisory Database
Blast Radius: 13.1
Published: 12 months ago
High
GSA_kwCzR0hTQS01aGpoLWMyNm0teHc4d83X2w
ProxyScotch is vulnerable to a server-side Request Forgery (SSRF)
Ecosystems: go
Packages: github.com/hoppscotch/proxyscotch
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1xYzRqLWhyajYtY3BwZs4AA3R3
upydev has weak encryption padding
Ecosystems: pypi
Packages: upydev
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
High
GSA_kwCzR0hTQS1tcTR2LTZ2ZzQtNzk2Y84AA1P3
apache-airflow-providers-apache-drill Improper Input Validation vulnerability
Ecosystems: pypi
Packages: apache-airflow-providers-apache-drill
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: 9 months ago
High
GSA_kwCzR0hTQS1tZjdjLTM1bXEtNzVwas4AAW6w
Insecure Inherited Permissions in Apache Hadoop
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: about 2 years ago
High
GSA_kwCzR0hTQS03NzNnLXgyNzQtOHFtZs4AAzue
SwiftNIO Extras vulnerable to improper detection of complete HTTP body decompression
Ecosystems: swift
Packages: github.com/apple/swift-nio-extras
Source: GitHub Advisory Database
Blast Radius: 20.6
Published: 11 months ago
High
GSA_kwCzR0hTQS03cnZwLXhxajctcnhmMs4AA1QS
Daylight Studio FUEL-CMS SQLi Vulnerability
Ecosystems: packagist
Packages: codeigniter/framework
Source: GitHub Advisory Database
Blast Radius: 23.8
Published: 9 months ago
High
GSA_kwCzR0hTQS04eGM2LWc4eHctaDJjNM0_nw
YARP Denial of Service Vulnerability
Ecosystems: nuget
Packages: Yarp.ReverseProxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgzcjMtYzc5dy1mNndj
High severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service
Ecosystems: maven
Packages: org.apache.hive:hive-service, org.apache.hive:hive-exec, org.apache.hive:hive
Source: GitHub Advisory Database
Blast Radius: 28.9
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY4NjUtbTZjcS1qOXZ4
ReDOS in Mpmath
Ecosystems: pypi
Packages: mpmath
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh2Y2gtcjR3Zi1oOHc5
Improper Certificate Validation in proton-j
Ecosystems: maven
Packages: org.apache.qpid:proton-j
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: over 5 years ago
High
GSA_kwCzR0hTQS00Njk2LWc3amoteGcyaM4AAuES
Mapbox is vulnerable to Integer Overflow
Ecosystems: maven
Packages: com.mapbox.mapboxsdk:mapbox-android-core
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: over 1 year ago
High
GSA_kwCzR0hTQS12aGdyLWdmeDMtZmczN803hg
Unrestricted Upload of File with Dangerous Type in WPanel 4
Ecosystems: packagist
Packages: wpanel/wpanel4-cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS03bWZyLTc3NGYtdzVyOc06lg
Improper Certificate Validation
Ecosystems: nuget
Packages: Microsoft.NETCore.App, System.Security.Cryptography.X509Certificates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1obTM3LTl4aDItcTQ5Oc4AAtHw
Possible leak of key's raw field if declared length is incorrect
Ecosystems: pypi
Packages: openssh-key-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oNjQyLTVoNzQtM3g5Y84AAs7r
Reflected Cross-site Scripting in Jenkins Nested View Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:nested-view
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4NnItNzQyNy05NWNt
Deserialization of Untrusted Data in Apache Camel RabbitMQ
Ecosystems: maven
Packages: org.apache.camel:camel-rabbitmq
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: almost 3 years ago
High
GSA_kwCzR0hTQS02OTIzLTU0NnAtNnJyY84AAs7q
Cross-site Scripting in Jenkins Image Tag Parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:image-tag-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0yOWY4LXE3bWYtN2Nxas04tg
Logic error in Apache Pinot
Ecosystems: maven
Packages: org.apache.pinot:pinot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1cTgtNTY5Ny05cDlo
Cross-Site Request Forgery in express-cart
Ecosystems: npm
Packages: express-cart
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhnYzktOXc0di1oMzNo
High severity vulnerability that affects org.apache.syncope:syncope-core
Ecosystems: maven
Packages: org.apache.syncope:syncope-core
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: over 5 years ago
High
GSA_kwCzR0hTQS04cng2LXY1cTQteHczas02sA
enkins Coverage/Complexity Scatter Plot Plugin XML External Entity Reference vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:covcomplplot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1mOTlyLWpqZ3ItZjM3M804wg
SQL injection in ImpressCMS
Ecosystems: packagist
Packages: impresscms/impresscms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS13bTVnLXA5OXEtNjZnNM4AAz3C
elFinder vulnerable to path traversal in LocalVolumeDriver connector
Ecosystems: packagist
Packages: studio-42/elfinder
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: 11 months ago
High
GSA_kwCzR0hTQS04NWY5LXc5Y3gtaDM2M802vg
Cross site request forgery in Jenkins Job and Node ownership Plugin
Ecosystems: maven
Packages: com.synopsys.jenkinsci:ownership
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS14Z3gyLTMzMmgtOXg2cc011w
SQL Injection in Yeswiki
Ecosystems: packagist
Packages: yeswiki/yeswiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS0yNWZ4LTNjMnEtY3E0Ns4AAzYF
pimcore/customer-management-framework-bundle has SQL Injection vulnerability in Segment Assignment query
Ecosystems: packagist
Packages: pimcore/customer-management-framework-bundle
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: 12 months ago
High
GSA_kwCzR0hTQS1wYzljLTU0N3ctaGhtY84AAs7s
Cross-site Scripting in Jenkins REST List Parameter Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:rest-list-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0zZmg1LXE2ZmctdzI4cc4AAvj1
Prototype pollution in Snowboard framework
Ecosystems: packagist
Packages: wintercms/winter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1oZzVwLTIzM2gtYzdmaM2WTw
Direct Web Remoting vulnerable to Denial of Service
Ecosystems: maven
Packages: org.directwebremoting:dwr
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: about 2 years ago
High
GSA_kwCzR0hTQS1yNTdmLTd4dzMtcTJyOc4AAXaG
Improper Authentication in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdmeDYtcGg0cS1xNTRx
Improper Restriction of Operations within the Bounds of a Memory Buffer in akka-http-core
Ecosystems: maven
Packages: com.typesafe.akka:akka-http-core_2.11, com.typesafe.akka:akka-http-core_2.12
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: over 5 years ago
High
GSA_kwCzR0hTQS00Y3g2LWZqN2otcGp4Oc0xMw
Code injection in Stripe CLI on windows
Ecosystems: go
Packages: github.com/stripe/stripe-cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS03cjd4LTRjNHEtYzRxZs4AAyE2
Missing proper state, nonce and PKCE checks for OAuth authentication
Ecosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: about 1 year ago
High
GSA_kwCzR0hTQS05cXZ3LWZoajIteHFtds4AAyEA
Code Injection in alextselegidis/easyappointments
Ecosystems: packagist
Packages: alextselegidis/easyappointments
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS1mM2h3LTNoNzQtd3I5OM4AAv9Y
Cross-site Scripting in librenms/librenms
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
High
GSA_kwCzR0hTQS05OWhqLXBwZzMtMnh3Y84AATfv
Cross-Site Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS03dnI3LWNnaGgtY2g2M84AAz9o
XWiki Platform may retrieve email addresses of all users
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-livetable-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
GSA_kwCzR0hTQS1nYzk2LWg1cHItODM5as3zOQ
Uncontrolled Resource Consumption in Artemis and HornetQ
Ecosystems: maven
Packages: org.apache.activemq:artemis-native, org.hornetq:hornetq-server
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: about 2 years ago
High
GSA_kwCzR0hTQS1wdjRtLTdjNjgtZjRjNc0y_A
CSRF vulnerability in Jenkins CloudBees AWS Credentials Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:aws-credentials
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS12eDZmLTZycDYtZjJweM0sLQ
Cross-Site Request Forgery in Jenkins dbCharts Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dbCharts
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS05Y3d2LWNwcHgtbXFqbc0uMA
Improper Authentication in Capsule Proxy
Ecosystems: go
Packages: github.com/clastix/capsule-proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS02eDNqLXg5cnAtd2h4cM0txg
Unrestricted Upload of File with Dangerous Type in showdoc
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZndmYtOWpoMy1mZzc1
Deserialization of Untrusted Data in swagger-codegen
Ecosystems: maven
Packages: io.swagger:swagger-codegen, io.swagger:swagger-parser
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: over 5 years ago
High
GSA_kwCzR0hTQS1ycW04LXE4ajktNjYyZs4AAyGH
Nomad Job Submitter Privilege Escalation Using Workload Identity
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 20.4
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlwcjYtZ3JmNC14MmZy
Omniauth allows POST parameters to be stored in session
Ecosystems: rubygems
Packages: omniauth
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 6 years ago
High
GSA_kwCzR0hTQS14ODMyLXIycmotNGc1cM0t1w
SSRF in Kitodo.Presentation
Ecosystems: packagist
Packages: kitodo/presentation
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5OXAtNzI2aC1jOHY1
Apache juddi-client vulnerable to XML External Entity (XXE)
Ecosystems: maven
Packages: org.apache.juddi:juddi-client
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmMjctanF3di1nZjNy
Unintended Require in larvitbase-api
Ecosystems: npm
Packages: larvitbase-api
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI2cnItdjJqMi0yNWZo
Layout XML Arbitrary Code Fix
Ecosystems: packagist
Packages: openmage/magento-lts
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS04NmhwLXhyaGotZmhwcc4AAq1y
Typo3 Vulnerable to Insecure Deserialization
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS12djZqLXd3NngtNTRneM0uJA
Use after free in Animation
Ecosystems: nuget
Packages: CefSharp.Wpf.NETCore, CefSharp.WinForms.NETCore, CefSharp.OffScreen.NETCore, CefSharp.Common.NETCore, CefSharp.Wpf.HwndHost, CefSharp.Wpf, CefSharp.WinForms, CefSharp.OffScreen, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS0zcDM3LTM2MzYtcTh3ds4AAzUH
Vyper vulnerable to OOB DynArray access when array is on both LHS and RHS of an assignment
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: about 1 year ago
High
GSA_kwCzR0hTQS1wd3I2LXAzZmgtZ3JjMs0rFA
Deserialization of Untrusted Data in Magnolia CMS
Ecosystems: maven
Packages: info.magnolia:magnolia-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1oeHZmLTM1dzgtZjVtd80rEg
Cross-Site Request Forgery in Magnolia CMS
Ecosystems: maven
Packages: info.magnolia:magnolia-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyN2ctN2Nwai01anI3
Apache Qpid Broker-J vulnerable to Denial of Service (DoS) via uncontrolled resource consumption
Ecosystems: maven
Packages: org.apache.qpid:qpid-broker
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY1NjYtOTUyNi01MnY2
Exposure of Sensitive Information to an Unauthorized Actor in Concord
Ecosystems: maven
Packages: com.walmartlabs.concord.docker:concord-common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS03ZzI0LXFnODgtcDQzcc4AA2pM
jose4j uses weak cryptographic algorithm
Ecosystems: maven
Packages: org.bitbucket.b_c:jose4j
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: 7 months ago
High
GSA_kwCzR0hTQS00Y3czLXJocXgtdnF3cs4AAz9A
GilaCMS Cross Site Request Forgery vulnerability
Ecosystems: packagist
Packages: gilacms/gila
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
GSA_kwCzR0hTQS1yaDU4LXI3amgteGh4M84AAvhD
.NET Core Elevation of Privilege Vulnerability
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-x86
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzMnItMzk3Ny1jZ2Mz
Keycloak vulnerable to uncontrolled resource consumption
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: over 5 years ago
High
GSA_kwCzR0hTQS1wcjl4LXFtcDUtajNycs3vuA
Improper Input Validation in Apache Hadoop
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-client
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM4N3YtODRjdi05cW1j
Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: over 5 years ago
High
GSA_kwCzR0hTQS12aHJnLXYzY3YtcDI0N83otA
Deserialization of Untrusted Data in Spring Security
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: about 2 years ago
High
GSA_kwCzR0hTQS0yOXByLTZqcjgtcTVqbc4AAyNp
Sentry SDK leaks sensitive session information when `sendDefaultPII` is set to `True`
Ecosystems: pypi
Packages: sentry-sdk
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNwcGgtMjU5NS1jZ2Zo
There is a XML external entity expansion (XXE) vulnerability in Apache Solr
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: over 5 years ago
High
GSA_kwCzR0hTQS12djZxLTZod3AtdnJncM4AA0JP
easy-parse XML External Entity Injection vulnerability
Ecosystems: pypi
Packages: easy-parse
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
High
GSA_kwCzR0hTQS1xNmcyLWc3ZjMtcnI4M84AAyOF
Jettison vulnerable to infinite recursion
Ecosystems: maven
Packages: org.codehaus.jettison:jettison
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg4MjUtcmp3dy0yMjQ1
Apache Storm it is possible for the owner of a topology to trick the supervisor to launch a worker as a different, non-root, user
Ecosystems: maven
Packages: org.apache.storm:storm-core
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: over 5 years ago
Statistics
Advisories: 18,592
Packages: 8,342
Repositories: 2,453
Ecosystems: 12
Filter by Severity
Moderate 8,062 High 6,401 Critical 2,824 Low 1,013
Filter by Ecosystem
maven 1,876 npm 1,408 pypi 1,198 packagist 1,025 nuget 786 go 695 cargo 324 rubygems 284 swift 16 hex 9 actions 8 pub 4
Filter by Package
Microsoft.ChakraCore 234 tensorflow 107 tensorflow-cpu 95 tensorflow-gpu 93 magento/community-edition 55 org.jenkins-ci.main:jenkins-core 48 moodle/moodle 44 com.fasterxml.jackson.core:jackson-databind 43 org.apache.tomcat:tomcat 33 dolibarr/dolibarr 31 drupal/core 28 microweber/microweber 27 pimcore/pimcore 27 nokogiri 25 drupal/drupal 24 phpmyadmin/phpmyadmin 23 org.apache.struts:struts2-core 23 com.thoughtworks.xstream:xstream 22 opencv-contrib-python 22 opencv-python 22 typo3/cms 22 com.jfinal:jfinal 21 Pillow 21 salt 20 ansible 20 thorsten/phpmyfaq 19 django 19 github.com/rancher/rancher 19 typo3/cms-core 18 org.jenkins-ci.plugins:script-security 18 librenms/librenms 18 mlflow 17 Plone 17 pocketmine/pocketmine-mp 17 openssl-src 17 apache-airflow 16 org.apache.tomcat.embed:tomcat-embed-core 16 symfony/symfony 16 getgrav/grav 15 parse-server 15 rdiffweb 15 nilsteampassnet/teampass 15 Microsoft.AspNetCore.App.Runtime.win-x64 14 vyper 14 net.mingsoft:ms-mcms 14 centreon/centreon 14 Microsoft.AspNetCore.App.Runtime.win-x86 14 github.com/hashicorp/consul 14 github.com/usememos/memos 13 golang.org/x/net 13 Microsoft.AspNetCore.App.Runtime.win-arm 13 rubygems-update 13 Microsoft.AspNetCore.App.Runtime.osx-x64 12 Microsoft.AspNetCore.App.Runtime.win-arm64 12 activerecord 12 baserproject/basercms 12 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 12 org.keycloak:keycloak-core 12 org.apache.openmeetings:openmeetings-parent 12 electron 12 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 12 Microsoft.AspNetCore.App.Runtime.linux-arm 12 Microsoft.AspNetCore.App.Runtime.linux-arm64 12 Microsoft.AspNetCore.App.Runtime.linux-x64 12 actionpack 11 mautic/core 11 github.com/nats-io/nats-server/v2 11 github.com/argoproj/argo-cd 11 io.undertow:undertow-core 11 github.com/hashicorp/vault 11 org.keycloak:keycloak-parent 11 intelliants/subrion 11 shopware/platform 10 Django 10 keystone 10 org.springframework.security:spring-security-core 10 github.com/hashicorp/nomad 10 cockpit-hq/cockpit 10 matrix-synapse 10 org.apache.nifi:nifi 10 org.xwiki.platform:xwiki-platform-oldcore 10 openmage/magento-lts 10 froxlor/froxlor 10 cobbler 10 org.apache.geode:geode-core 9 org.apache.solr:solr-core 9 Microsoft.NetCore.App.Runtime.win-arm64 9 craftcms/cms 9 rusqlite 9 mercurial 9 ckb 9 org.cloudfoundry.identity:cloudfoundry-identity-server 9 Microsoft.NetCore.App.Runtime.win-arm 9 Microsoft.NetCore.App.Runtime.win-x64 9 org.apache.struts.xwork:xwork-core 9 Microsoft.NetCore.App.Runtime.win-x86 9 org.apache.hadoop:hadoop-main 9 github.com/ethereum/go-ethereum 9 org.bouncycastle:bcprov-jdk14 9 october/system 8 Microsoft.NETCore.App.Runtime.win-arm64 8 Microsoft.NETCore.App.Runtime.win-x64 8 Microsoft.NETCore.App.Runtime.win-x86 8 shopware/core 8 org.bouncycastle:bcprov-jdk15 8 gradio 8 github.com/sylabs/singularity 8 org.keycloak:keycloak-services 8 Microsoft.AspNetCore.App.Runtime.linux-musl-arm 8 org.apache.commons:commons-compress 7 next 7 phpmailer/phpmailer 7 apache-superset 7 org.craftercms:crafter-studio 7 codeigniter4/framework 7 github.com/docker/docker 7 DotNetNuke.Core 7 symfony/security 7 org.jenkins-ci.plugins.workflow:workflow-cps 7 com.liferay.portal:release.portal.bom 7 tar 7 cn.hutool:hutool-core 7 magento/core 7 snipe/snipe-it 7 org.elasticsearch:elasticsearch 7 org.eclipse.jetty:jetty-server 7 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 7 cakephp/cakephp 7 org.apache.inlong:manager-pojo 7 org.springframework:spring-core 7 smarty/smarty 7 strapi 7 gogs.io/gogs 7 deno 7 pillow 7 com.xuxueli:xxl-job 7 istio.io/istio 6 opencv-contrib-python-headless 6 rack 6 @strapi/strapi 6 Microsoft.NETCore.App 6 wwbn/avideo 6 golang.org/x/crypto 6 sequelize 6 handlebars 6 symfony/security-http 6 org.apache.cxf:cxf 6 Microsoft.AspNetCore.App.Runtime.osx-arm64 6 npm 6 prestashop/prestashop 6 github.com/hyperledger/fabric 6 composer/composer 6 github.com/gravitl/netmaker 6 org.apache.camel:camel-core 6 github.com/grafana/grafana 6 contao/contao 6 contao/core-bundle 6 Microsoft.AspNetCore.All 6 guzzlehttp/guzzle 6 de.tum.in.ase:artemis-java-test-sandbox 6 @openzeppelin/contracts 6 laravel/framework 6 waitress 6 github.com/traefik/traefik/v2 6 cryptography 6 k8s.io/kubernetes 6 github.com/zitadel/zitadel 6 org.apache.tika:tika-core 6 opencv-python-headless 6 sized-chunks 6 nautobot 6 express-cart 6 kiwitcms 6 org.apache.tomcat:tomcat-coyote 6 directus 5 plone 5 github.com/nats-io/jwt 5 serve 5 org.apache.mesos:mesos 5 matrix-js-sdk 5 forkcms/forkcms 5 zope 5 github.com/IBAX-io/go-ibax 5 Microsoft.WindowsDesktop.App.Runtime.win-x86 5 Microsoft.WindowsDesktop.App.Runtime.win-x64 5 org.xwiki.platform:xwiki-platform-web 5 phpbb/phpbb 5 genix/cms 5 twisted 5 github.com/opencontainers/runc 5 org.apache.tomcat:tomcat-catalina 5 pear/archive_tar 5 github.com/cilium/cilium 5 org.apache.dolphinscheduler:dolphinscheduler 5 code.gitea.io/gitea 5 github.com/answerdev/answer 5 ua-parser-js 5 com.vaadin:vaadin-bom 5 github.com/go-gitea/gitea 5 CefSharp.Common 5
Filter by Repository
https://github.com/chakra-core/ChakraCore 204 https://github.com/tensorflow/tensorflow 107 https://github.com/xwiki/xwiki-platform 48 https://github.com/FasterXML/jackson-databind 44 https://github.com/jenkinsci/jenkins 36 https://github.com/apache/tomcat 34 https://github.com/python-pillow/Pillow 26 https://github.com/pimcore/pimcore 25 https://github.com/microweber/microweber 25 https://github.com/apache/airflow 25 https://github.com/moodle/moodle 24 https://github.com/django/django 24 https://github.com/keycloak/keycloak 22 https://github.com/x-stream/xstream 22 https://github.com/apache/struts 22 https://github.com/opencv/opencv 21 https://github.com/sparklemotion/nokogiri 20 https://github.com/Dolibarr/dolibarr 19 https://github.com/thorsten/phpmyfaq 18 https://github.com/dotnet/runtime 17 https://github.com/pmmp/PocketMine-MP 17 https://github.com/symfony/symfony 16 https://github.com/spring-projects/spring-framework 16 https://github.com/rancher/rancher 16 https://github.com/parse-community/parse-server 15 https://github.com/ikus060/rdiffweb 15 https://github.com/ansible/ansible 15 https://github.com/vyperlang/vyper 14 https://github.com/librenms/librenms 14 https://github.com/apache/inlong 14 https://github.com/github/advisory-database 14 https://github.com/usememos/memos 13 https://github.com/jenkinsci/script-security-plugin 13 https://github.com/getgrav/grav 13 https://github.com/rails/rails 12 https://github.com/mlflow/mlflow 12 https://github.com/hashicorp/consul 11 https://github.com/apache/nifi 11 https://github.com/electron/electron 11 https://github.com/mautic/mautic 11 https://github.com/argoproj/argo-cd 10 https://github.com/centreon/centreon 10 https://github.com/octobercms/october 10 https://github.com/OpenMage/magento-lts 10 https://github.com/go-gitea/gitea 10 https://github.com/openstack/keystone 9 https://github.com/kubernetes/kubernetes 9 https://github.com/strapi/strapi 9 https://github.com/rusqlite/rusqlite 9 https://github.com/golang/go 9 https://github.com/apache/camel 9 https://github.com/cui2shark/cms 9 https://github.com/cloudfoundry/uaa 9 https://github.com/nilsteampassnet/teampass 9 https://github.com/nervosnetwork/ckb 9 https://github.com/cockpit-hq/cockpit 8 https://github.com/shopware/platform 8 https://github.com/matrix-org/synapse 8 https://github.com/gradio-app/gradio 8 https://github.com/TYPO3/TYPO3.CMS 8 https://github.com/bcgit/bc-java 8 https://github.com/cobbler/cobbler 8 https://github.com/denoland/deno 8 https://github.com/nats-io/nats-server 8 https://github.com/DSpace/DSpace 7 https://github.com/netty/netty 7 https://github.com/apache/cxf 7 https://github.com/plone/Products.CMFPlone 7 https://github.com/rubygems/rubygems 7 https://github.com/dotnet/aspnetcore 7 https://github.com/hashicorp/vault 7 https://github.com/snipe/snipe-it 7 https://github.com/eclipse/jetty.project 7 https://github.com/spring-projects/spring-security 7 https://github.com/apache/activemq 7 https://github.com/undertow-io/undertow 7 https://github.com/PHPMailer/PHPMailer 7 https://github.com/DrunkenShells/Disclosures 6 https://github.com/nilsteampassnet/TeamPass 6 https://github.com/istio/istio 6 https://github.com/WWBN/AVideo 6 https://github.com/TYPO3/typo3 6 https://github.com/kiwitcms/Kiwi 6 https://github.com/sequelize/sequelize 6 https://github.com/guzzle/guzzle 6 https://github.com/phpmyadmin/phpmyadmin 6 https://github.com/gravitl/netmaker 6 https://github.com/intelliants/subrion 6 https://github.com/saltstack/salt 6 https://github.com/xuxueli/xxl-job 6 https://github.com/zitadel/zitadel 6 https://github.com/CVEProject/cvelist 6 https://github.com/dnnsoftware/Dnn.Platform 6 https://github.com/OPCFoundation/UA-.NETStandard 6 https://github.com/Pylons/waitress 6 https://github.com/backstage/backstage 6 https://github.com/ls1intum/Ares 6 https://github.com/npm/node-tar 6 https://github.com/PaddlePaddle/Paddle 6 https://github.com/pyca/cryptography 6 https://github.com/opencast/opencast 6 https://github.com/OpenNMS/opennms 6 https://github.com/magento/magento2 6 https://github.com/hyperledger/fabric 6 https://github.com/bodil/sized-chunks 6 https://github.com/dromara/hutool 6 https://github.com/contao/contao 6 https://github.com/nautobot/nautobot 6 https://github.com/OpenZeppelin/openzeppelin-contracts 6 https://github.com/smarty-php/smarty 6 https://github.com/froxlor/froxlor 6 https://github.com/directus/directus 5 https://github.com/cilium/cilium 5 https://github.com/PrestaShop/PrestaShop 5 https://github.com/gogs/gogs 5 https://github.com/codeigniter4/CodeIgniter4 5 https://github.com/aubio/aubio 5 https://github.com/cakephp/cakephp 5 https://github.com/drupal/core 5 https://github.com/apache/kylin 5 https://github.com/getkirby/kirby 5 https://github.com/pear/Archive_Tar 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/apache/hadoop 5 https://github.com/ethereum/go-ethereum 5 https://github.com/zopefoundation/Zope 5 https://github.com/geoserver/geoserver 5 https://github.com/laravel/framework 5 https://github.com/faisalman/ua-parser-js 5 https://github.com/docker/docker 5 https://github.com/IBAX-io/go-ibax 5 https://github.com/answerdev/answer 5 https://github.com/apache/dolphinscheduler 5 https://github.com/composer/composer 5 https://github.com/twisted/twisted 5 https://github.com/matrix-org/matrix-js-sdk 5 https://github.com/vercel/next.js 5 https://github.com/cefsharp/CefSharp 5 https://github.com/grafana/grafana 5 https://github.com/forkcms/forkcms 5 https://github.com/BlackFan/client-side-prototype-pollution 5 https://github.com/traefik/traefik 5 https://github.com/apache/xmlgraphics-batik 5 https://github.com/hpcng/singularity 5 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 4 https://github.com/pimcore/admin-ui-classic-bundle 4 https://github.com/free5gc/free5gc 4 https://github.com/yiisoft/yii2 4 https://github.com/ericcornelissen/shescape 4 https://github.com/0xJacky/nginx-ui 4 https://github.com/livehelperchat/livehelperchat 4 https://github.com/scrapy/scrapy 4 https://github.com/tidwall/gjson 4 https://github.com/playframework/playframework 4 https://github.com/wixtoolset/issues 4 https://github.com/cri-o/cri-o 4 https://github.com/surrealdb/surrealdb 4 https://github.com/igniterealtime/Openfire 4 https://github.com/npm/cli 4 https://github.com/quarkusio/quarkus 4 https://github.com/ckeditor/ckeditor4 4 https://github.com/nightcloudos/new_cms 4 https://github.com/nocodb/nocodb 4 https://github.com/totaljs/framework 4 https://github.com/apple/swift-nio-http2 4 https://github.com/RaspAP/raspap-webgui 4 https://github.com/kubernetes/ingress-nginx 4 https://github.com/jettison-json/jettison 4 https://github.com/Froxlor/Froxlor 4 https://github.com/PrismJS/prism 4 https://github.com/ethyca/fides 4 https://github.com/restlet/restlet-framework-java 4 https://github.com/statamic/cms 4 https://github.com/vantage6/vantage6 4 https://github.com/containers/podman 4 https://github.com/bolt/bolt 4 https://github.com/containers/buildah 4 https://github.com/opencontainers/runc 4 https://github.com/phpseclib/phpseclib 4 https://github.com/centreon/centreon-archived 4 https://github.com/hashicorp/nomad 4 https://github.com/fiveai/Cachet 4 https://github.com/baserproject/basercms 4 https://github.com/jhipster/generator-jhipster 4 https://github.com/cloudflare/cfrpki 4 https://github.com/apache/geode 4 https://github.com/libp2p/go-libp2p 4 https://github.com/jnqnfe/pulse-binding-rust 4 https://github.com/pgadmin-org/pgadmin4 4 https://github.com/jeecgboot/jeecg-boot 4 https://github.com/Codiad/Codiad 4 https://github.com/nextauthjs/next-auth 3 https://github.com/pf4j/pf4j 3 https://github.com/dotnet/sdk 3 https://github.com/infor-design/enterprise-ng 3 https://github.com/ming-soft/MCMS 3 https://github.com/openfga/openfga 3 https://github.com/microsoft/msquic 3 https://github.com/edgelesssys/constellation 3