Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Low Security Advisories
Loading...
Low
Ecosystems: npm
Packages: node-forge
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS01cnJxLXB4ZjYtNmp4Nc0hQg
Prototype Pollution in node-forge debug API.Ecosystems: npm
Packages: node-forge
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Low
Ecosystems: npm
Packages: jquery.terminal
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: over 2 years ago
GSA_kwCzR0hTQS14OXI1LWp4dnEtNDM4N80g-g
jquery.terminal self XSS on user inputEcosystems: npm
Packages: jquery.terminal
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: over 2 years ago
Low
Ecosystems: maven
Packages: com.google.guava:guava
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVtZzgtdzIzdy03NGgz
Information Disclosure in GuavaEcosystems: maven
Packages: com.google.guava:guava
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 3 years ago
Low
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02Y3AtdnhqeC02NWo2
SessionListener can prevent a session from being invalidated breaking logoutEcosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: almost 3 years ago
Low
Ecosystems: go
Packages: github.com/opencontainers/distribution-spec
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: over 2 years ago
GSA_kwCzR0hTQS1tYzh2LW1ncmYtOGY0bc0XWA
Clarify Content-Type handlingEcosystems: go
Packages: github.com/opencontainers/distribution-spec
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: over 2 years ago
Low
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS13bXB2LWMyanAtajJ4Z80XOg
ERC1155Supply vulnerability in OpenZeppelin ContractsEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Low
Ecosystems: pypi
Packages: jupyterhub
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: over 2 years ago
GSA_kwCzR0hTQS1jdzdwLXE3OWYtbTJ2N80W6Q
incomplete JupyterHub logout with simultaneous JupyterLab sessionsEcosystems: pypi
Packages: jupyterhub
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: over 2 years ago
Low
Ecosystems: cargo
Packages: parsec-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS00NXczLXYzZzQtNTRwbc0rDQ
Chrono has potential segfault issue in SPIFFE authenticatorEcosystems: cargo
Packages: parsec-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Low
Ecosystems: maven
Packages: org.postgresql:postgresql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS03MjdoLWhydzgtamc4cc0xPQ
Path traversal in org.postgresql:postgresqlEcosystems: maven
Packages: org.postgresql:postgresql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Low
Ecosystems: maven
Packages: org.wildfly.core:wildfly-server
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 1 year ago
GSA_kwCzR0hTQS13ODhtLTI5MzYtcm14cs4AAuf5
wildfly-core allows user with access to management interface to access vault expression, retrieve item from vaultEcosystems: maven
Packages: org.wildfly.core:wildfly-server
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 1 year ago
Low
Ecosystems: go
Packages: github.com/argoproj/argo-workflows/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBycWYteHIyai14ZjY1
Potential privilege escalation on Kubernetes >= v1.19 when the Argo Sever is run with `--auth-mode=client`Ecosystems: go
Packages: github.com/argoproj/argo-workflows/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Low
Ecosystems: npm
Packages: mdx-mermaid
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: over 1 year ago
GSA_kwCzR0hTQS1ydmdtLTM1anctcTYyOM4AAujy
Improper Control of Generation of Code ('Code Injection') in mdx-mermaidEcosystems: npm
Packages: mdx-mermaid
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: over 1 year ago
Low
Ecosystems: packagist
Packages: fof/byobu
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 2 years ago
GSA_kwCzR0hTQS02Z2ptLTZ3ajYtNHB4Nc4AAt2Y
Byobu user preference to prevent private discussions being started are not respectedEcosystems: packagist
Packages: fof/byobu
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 2 years ago
Low
Ecosystems: go
Packages: helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFxM2oteHA0OS1qNzNm
Plugin archive directory traversal in HelmEcosystems: go
Packages: helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: almost 3 years ago
Low
Ecosystems: go
Packages: helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2cDUtbTM4dy1qNzc2
Aliases are never checked in helmEcosystems: go
Packages: helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: almost 3 years ago
Low
Ecosystems: go
Packages: helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01NHItdnJtdi1odzMz
Improper Sanitizing of plugin names in helmEcosystems: go
Packages: helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQyNzgtMnY1di02NXI0
Heap buffer overflow in `RaggedBinCount`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg4M20tcDdwdi1jaDh2
Division by 0 in `QuantizedAdd`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5cHgtOXZxZy0yMjJo
Heap OOB in `QuantizeAndDequantizeV3`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzNWctNDUyNS0yOWZx
Division by 0 in `FusedBatchNorm`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgyOHgtcWMycC13cHJx
Undefined behavior in `MaxPool3DGradGrad`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
GSA_kwCzR0hTQS13YzV2LXI0OHYtZzR2aM4AAtaF
Cilium host policy bypass in endpoint-routes mode with dual-stackEcosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZxZ20tZnY2di1yZnB2
Overflow/denial of service in `tf.raw_ops.ReverseSequence`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc5ZnYtOTg2NS00cWN2
Heap buffer overflow in `MaxPoolGrad`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyY2gtajM4OS01Zjg0
Heap OOB write in TFLiteEcosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpteDgtMzU1bS04dndo
Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 3 years ago
Low
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS0zcDVyLTdjdzMtMm02N84AAbli
Exposure of Sensitive Information to an Unauthorized Actor in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Low
Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2ZjQtZnczMy02ajJ2
Potential sensitive data exposure in applications using Vaadin 15Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: about 3 years ago
Low
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2OHYtZnJneC00cmpw
Denial of Service via Cache FloodingEcosystems: packagist
Packages: shopware/core, shopware/platform
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: nuget
Packages: HtmlSanitizer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqOXYtaDJ2cC0yaGh2
XSS in HtmlSanitizerEcosystems: nuget
Packages: HtmlSanitizer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: october/backend
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4M3YtNTUzeC0zYzRx
Stored XSS by authenticated backend user with access to upload filesEcosystems: packagist
Packages: october/backend
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJyZnAtajJtcC1ocTlj
Segfault in `tf.quantization.quantize_and_dequantize`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: shopware/shopware
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZndjktN3E0Zy1wbXZt
Persistent XSS in customer module in ShopwareEcosystems: packagist
Packages: shopware/shopware
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ3NXEtajlwNC0zdnhn
Blog comment posting, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: over 3 years ago
Low
Ecosystems: maven
Packages: com.google.crypto.tink:tink
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc1dmYtdjZ3Zi03dzJy
Ciphertext Malleability Issue in Tink JavaEcosystems: maven
Packages: com.google.crypto.tink:tink
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: over 3 years ago
Low
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxdzUtcHFoYy14bTRn
Users with SCRIPT right can execute arbitrary code in XWikiEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: silverstripe/silverstripe-omnipay
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
GSA_kwCzR0hTQS00OGYyLW03amctODY2eM4AArZd
Failed payment recorded has completed in Silverstripe OmnipayEcosystems: packagist
Packages: silverstripe/silverstripe-omnipay
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Low
Ecosystems: go
Packages: gogs.io/gogs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wajk2LTRqaHYtdjc5Ms4AArT9
Cross site scripting via cookies in gogsEcosystems: go
Packages: gogs.io/gogs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:mercurial
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS01Nzg2LTNxamctbXI4OM4AAgY-
Path traversal in Jenkins Mercurial PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:mercurial
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Low
Ecosystems: packagist
Packages: october/cms
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk3MjItcnI2OC1yZnBn
Upload whitelisted files to any directory in OctoberCMSEcosystems: packagist
Packages: october/cms
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: almost 4 years ago
Low
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05cXJwLWg3ZnctNDJoZ84AArTY
Path Traversal in XWiki PlatformEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: npm
Packages: limdu
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3cXYtZ2g2Zi1wZ2g0
Command Injection in LimduEcosystems: npm
Packages: limdu
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 4 years ago
Low
Ecosystems: maven
Packages: io.ktor:ktor-server-cio, io.ktor:ktor-client-cio
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhycjktcmg4cC00MzN2
Request smuggling is possible when both chunked TE and content length specifiedEcosystems: maven
Packages: io.ktor:ktor-server-cio, io.ktor:ktor-client-cio
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: over 4 years ago
Low
Ecosystems: pypi
Packages: django-user-sessions
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmcTgtM3EyZi00bTVn
Session key exposure through session list in Django User SessionsEcosystems: pypi
Packages: django-user-sessions
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 4 years ago
Low
Ecosystems: npm
Packages: serialize-to-js
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmanEtOTN4ai0zZjNm
Cross-Site Scripting in serialize-to-jsEcosystems: npm
Packages: serialize-to-js
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: over 4 years ago
Low
Ecosystems: maven
Packages: org.keycloak:keycloak-oidc-client-adapter-pom
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1ydmpnLWd4d3gtajVnZs1Big
OIDC Logout redirect in keycloakEcosystems: maven
Packages: org.keycloak:keycloak-oidc-client-adapter-pom
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Low
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1td200LTVxd3ItZzlwZs1Bjw
Keycloak is vulnerable to IDN homograph attackEcosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Low
Ecosystems: npm
Packages: ws
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtaGgtdzZxOC01aHh3
Remote Memory Disclosure in wsEcosystems: npm
Packages: ws
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Low
Ecosystems: npm
Packages: cli
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZjcGMtbWo1Yy1tOXJx
Arbitrary File Write in cliEcosystems: npm
Packages: cli
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Low
Ecosystems: packagist
Packages: statamic/cms
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: about 2 years ago
GSA_kwCzR0hTQS1xY2d4LTdwNWYtaHh2cs02gQ
Discoverability of user password hash in Statamic CMSEcosystems: packagist
Packages: statamic/cms
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: about 2 years ago
Low
Ecosystems: pypi
Packages: httpie
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 2 years ago
GSA_kwCzR0hTQS02cGM5LXhxcmctd2Zxd80zHw
Exposure of Sensitive information in httpieEcosystems: pypi
Packages: httpie
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 2 years ago
Low
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: about 2 years ago
GSA_kwCzR0hTQS0zcDIyLWdocTgtdjc0Oc01Ew
Renderers can obtain access to random bluetooth device without permission in ElectronEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: about 2 years ago
Low
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4ZjYtdzltcC05NWht
Puppet supports use of IP addresses in certnames without warning of potential risksEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Low
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqeGotOXI1Zi13M20y
Puppet allows local users to obtain sensitive configuration informationEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Low
Ecosystems: rubygems
Packages: paratrooper-pingdom
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZxcnItcnJ3Zy02OXB2
Local API Login Credentials Disclosure in paratrooper-pingdomEcosystems: rubygems
Packages: paratrooper-pingdom
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
Low
Ecosystems: rubygems
Packages: rest-client
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW14OWYtdzhxcS1xNWpm
rest-client allows local users to obtain sensitive information by reading the logEcosystems: rubygems
Packages: rest-client
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:backlog
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wNjhjLXhnODktMmc1cs4AAjx4
Credentials transmitted in plain text by Backlog PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:backlog
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qNmdjLTc5Mm0tcWdtMs4AAxDy
ReDoS based DoS vulnerability in Active Support's underscoreEcosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: rubygems
Packages: globalid
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS0yM2MyLWd3cDUtcHh3Oc4AAxDr
ReDoS based DoS vulnerability in GlobalIDEcosystems: rubygems
Packages: globalid
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: saleor
Source: GitHub Advisory Database
Blast Radius: 1.1
Published: about 1 year ago
GSA_kwCzR0hTQS0zaHZqLTNjZzktdjI0Ms4AAx6e
Saleor Unauthenticated Information Disclosure Vulnerability via Python ExceptionsEcosystems: pypi
Packages: saleor
Source: GitHub Advisory Database
Blast Radius: 1.1
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS01ODRtLTdyNG0tOGo2ds4AAyCI
Incorrect Authorization in Jenkins CoreEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS12dnA3LXI0MjItcng4M84AAyu5
Unauthenticated user can have information about hidden users on subwikis through uorgsuggest.vmEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 1 year ago
GSA_kwCzR0hTQS1wMjZnLTk3bTQtNnE3Y84AAy3M
Eclipse Jetty's cookie parsing of quoted values can exfiltrate values from other cookiesEcosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: kiwitcms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS03eDZxLTN2M20tY3dqZ84AAy8N
kiwi TCMS has possibility for user to update email address to unverified oneEcosystems: pypi
Packages: kiwitcms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: rubygems
Packages: kitchen-terraform
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: about 1 year ago
GSA_kwCzR0hTQS02NWcyLXg1M3EtY21mNs4AAy9A
Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-TerraformEcosystems: rubygems
Packages: kitchen-terraform
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: about 1 year ago
Low
Ecosystems: cargo
Packages: sequoia-openpgp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
GSA_kwCzR0hTQS0yNW14LThmM3YtOHdoN84AAzpM
sequoia-openpgp vulnerable to out-of-bounds array access leading to panicEcosystems: cargo
Packages: sequoia-openpgp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
Low
Ecosystems: packagist
Packages: snipe/snipe-it
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS0yY3FnLXE3am0tajM1Y80XNw
snipe-it is vulnerable to Cross-site ScriptingEcosystems: packagist
Packages: snipe/snipe-it
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tcTYtcThyMy00OGZt
Crash in `tf.strings.substr` due to `CHECK`-failEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 2 years ago
GSA_kwCzR0hTQS12dzQ3LW1yNDQtM2pmOc0V6g
Confused Deputy in KubernetesEcosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 2 years ago
Low
Ecosystems: maven
Packages: com.datadoghq:datadog-api-client
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJjeGYtNjU2Ny03cHA2
Local Information Disclosure VulnerabilityEcosystems: maven
Packages: com.datadoghq:datadog-api-client
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 3 years ago
Low
Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2ZnctdjJqdi05aHdj
Reflected cross-site scripting in development mode handler in VaadinEcosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: swift
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmeGMtcW02NS12cHhn
Temporary urls leaked via loggingEcosystems: pypi
Packages: swift
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Low
Ecosystems: go
Packages: github.com/personnummer/go
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2NTMtdmY1bS04cTk0
personnummer/go vulnerable to Improper Input ValidationEcosystems: go
Packages: github.com/personnummer/go
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Low
Ecosystems: go
Packages: helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1MmYtcHE0Ny0ycjlq
plugin.yaml file allows for duplicate entries in helmEcosystems: go
Packages: helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: almost 3 years ago
Low
Ecosystems: go
Packages: helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWptNTYtNWg2Ni13NDUz
Repository index file allows for duplicates of the same chart entry in helmEcosystems: go
Packages: helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: almost 3 years ago
Low
Ecosystems: go
Packages: github.com/moov-io/customers
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc2MzYtcTVmYy00cHI3
accounts: Hash account number using SaltEcosystems: go
Packages: github.com/moov-io/customers
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Low
Ecosystems: go
Packages: github.com/cloudflare/tableflip
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdtcTItMzlmZi1mNXFn
A failed upgrade may lead to hung goroutinesEcosystems: go
Packages: github.com/cloudflare/tableflip
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2ZjItNHhjZy02NWN4
Division by 0 in `Conv2D`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg0ZzctZnZqai1wcmc4
Division by 0 in `QuantizedConv2D`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhnYzMtbTg5cC12cjN4
Heap buffer overflow in `Conv2DBackpropFilter`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRocmgtOXZtcC0yamdn
Heap buffer overflow in `StringNGrams`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zNGotcDhyai13anhx
Division by 0 in `QuantizedBiasAdd`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2cG0tcmNmNC05d3F3
Division by 0 in `MaxPoolGradWithArgmax`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZmODktOGo1NC0yOXhm
Heap buffer overflow in `FractionalAvgPoolGrad`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW12NzgtZzd3cS1taHA0
Division by zero in padding computation in TFLiteEcosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI2ajctNnc4dy03OTIy
Division by zero in optimized pooling implementations in TFLiteEcosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2cmYtZmY3di1ocGdy
Division by zero in TFLite's implementation of `EmbeddingLookup`Ecosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk3d2YtcDc3Ny04Nmpx
Division by zero in TFLite's implementation of SplitEcosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlycGMtNXY5cS01cjdm
Incomplete validation in `SparseReshape`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRodnYtN3g5NC03dnE4
Null dereference in Grappler's `TrySimplify`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: almost 3 years ago
Low
Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNoNXItOTI4di1teGho
Unauthorized client-side property update in UIDL request handler in Vaadin 10 and 11Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: about 3 years ago
Low
Ecosystems: packagist
Packages: pwweb/laravel-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmanAtZzRtNy1meDIz
User (Encrypted) Password Field Being SerialisedEcosystems: packagist
Packages: pwweb/laravel-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Low
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZjZzgtOThxOC1nN21q
Exposure of Sensitive Information to an Unauthorized Actor and Insecure Temporary File in AnsibleEcosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: about 3 years ago
Low
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkyM3AtZnIyYy1nNW0y
Exposure of Sensitive Information to an Unauthorized Actor in AnsibleEcosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: about 3 years ago
Low
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-wikimacro-store
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2NjIteHBjYy05eGY2
It's possible to execute anything with the rights of the author of a macro which uses the {{wikimacrocontent}} macroEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-wikimacro-store
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
Low
Ecosystems: maven
Packages: com.amazonaws:aws-dynamodb-encryption-java
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc3MzYtaGY5cC1xcWgz
Key Caching behavior in the DynamoDB Encryption Client.Ecosystems: maven
Packages: com.amazonaws:aws-dynamodb-encryption-java
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFoeHgtajczci1xcG0y
Uninitialized memory access in TensorFlowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: petl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1Z2MtcDVtMy12MzQ3
XXE in petlEcosystems: pypi
Packages: petl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: october/cms
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI4OXYtY2d2Ny0zamh4
Bypass of fix for CVE-2020-15247, Twig sandbox escapeEcosystems: packagist
Packages: october/cms
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: october/backend
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmamMteHJtZi01dnZ3
Privilege escalation by backend users assigned to the default "Publisher" system roleEcosystems: packagist
Packages: october/backend
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: over 3 years ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 451
Ecosystems: 12
Packages: 8,381
Repositories: 451
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
109
tensorflow-gpu
93
tensorflow-cpu
93
moodle/moodle
17
concrete5/concrete5
13
shopware/platform
12
typo3/cms
11
github.com/mattermost/mattermost/server/v8
10
phpmyadmin/phpmyadmin
10
shopware/core
10
nova
9
org.apache.tomcat:tomcat
9
org.jenkins-ci.main:jenkins-core
9
matrix-synapse
7
vyper
7
Umbraco.CMS
6
puppet
6
undici
5
k8s.io/kubernetes
5
wasmtime
5
sweetalert2
5
rack
5
helm.sh/helm/v3
5
typo3/cms-core
5
october/backend
5
baserproject/basercms
5
ansible
5
shopware/shopware
4
github.com/cilium/cilium
4
helm.sh/helm
4
electron
4
org.keycloak:keycloak-services
4
simplesamlphp/simplesamlphp
4
magento/community-edition
4
github.com/mattermost/mattermost-server/v6
4
com.vaadin:flow-server
4
actionpack
4
github.com/cosmos/cosmos-sdk
3
bin-links
3
go.etcd.io/etcd
3
nautobot
3
ethyca-fides
3
plone
3
org.graylog2:graylog2-server
3
@openzeppelin/contracts-upgradeable
3
wagtail
3
org.apache.hive:hive-exec
3
com.vaadin:vaadin-bom
3
org.apache.hive:hive-service
3
ckb
3
org.apache.hive:hive
3
node-forge
3
glance
3
passenger
3
cryptography
3
httplib2
3
sylius/sylius
3
symfony/symfony
3
github.com/mattermost/mattermost-server
3
craftcms/cms
2
silverstripe/framework
2
Flask-Security-Too
2
winter/wn-backend-module
2
org.apache.activemq:activemq-parent
2
braces
2
django
2
github.com/opencontainers/runc
2
github.com/authzed/spicedb
2
org.jenkins-ci.plugins:azure-ad
2
next-auth
2
org.jenkins-ci.plugins:bigpanda-jenkins
2
github.com/cometbft/cometbft
2
org.jenkins-ci.plugins:wso2id-oauth
2
activesupport
2
org.jenkins-ci.plugins:artifactory
2
github.com/mattermost/mattermost-plugin-jira
2
horizon
2
vantage6
2
s2n-quic
2
cargo
2
org.jenkins-ci.plugins:mercurial
2
org.jenkins-ci.plugins:repository-connector
2
Zope
2
go.etcd.io/etcd/client/v3
2
github.com/mutagen-io/mutagen
2
typo3/cms-install
2
aiohttp
2
grumpydictator/firefly-iii
2
moin
2
github.com/answerdev/answer
2
com.inedo.proget:inedo-proget
2
github.com/sigstore/cosign
2
org.jenkins-ci.plugins:ec2
2
github.com/containerd/containerd
2
Pillow
2
Django
2
node-ipc
2
salt
2
ceph-deploy
2
@apollo/server
2
tools.devnull:build-notifications
2
@openzeppelin/contracts
2
OctoPrint
2
flarum/core
2
parse-server
2
com.ruoyi:ruoyi
2
github.com/ntbosscher/gobase
2
langchain
2
Nova
2
github.com/hashicorp/nomad
2
gilacms/gila
2
october/cms
2
Flask-AppBuilder
2
ezsystems/ezplatform-kernel
2
keystone
2
ezsystems/ezpublish-kernel
2
microweber/microweber
2
typo3/cms-frontend
2
org.xwiki.platform:xwiki-platform-oldcore
2
pip
2
tuf
2
org.bouncycastle:bcprov-jdk14
2
symfony/security-http
2
org.eclipse.jetty:jetty-server
2
kafo
1
go.elastic.co/apm
1
Werkzeug
1
mindspore
1
github.com/nats-io/nats-server/v2
1
wiremock
1
com.github.tomakehurst:wiremock-jre8-standalone
1
com.github.tomakehurst:wiremock-jre8
1
org.wiremock:wiremock
1
org.wiremock:wiremock-standalone
1
django-basic-auth-ip-whitelist
1
qutebrowser
1
rabbit_common
1
automad/automad
1
github.com/Masterminds/goutils
1
@liquity/contracts
1
org.bouncycastle:bcprov-jdk18on
1
org.scala-sbt:io_3
1
org.scala-sbt:io_2.13
1
org.bouncycastle:bcprov-jdk15to18
1
org.scala-sbt:io_2.12
1
org.bouncycastle:bcprov-jdk13
1
org.scala-sbt:sbt
1
org.bouncycastle:bcprov-jdk12
1
io.jenkins.plugins:gitlab-branch-source
1
org.springframework.batch:spring-batch-core
1
org.jenkins-ci.plugins:ghprb
1
com.xuxueli:xxl-job-core
1
org.keycloak:keycloak-core
1
org.jenkins-ci.plugins:openshift-deployer
1
@diez/generation
1
virtualenv
1
com.typesafe.play:play
1
nokogiri
1
ember-source
1
github.com/oauth2-proxy/oauth2-proxy
1
@aedart/support
1
streamlit
1
github.com/oauth2-proxy/oauth2-proxy/v7
1
org.jenkins-ci.plugins:reverse-proxy-auth-plugin
1
thelounge
1
org.xmlunit:xmlunit-core
1
org.keycloak:keycloak-parent
1
merge-objects
1
bigint-money
1
put
1
firebase-tools
1
debug
1
solidus_backend
1
phpmyfaq/phpmyfaq
1
apostrophe
1
admidio/admidio
1
org.eclipse.jetty:jetty-openid
1
spina
1
org.keycloak:keycloak-server-spi-private
1
datasette-graphql
1
plone.restapi
1
github.com/flyteorg/flyteadmin
1
markdown-link-extractor
1
type-graphql
1
github.com/containers/podman/v4
1
xmpp-http-upload
1
tqdm
1
github.com/slsa-framework/slsa-verifier/v2
1
personnummer
1
github.com/slsa-framework/slsa-verifier
1
org.jenkins-ci.plugins:telegrambot
1
vodozemac
1
flarum/framework
1
net.sf.mpxj:mpxj
1
net.sf.mpxj
1
net.sf.mpxj-for-csharp
1
hyper
1
org.xwiki.platform:xwiki-platform-security-authentication-script
1
net.sf.mpxj-for-vb
1
mpxj
1
Filter by Repository
https://github.com/tensorflow/tensorflow
109
https://github.com/moodle/moodle
17
https://github.com/concretecms/concretecms
13
https://github.com/shopware/platform
12
https://github.com/openstack/nova
11
https://github.com/etcd-io/etcd
8
https://github.com/umbraco/Umbraco-CMS
7
https://github.com/matrix-org/synapse
7
https://github.com/phpmyadmin/phpmyadmin
7
https://github.com/eclipse/jetty.project
7
https://github.com/vyperlang/vyper
7
https://github.com/octobercms/october
7
https://github.com/rails/rails
6
https://github.com/sweetalert2/sweetalert2
5
https://github.com/nodejs/undici
5
https://github.com/rack/rack
5
https://github.com/ansible/ansible
5
https://github.com/helm/helm
5
https://github.com/kubernetes/kubernetes
5
https://github.com/keycloak/keycloak
5
https://github.com/bytecodealliance/wasmtime
5
https://github.com/baserproject/basercms
5
https://github.com/TYPO3/typo3
5
https://github.com/xwiki/xwiki-platform
5
https://github.com/puppetlabs/puppet
5
https://github.com/jenkinsci/jenkins
5
https://github.com/simplesamlphp/simplesamlphp
4
https://github.com/apache/tomcat
4
https://github.com/cilium/cilium
4
https://github.com/wintercms/winter
4
https://github.com/electron/electron
4
https://github.com/shopware/shopware
4
https://github.com/mattermost/mattermost
4
https://github.com/vaadin/platform
4
https://github.com/wagtail/wagtail
3
https://github.com/nautobot/nautobot
3
https://github.com/Graylog2/graylog2-server
3
https://github.com/django/django
3
https://github.com/digitalbazaar/forge
3
https://github.com/phusion/passenger
3
https://github.com/vaadin/flow
3
https://github.com/vantage6/vantage6
3
https://github.com/symfony/symfony
3
https://github.com/httplib2/httplib2
3
https://github.com/nervosnetwork/ckb
3
https://github.com/cosmos/cosmos-sdk
3
https://github.com/pyca/cryptography
3
https://github.com/ethyca/fides
3
https://github.com/Sylius/Sylius
3
https://github.com/CVEProject/cvelist
3
https://github.com/openstack/keystone
3
https://github.com/answerdev/answer
2
https://github.com/saltstack/salt
2
https://github.com/openstack/glance
2
https://github.com/aio-libs/aiohttp
2
https://github.com/aws/s2n-quic
2
https://github.com/ezsystems/ezplatform-kernel
2
https://github.com/ntbosscher/gobase
2
https://github.com/microweber/microweber
2
https://github.com/zopefoundation/Zope
2
https://github.com/quarkusio/quarkus
2
https://github.com/cometbft/cometbft
2
https://github.com/containerd/containerd
2
https://github.com/RIAEvangelist/node-ipc
2
https://github.com/Flask-Middleware/flask-security
2
https://github.com/TYPO3/TYPO3.CMS
2
https://github.com/bcgit/bc-java
2
https://github.com/hashicorp/nomad
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/nats-io/nats-server
2
https://github.com/jenkinsci/ec2-plugin
2
https://github.com/nextauthjs/next-auth
2
https://github.com/ceph/ceph-deploy
2
https://github.com/apollographql/apollo-server
2
https://github.com/apache/activemq
2
https://gitlab.com/sequoia-pgp/sequoia
2
https://github.com/GilaCMS/gila
2
https://github.com/opencontainers/runc
2
https://github.com/mutagen-io/mutagen
2
https://github.com/theupdateframework/python-tuf
2
https://github.com/parse-community/parse-server
2
https://github.com/openstack/horizon
2
https://github.com/octoprint/octoprint
2
https://github.com/dpgaspar/Flask-AppBuilder
2
https://github.com/opencontainers/distribution-spec
2
https://github.com/firefly-iii/firefly-iii
2
https://github.com/pypa/pip
2
https://github.com/sigstore/cosign
2
https://github.com/flarum/framework
2
https://github.com/rust-lang/cargo
2
https://github.com/authzed/spicedb
2
https://github.com/mattermost/mattermost-plugin-jira
2
https://github.com/micromatch/braces
2
https://github.com/craftcms/cms
2
https://github.com/tinymce/tinymce
1
https://github.com/ezsystems/ezpublish-kernel
1
https://github.com/NVIDIA/NeMo
1
https://github.com/vapor/postgres-nio
1
https://github.com/vega/vega
1
https://github.com/jquery-validation/jquery-validation
1
https://github.com/keylime/keylime
1
https://github.com/Azure/setup-kubectl
1
https://github.com/spinacms/spina
1
https://github.com/decidim/decidim
1
https://github.com/swagger-api/swagger-codegen
1
https://github.com/knative-extensions/eventing-github
1
https://github.com/simplegeo/python-oauth2
1
https://github.com/personnummer/csharp
1
https://github.com/Consensys/gnark-crypto
1
https://github.com/http4s/http4s
1
https://github.com/admidio/admidio
1
https://github.com/httpie/httpie
1
https://github.com/waysact/webpack-subresource-integrity
1
https://github.com/keystonejs/keystone
1
https://github.com/spring-projects/spring-data-rest
1
https://github.com/Twipped/ircdkit
1
https://github.com/directus/directus
1
https://github.com/cloudfoundry/uaa
1
https://github.com/plone/Products.CMFPlone
1
https://github.com/jenkinsci/mercurial-plugin
1
https://github.com/canonical/lxd
1
https://github.com/yiisoft/yii2-authclient
1
https://github.com/skylot/jadx
1
https://github.com/Masterminds/goutils
1
https://github.com/google/zerocopy
1
https://github.com/dojo/dijit
1
https://github.com/jeremylong/DependencyCheck
1
https://github.com/tauri-apps/tauri
1
https://github.com/node-red/node-red
1
https://github.com/ubernostrum/django-registration
1
https://github.com/rails/globalid
1
https://github.com/moq/moq
1
https://github.com/personnummer/php
1
https://github.com/openjdk/jfx
1
https://github.com/livehelperchat/livehelperchat
1
https://github.com/CosmWasm/cosmwasm
1
https://github.com/endojs/endo
1
https://github.com/cjvnjde/google-translate-api-browser
1
https://github.com/puma/puma
1
https://github.com/floriangaerber/Magnesium-PHP
1
https://github.com/zowe/imperative
1
https://github.com/derbyjs/derby
1
https://github.com/jenkinsci/digitalocean-plugin
1
https://github.com/croogo/croogo
1
https://github.com/theupdateframework/go-tuf
1
https://github.com/thelounge/thelounge
1
https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID
1
https://github.com/joeferner/redis-commander
1
https://github.com/fastify/fastify-http-proxy
1
https://github.com/brefphp/bref
1
https://github.com/electron-userland/electron-packager
1
https://github.com/ktorio/ktor
1
https://github.com/PrestaShop/productcomments
1
https://github.com/mlflow/mlflow
1
https://github.com/kopia/kopia
1
https://github.com/jenkinsci/qmetry-for-jira-test-management-plugin
1
https://github.com/fluent/fluentd
1
https://github.com/python-imaging/Pillow
1
https://github.com/jenkinsci/email-ext-plugin
1
https://github.com/jcubic/jquery.terminal
1
https://github.com/medikoo/es5-ext
1
https://github.com/lexik/LexikJWTAuthenticationBundle
1
https://github.com/kitabisa/teler
1
https://github.com/jenkinsci/inedo-buildmaster-plugin
1
https://github.com/onionshare/onionshare
1
https://github.com/sparklemotion/sqlite3-ruby
1
https://github.com/memorysafety/sudo-rs
1
https://github.com/ericcornelissen/shescape
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/tailscale/tailscale
1
https://github.com/Nebulosus/shamir
1
https://github.com/ajenti/ajenti
1
https://github.com/xuxueli/xxl-job
1
https://github.com/yourls/yourls
1
https://github.com/bbatsov/rubocop
1
https://github.com/dan1hc/fgr
1
https://github.com/jenkinsci/github-plugin
1
https://github.com/kiwitcms/Kiwi
1
https://github.com/gradle/gradle
1
https://gitlab.com/edneville/please
1
https://github.com/xmlunit/xmlunit
1
https://github.com/octokit/octopoller.rb
1
https://github.com/disintegration/imaging
1
https://github.com/node-js-libs/cli
1
https://github.com/Brondahl/EnumStringValues
1
https://github.com/foxcpp/maddy
1
https://github.com/jenkinsci/git-client-plugin
1
https://github.com/personnummer/go
1
https://github.com/amundsen-io/amundsenfrontendlibrary
1
https://github.com/elastic/apm-agent-go
1
https://github.com/rust-vmm/linux-loader
1
https://github.com/jenkinsci/resource-disposer-plugin
1
https://github.com/zopefoundation/Products.GenericSetup
1
https://github.com/npm/npm
1
https://github.com/triaxtec/openapi-python-client
1
https://github.com/arguiot/EyeJS
1
https://github.com/dub-flow/vulnerability-research
1
https://github.com/jenkinsci/gitlab-plugin
1
https://github.com/impredicative/bitlyshortener
1