Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: rubygems, npm
Packages: uglifier, uglify-js
Source: GitHub Advisory Database
Blast Radius: 119.3
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM0cjctcTQ5Zi1oMzdj
Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-jsEcosystems: rubygems, npm
Packages: uglifier, uglify-js
Source: GitHub Advisory Database
Blast Radius: 119.3
Published: over 6 years ago
Critical
Ecosystems: npm, rubygems
Packages: handlebars, bootstrap-wysihtml5-rails
Source: GitHub Advisory Database
Blast Radius: 87.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0NTctNnE2eC1jZ3A5
Prototype Pollution in handlebarsEcosystems: npm, rubygems
Packages: handlebars, bootstrap-wysihtml5-rails
Source: GitHub Advisory Database
Blast Radius: 87.7
Published: over 4 years ago
Critical
Ecosystems: maven, npm
Packages: org.webjars.bowergithub.wycats:handlebars.js, org.webjars.npm:handlebars, org.webjars:handlebars, handlebars
Source: GitHub Advisory Database
Blast Radius: 79.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYyanYtcjlyZi03OTg4
Remote code execution in handlebars when compiling templatesEcosystems: maven, npm
Packages: org.webjars.bowergithub.wycats:handlebars.js, org.webjars.npm:handlebars, org.webjars:handlebars, handlebars
Source: GitHub Advisory Database
Blast Radius: 79.2
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: fsevents
Source: GitHub Advisory Database
Blast Radius: 65.9
Published: 7 months ago
GSA_kwCzR0hTQS04cjZqLXY4cG0tZnF3M84AA2SB
Code injection in fseventsEcosystems: npm
Packages: fsevents
Source: GitHub Advisory Database
Blast Radius: 65.9
Published: 7 months ago
Critical
Ecosystems: npm
Packages: set-value
Source: GitHub Advisory Database
Blast Radius: 64.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRnODgtZnBwci01M3Bw
Prototype Pollution in set-valueEcosystems: npm
Packages: set-value
Source: GitHub Advisory Database
Blast Radius: 64.5
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 64.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB2NGMtcDJqNS0zOGo0
Open Redirect in url-parseEcosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 64.1
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: deep-extend
Source: GitHub Advisory Database
Blast Radius: 63.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhyMnYtMzk1Mi02MzNx
Prototype Pollution in deep-extendEcosystems: npm
Packages: deep-extend
Source: GitHub Advisory Database
Blast Radius: 63.3
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: eslint-utils
Source: GitHub Advisory Database
Blast Radius: 62.9
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNneDcteGh2Ny01bXgz
Arbitrary Code Execution in eslint-utilsEcosystems: npm
Packages: eslint-utils
Source: GitHub Advisory Database
Blast Radius: 62.9
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: babel-traverse, @babel/traverse
Source: GitHub Advisory Database
Blast Radius: 62.6
Published: 7 months ago
GSA_kwCzR0hTQS02N2h4LTZ4NTMtanc5Ms4AA2eW
Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious codeEcosystems: npm
Packages: babel-traverse, @babel/traverse
Source: GitHub Advisory Database
Blast Radius: 62.6
Published: 7 months ago
Critical
Ecosystems: npm
Packages: shell-quote
Source: GitHub Advisory Database
Blast Radius: 62.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1nNHJnLTk5M3ItbWd4N84AAqZr
Improper Neutralization of Special Elements used in a Command in Shell-quoteEcosystems: npm
Packages: shell-quote
Source: GitHub Advisory Database
Blast Radius: 62.4
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: shell-quote
Source: GitHub Advisory Database
Blast Radius: 62.4
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFnOHAtdjlxNC1naDM0
Potential Command Injection in shell-quoteEcosystems: npm
Packages: shell-quote
Source: GitHub Advisory Database
Blast Radius: 62.4
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: minimist
Source: GitHub Advisory Database
Blast Radius: 61.8
Published: about 2 years ago
GSA_kwCzR0hTQS14dmNoLTVndjQtOTg0aM0z6A
Prototype Pollution in minimistEcosystems: npm
Packages: minimist
Source: GitHub Advisory Database
Blast Radius: 61.8
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: loader-utils
Source: GitHub Advisory Database
Blast Radius: 61.1
Published: over 1 year ago
GSA_kwCzR0hTQS03NnAzLThqeDMtanBmcc4AAvTd
Prototype pollution in webpack loader-utilsEcosystems: npm
Packages: loader-utils
Source: GitHub Advisory Database
Blast Radius: 61.1
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: json-schema
Source: GitHub Advisory Database
Blast Radius: 60.7
Published: over 2 years ago
GSA_kwCzR0hTQS04OTZyLWYyN3ItNTVtd80XPA
json-schema is vulnerable to Prototype PollutionEcosystems: npm
Packages: json-schema
Source: GitHub Advisory Database
Blast Radius: 60.7
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 60.6
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN3NXYtcDU0Yy1mNzR4
ejs is vulnerable to remote code execution due to weak input validationEcosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 60.6
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 60.6
Published: about 2 years ago
GSA_kwCzR0hTQS1waHdxLWo5Nm0tMmMycc1A-A
ejs template injection vulnerabilityEcosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 60.6
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: immer
Source: GitHub Advisory Database
Blast Radius: 60.5
Published: over 2 years ago
GSA_kwCzR0hTQS0zM2Y5LWo4MzktcmY4aM0VjA
Prototype Pollution in immerEcosystems: npm
Packages: immer
Source: GitHub Advisory Database
Blast Radius: 60.5
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 60.2
Published: almost 2 years ago
GSA_kwCzR0hTQS13cTRoLTdyNDItNWhycs4AArQV
Possible shell escape sequence injection vulnerability in RackEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 60.2
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 60.1
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJwNjgtZjc0di05d2M2
ActiveSupport potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStoreEcosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 60.1
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: socket.io-parser
Source: GitHub Advisory Database
Blast Radius: 59.8
Published: over 1 year ago
GSA_kwCzR0hTQS1xbTk1LXBnY2ctcXFmcc4AAvix
Insufficient validation when decoding a Socket.IO packetEcosystems: npm
Packages: socket.io-parser
Source: GitHub Advisory Database
Blast Radius: 59.8
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 59.8
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2NWgtcWp4di01ZjQ0
Prototype Pollution in handlebarsEcosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 59.8
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: eventsource
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: almost 2 years ago
GSA_kwCzR0hTQS02aDV4LTdjNW0tN2NyN83l_g
Exposure of Sensitive Information in eventsourceEcosystems: npm
Packages: eventsource
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: 10 months ago
GSA_kwCzR0hTQS05bTkzLXc4dzYtNzZoaM4AA0uj
Mongoose Prototype Pollution vulnerabilityEcosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: 10 months ago
Critical
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyNTItNGhxdy1wMjdm
Nokogiri does not forbid namespace nodes in XPointer rangesEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1xeGNnLXhqamctNjZtas4AAQF8
Nokogiri vulnerable to libxslt protection mechanism bypassEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: rexical, nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyNWotOTUzai14dzVw
Nokogiri Command Injection VulnerabilityEcosystems: rubygems
Packages: rexical, nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: xmlhttprequest-ssl, xmlhttprequest
Source: GitHub Advisory Database
Blast Radius: 59.1
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0ajUtYzdjai03NHhn
xmlhttprequest and xmlhttprequest-ssl vulnerable to Arbitrary Code InjectionEcosystems: npm
Packages: xmlhttprequest-ssl, xmlhttprequest
Source: GitHub Advisory Database
Blast Radius: 59.1
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: tree-kill
Source: GitHub Advisory Database
Blast Radius: 59.1
Published: almost 2 years ago
GSA_kwCzR0hTQS1qN2ZxLXA5cTctNXdmds4AAjAY
Treekill Enables OS Command InjectionEcosystems: npm
Packages: tree-kill
Source: GitHub Advisory Database
Blast Radius: 59.1
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: morgan
Source: GitHub Advisory Database
Blast Radius: 58.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3Zzktcmd2ai00aDVq
Code Injection in morganEcosystems: npm
Packages: morgan
Source: GitHub Advisory Database
Blast Radius: 58.7
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: mixin-deep
Source: GitHub Advisory Database
Blast Radius: 58.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoamYtODN3Zy1yMmo5
Prototype Pollution in mixin-deepEcosystems: npm
Packages: mixin-deep
Source: GitHub Advisory Database
Blast Radius: 58.7
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: merge-deep
Source: GitHub Advisory Database
Blast Radius: 58.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI2cmotOWNoNi1nMjY0
Prototype pollution in Merge-deepEcosystems: npm
Packages: merge-deep
Source: GitHub Advisory Database
Blast Radius: 58.5
Published: almost 3 years ago
Critical
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Blast Radius: 58.4
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ4cTMtZ200cC01Zmo0
rails vulnerable to improper authenticationEcosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Blast Radius: 58.4
Published: over 6 years ago
Critical
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 58.4
Published: almost 2 years ago
GSA_kwCzR0hTQS0zaGhjLXFwNXYtOXAyas4AAtT8
Active Record RCE bug with Serialized ColumnsEcosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 58.4
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 58.4
Published: about 2 years ago
GSA_kwCzR0hTQS1oZ2poLTcyM2gtbXgyas0t5g
Authorization Bypass Through User-Controlled Key in url-parseEcosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 58.4
Published: about 2 years ago
Critical
Ecosystems: rubygems
Packages: railties
Source: GitHub Advisory Database
Blast Radius: 58.2
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW00MmgtbWg4NS00cWdj
Use of Insufficiently Random Values in Railties Allows Remote Code ExecutionEcosystems: rubygems
Packages: railties
Source: GitHub Advisory Database
Blast Radius: 58.2
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 58.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oOGhmLXgzZjQteHdncM4AAugJ
Mongoose Vulnerable to Prototype Pollution in Schema ObjectEcosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 58.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.springframework:spring-webflux, org.springframework:spring-webmvc, org.springframework:spring-beans, org.springframework.boot:spring-boot-starter-webflux, org.springframework.boot:spring-boot-starter-web
Source: GitHub Advisory Database
Blast Radius: 57.9
Published: about 2 years ago
GSA_kwCzR0hTQS0zNnAzLXdqbWctaDk0eM03aQ
Remote Code Execution in Spring FrameworkEcosystems: maven
Packages: org.springframework:spring-webflux, org.springframework:spring-webmvc, org.springframework:spring-beans, org.springframework.boot:spring-boot-starter-webflux, org.springframework.boot:spring-boot-starter-web
Source: GitHub Advisory Database
Blast Radius: 57.9
Published: about 2 years ago
Critical
Ecosystems: maven, npm
Packages: org.webjars.npm:thenify, thenify
Source: GitHub Advisory Database
Blast Radius: 57.8
Published: almost 2 years ago
GSA_kwCzR0hTQS0yOXhyLXY0Mmotcjk1Ns4AAtcx
thenify before 3.3.1 made use of unsafe calls to `eval`.Ecosystems: maven, npm
Packages: org.webjars.npm:thenify, thenify
Source: GitHub Advisory Database
Blast Radius: 57.8
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: phpunit/phpunit
Source: GitHub Advisory Database
Blast Radius: 57.7
Published: about 2 years ago
GSA_kwCzR0hTQS1yN2M5LWM2OW0tcnBoOM02Aw
Code Injection in PHPUnitEcosystems: packagist
Packages: phpunit/phpunit
Source: GitHub Advisory Database
Blast Radius: 57.7
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: bson
Source: GitHub Advisory Database
Blast Radius: 57.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY4dzktMjc4OS02aGhy
Deserialization of Untrusted Data in bsonEcosystems: npm
Packages: bson
Source: GitHub Advisory Database
Blast Radius: 57.7
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: underscore
Source: GitHub Advisory Database
Blast Radius: 57.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmNGgtM2poeC14dmhx
Arbitrary Code Execution in underscoreEcosystems: npm
Packages: underscore
Source: GitHub Advisory Database
Blast Radius: 57.5
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: lodash.defaultsdeep, lodash-amd, lodash-es, lodash
Source: GitHub Advisory Database
Blast Radius: 57.2
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpmODUtY3BjcC1qNjk1
Prototype Pollution in lodashEcosystems: npm
Packages: lodash.defaultsdeep, lodash-amd, lodash-es, lodash
Source: GitHub Advisory Database
Blast Radius: 57.2
Published: almost 5 years ago
Critical
Ecosystems: rubygems
Packages: rubyzip
Source: GitHub Advisory Database
Blast Radius: 57.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZxY3EtbXJtdy1tY21n
Rubyzip gem contains a Directory Traversal vulnerability in zip file componentEcosystems: rubygems
Packages: rubyzip
Source: GitHub Advisory Database
Blast Radius: 57.1
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: rubyzip
Source: GitHub Advisory Database
Blast Radius: 57.1
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdjcXEtdzZnci1oOWo5
Directory traversal vulnerability in RubyZipEcosystems: rubygems
Packages: rubyzip
Source: GitHub Advisory Database
Blast Radius: 57.1
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: xmlhttprequest-ssl
Source: GitHub Advisory Database
Blast Radius: 56.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcybWgtMjY5eC03bWg1
Improper Certificate Validation in xmlhttprequest-sslEcosystems: npm
Packages: xmlhttprequest-ssl
Source: GitHub Advisory Database
Blast Radius: 56.7
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: cryptiles
Source: GitHub Advisory Database
Blast Radius: 56.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJxOGctNXBjNS13cmhy
Insufficient Entropy in cryptilesEcosystems: npm
Packages: cryptiles
Source: GitHub Advisory Database
Blast Radius: 56.5
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: eslint-scope, eslint-config-eslint
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4eGYtcTN3OS00eGd3
Malicious Package in eslint-scopeEcosystems: npm
Packages: eslint-scope, eslint-config-eslint
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: https-proxy-agent
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThnN3AtNzRoOC1oZzQ4
Denial of Service in https-proxy-agentEcosystems: npm
Packages: https-proxy-agent
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: almost 6 years ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 56.1
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg5Mmgtd21nMi02aHA3
Invalid HTTP method overrides allow possible XSS or other attacks in SymfonyEcosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 56.1
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: growl
Source: GitHub Advisory Database
Blast Radius: 56.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFoMmgtY2hqOS1qZmZx
Growl before 1.10.0 vulnerable to Command InjectionEcosystems: npm
Packages: growl
Source: GitHub Advisory Database
Blast Radius: 56.0
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: numpy
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: almost 2 years ago
GSA_kwCzR0hTQS05ZnEyLXg5cjYtd2ZtZs4AAq9p
Numpy Deserialization of Untrusted DataEcosystems: pypi
Packages: numpy
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: kramdown
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1xbTItY2dwci1wNG02
Unintended read access in kramdown gemEcosystems: rubygems
Packages: kramdown
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: laravel/framework
Source: GitHub Advisory Database
Blast Radius: 55.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1wZmc0LXA0MzgtcDg3NM4AAUJH
Laravel Framework Deserialization VulnerabilityEcosystems: packagist
Packages: laravel/framework
Source: GitHub Advisory Database
Blast Radius: 55.6
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: swiftmailer/swiftmailer
Source: GitHub Advisory Database
Blast Radius: 55.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1wcjQ0LTRqZnItMjg2bc4AAYSU
Swift Mailer mail transport Command InjectionEcosystems: packagist
Packages: swiftmailer/swiftmailer
Source: GitHub Advisory Database
Blast Radius: 55.4
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: league/flysystem
Source: GitHub Advisory Database
Blast Radius: 55.4
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlmNDYtNXIyNS01d2Zt
Time-of-check Time-of-use (TOCTOU) Race Condition in league/flysystemEcosystems: packagist
Packages: league/flysystem
Source: GitHub Advisory Database
Blast Radius: 55.4
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: flat
Source: GitHub Advisory Database
Blast Radius: 55.3
Published: over 1 year ago
GSA_kwCzR0hTQS0yajJ4LTJncHctZzhmbc4AAwl4
flat vulnerable to Prototype PollutionEcosystems: npm
Packages: flat
Source: GitHub Advisory Database
Blast Radius: 55.3
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: plist
Source: GitHub Advisory Database
Blast Radius: 55.3
Published: about 2 years ago
GSA_kwCzR0hTQS00Y3BnLTN2Z3ctNDg3N80s1Q
Prototype pollution in Plist before 3.0.5 can cause denial of serviceEcosystems: npm
Packages: plist
Source: GitHub Advisory Database
Blast Radius: 55.3
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: atob
Source: GitHub Advisory Database
Blast Radius: 55.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh3NGgtM2NtMy0ycG0y
Out-of-bounds Read in atobEcosystems: npm
Packages: atob
Source: GitHub Advisory Database
Blast Radius: 55.2
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: @xmldom/xmldom, xmldom
Source: GitHub Advisory Database
Blast Radius: 55.2
Published: over 1 year ago
GSA_kwCzR0hTQS1jcmg2LWZwNjctNjg4M84AAvn0
xmldom allows multiple root nodes in a DOMEcosystems: npm
Packages: @xmldom/xmldom, xmldom
Source: GitHub Advisory Database
Blast Radius: 55.2
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 55.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd3dzItdjd4ai14cmM2
Exposure of Sensitive Information to an Unauthorized Actor in urllib3Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 55.1
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 54.9
Published: 9 months ago
GSA_kwCzR0hTQS02OHhnLWdxcW0tdmdqOM4AA1Yw
Puma HTTP Request/Response Smuggling vulnerabilityEcosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 54.9
Published: 9 months ago
Critical
Ecosystems: npm
Packages: protobufjs
Source: GitHub Advisory Database
Blast Radius: 54.7
Published: 10 months ago
GSA_kwCzR0hTQS1oNzU1LThxcDktY3E4Nc4AA0Nr
protobufjs Prototype Pollution vulnerabilityEcosystems: npm
Packages: protobufjs
Source: GitHub Advisory Database
Blast Radius: 54.7
Published: 10 months ago
Critical
Ecosystems: npm
Packages: simple-plist
Source: GitHub Advisory Database
Blast Radius: 54.0
Published: about 2 years ago
GSA_kwCzR0hTQS1nZmY3LWc1cjgtbWc4bc01GA
Prototype Pollution in simple-plistEcosystems: npm
Packages: simple-plist
Source: GitHub Advisory Database
Blast Radius: 54.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 53.9
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2ODctdnY5ai1oZ3Bo
Improper Input Validation in Automattic MongooseEcosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 53.9
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 53.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlteGYtZzN4Ni13djc0
Server-Side Request Forgery (SSRF) in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 53.9
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: gh-pages
Source: GitHub Advisory Database
Blast Radius: 53.7
Published: over 1 year ago
GSA_kwCzR0hTQS04bW1tLTl2MnEteDNmOc4AAvPk
tschaub gh-pages vulnerable to prototype pollutionEcosystems: npm
Packages: gh-pages
Source: GitHub Advisory Database
Blast Radius: 53.7
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: flatmap-stream, event-stream
Source: GitHub Advisory Database
Blast Radius: 53.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1oNmYtOGoyeC00NDgz
Critical severity vulnerability that affects event-stream and flatmap-streamEcosystems: npm
Packages: flatmap-stream, event-stream
Source: GitHub Advisory Database
Blast Radius: 53.7
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: node-ipc
Source: GitHub Advisory Database
Blast Radius: 53.6
Published: about 2 years ago
GSA_kwCzR0hTQS05N20zLXcyY3AtNHh4Ns0zNw
Embedded Malicious Code in node-ipcEcosystems: npm
Packages: node-ipc
Source: GitHub Advisory Database
Blast Radius: 53.6
Published: about 2 years ago
Critical
Ecosystems: rubygems
Packages: activestorage
Source: GitHub Advisory Database
Blast Radius: 53.5
Published: about 2 years ago
GSA_kwCzR0hTQS13NzQ5LXAzdjYtaGNjcc0wwQ
Possible code injection vulnerability in Rails / Active StorageEcosystems: rubygems
Packages: activestorage
Source: GitHub Advisory Database
Blast Radius: 53.5
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: decompress
Source: GitHub Advisory Database
Blast Radius: 53.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFnZnItNWhxcC12cnc5
Path Traversal in decompressEcosystems: npm
Packages: decompress
Source: GitHub Advisory Database
Blast Radius: 53.4
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: constantinople
Source: GitHub Advisory Database
Blast Radius: 53.3
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2bW0tbWhjcS00eDlq
Sandbox Bypass Leading to Arbitrary Code Execution in constantinopleEcosystems: npm
Packages: constantinople
Source: GitHub Advisory Database
Blast Radius: 53.3
Published: almost 5 years ago
Critical
Ecosystems: npm
Packages: pg
Source: GitHub Advisory Database
Blast Radius: 53.3
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdjOXYtbWo2My1tOWc1
Remote Code Execution in pgEcosystems: npm
Packages: pg
Source: GitHub Advisory Database
Blast Radius: 53.3
Published: almost 6 years ago
Critical
Ecosystems: maven
Packages: com.h2database:h2
Source: GitHub Advisory Database
Blast Radius: 53.2
Published: over 2 years ago
GSA_kwCzR0hTQS1oMzc2LWoyNjItdmhxNs0g_w
RCE in H2 ConsoleEcosystems: maven
Packages: com.h2database:h2
Source: GitHub Advisory Database
Blast Radius: 53.2
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: com.h2database:h2
Source: GitHub Advisory Database
Blast Radius: 53.2
Published: over 2 years ago
GSA_kwCzR0hTQS00NWh4LXdmaGotNDczeM0kjA
Arbitrary code execution in H2 ConsoleEcosystems: maven
Packages: com.h2database:h2
Source: GitHub Advisory Database
Blast Radius: 53.2
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: logkitty
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY4djgtNjg1OS1xeG00
Arbitrary shell command execution in logkittyEcosystems: npm
Packages: logkitty
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: sequelize, @sequelize/core
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
GSA_kwCzR0hTQS1mNTk4LW1mcHYtZ21meM4AAxzf
Sequelize - Default support for “raw attributes” when using parenthesesEcosystems: npm
Packages: sequelize, @sequelize/core
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
GSA_kwCzR0hTQS13cmg5LWNqdjMtMmhwd84AAxxu
Sequelize vulnerable to SQL Injection via replacementsEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: @sequelize/core, sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
GSA_kwCzR0hTQS12cWZ4LWdqOTYtM3c5Nc4AAxyK
Unsafe fall-through in getWhereConditionsEcosystems: npm
Packages: @sequelize/core, sequelize
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVwMzQtNW02cC1wNThn
jackson-databind mishandles the interaction between serialization gadgets and typingEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg4MjItcjRyNS12OGpn
Polymorphic Typing issue in FasterXML jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZmcHAtcmdqOS04cndj
Deserialization of untrusted data in FasterXML jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: almost 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1Y3ctaGo2NS1xcXY5
Polymorphic Typing issue in FasterXML jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY0NXAtODhxaC13Mzk4
Arbitrary Code Execution in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3ODItcjMyOS0zcTY3
Deserialization of Untrusted Data in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgydzUtNW0yZy03aDVt
XML External Entity Reference (XXE) in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFyN2otaDZnZy1qbWdj
Deserialization of Untrusted Data in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: almost 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF4eHgtMnBwNy01aG14
jackson-databind is vulnerable to a deserialization flawEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3dzctcDV3NC13cmZ2
Deserialization of Untrusted Data in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1OTItMzhjbS00Z2dw
jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code executionEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM4aG0tN2hwcS03amhn
com.fasterxml.jackson.core:jackson-databind vulnerable to Deserialization of Untrusted DataEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmeDYtdnA5Zy1yaDd2
jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist bypassEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZtbWMtNzQycS1qZzc1
jackson-databind polymorphic typing issueEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRncTUtY2g1Ny1jMm1n
Arbitrary Code Execution in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW14OXYtZ21oNC1tZ3F3
Deserialization of Untrusted Data in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA0M3gteGZqZi01amhy
jackson-databind mishandles the interaction between serialization gadgets and typingEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqbXctdmY5aC1nMjV2
jackson-databind polymorphic typing issueEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNnZ2otZnZ2My1jcXd2
FasterXML jackson-databind allows unauthenticated remote code executionEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5aHYtbWc1aC14Y3c5
Deserialization of Untrusted Data in jackson-databind due to polymorphic deserializationEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE5M2gtamM0OS03OGdn
jackson-databind mishandles the interaction between serialization gadgets and typingEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW14N3AtNjY3OS04ZzNx
Polymorphic Typing in FasterXML jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 4 years ago
Statistics
Advisories: 18,372
Packages: 8,294
Repositories: 1,289
Ecosystems: 12
Packages: 8,294
Repositories: 1,289
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
27
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
org.jenkins-ci.main:jenkins-core
18
net.mingsoft:ms-mcms
18
salt
16
moodle/moodle
15
com.liferay.portal:release.portal.bom
13
topthink/framework
13
langchain
12
org.apache.dubbo:dubbo
12
mlflow
12
com.liferay.portal:release.dxp.bom
12
drupal/core
12
magento/core
11
org.apache.struts:struts2-core
11
vm2
10
apache-airflow
10
phpmyadmin/phpmyadmin
9
funadmin/funadmin
9
org.xwiki.platform:xwiki-platform-oldcore
9
tensorflow
9
rdiffweb
8
org.jeecgframework.boot:jeecg-boot-common
8
tensorflow-gpu
8
tensorflow-cpu
8
shopware/platform
8
drupal/drupal
8
paddlepaddle
8
org.xwiki.platform:xwiki-platform-web-templates
8
rusqlite
7
org.xwiki.platform:xwiki-platform-administration-ui
7
froxlor/froxlor
7
studio-42/elfinder
7
sequelize
7
symfony/symfony
7
ansible
7
gogs.io/gogs
7
ezsystems/ezpublish-kernel
6
github.com/argoproj/argo-cd
6
aaptjs
6
thorsten/phpmyfaq
6
parse-server
6
github.com/answerdev/answer
6
org.apache.activemq:activemq-client
5
safe-eval
5
centreon/centreon
5
org.jenkins-ci.plugins:script-security
5
ckb
5
nodebb
5
django
5
org.xwiki.platform:xwiki-platform-web
5
mercurial
5
org.jeecgframework.boot:jeecg-boot-parent
5
shopware/core
5
zendframework/zendframework
5
steal
5
org.apache.inlong:manager-pojo
5
Pillow
5
org.apache.tomcat.embed:tomcat-embed-core
5
org.apache.shiro:shiro-core
5
org.xwiki.commons:xwiki-commons-xml
5
Microsoft.ChakraCore
5
pyload-ng
4
hermes-engine
4
nilsteampassnet/teampass
4
contao/core-bundle
4
org.apache.tapestry:tapestry-core
4
openssl-src
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
PaddlePaddle
4
github.com/hashicorp/vault
4
librenms/librenms
4
contao/contao
4
baserproject/basercms
4
realms-shim
4
spree_auth_devise
4
Django
4
nukeviet/nukeviet
4
org.cloudfoundry.identity:cloudfoundry-identity-server
4
code.gitea.io/gitea
4
org.jeecgframework.boot:jeecg-boot-base-core
4
feehi/cms
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
prestashop/prestashop
4
org.eclipse.jetty:jetty-server
4
org.apache.kylin:kylin-server-base
4
apache-airflow-providers-apache-hive
4
safer-eval
4
github.com/argoproj/argo-cd/v2
4
mautic/core
4
swagger-ui
4
calibreweb
4
smallvec
4
org.apache.inlong:manager-service
4
github.com/usememos/memos
4
messagepack-rs
4
org.apache.openmeetings:openmeetings-parent
4
net.opentsdb:opentsdb
4
lmdb
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
org.apache.inlong:manager-web
3
github.com/hashicorp/nomad
3
org.richfaces:richfaces-core
3
org.apache.storm:storm
3
org.apache.solr:solr-parent
3
org.xwiki.platform:xwiki-platform-search-ui
3
ro.pippo:pippo-core
3
symfony/security
3
org.xwiki.platform:xwiki-platform-icon-ui
3
showdoc/showdoc
3
symfony/security-core
3
pimcore/pimcore
3
com.alibaba:dubbo
3
@openzeppelin/contracts-upgradeable
3
modoboa
3
ezsystems/ezplatform-kernel
3
org.keycloak:keycloak-core
3
org.apache.logging.log4j:log4j-core
3
org.jenkins-ci.plugins:active-directory
3
org.apache.hadoop:hadoop-common
3
edu.stanford.nlp:stanford-corenlp
3
zendframework/zendframework1
3
nvflare
3
org.apache.ignite:ignite-core
3
com.hazelcast:hazelcast
3
codiad/codiad
3
slpjs
3
actix-web
3
ibexa/core
3
dompdf/dompdf
3
browserify-shim
3
mongoose
3
cobbler
3
codeigniter4/framework
3
github.com/dexidp/dex
3
org.springframework.security:spring-security-core
3
com.jflyfox:jflyfox_jfinal
3
rubygems-update
3
org.apache.any23:apache-any23
3
github.com/pterodactyl/wings
3
io.undertow:undertow-core
3
craftcms/cms
3
github.com/rancher/rancher
3
org.apache.jmeter:ApacheJMeter
3
org.apache.linkis:linkis
3
io.dataease:dataease-plugin-common
3
smarty/smarty
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
simplesamlphp/simplesamlphp
3
elefant/cms
3
jsrsasign
3
github.com/go-gitea/gitea
3
nokogiri
3
feathers-sequelize
3
org.apache.dolphinscheduler:dolphinscheduler
3
org.xwiki.platform:xwiki-platform-panels-ui
3
org.jeecgframework.boot:jeecg-boot-base
3
strapi
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
ray
3
francoisjacquet/rosariosis
3
tribalsystems/zenario
3
slp-validate
3
typo3/cms
3
log4j:log4j
3
id-map
3
xcb
3
impresscms/impresscms
3
phpmailer/phpmailer
3
publify_core
3
handlebars
3
facade/ignition
3
org.apache.solr:solr-core
3
org.apache.ozone:ozone-main
3
org.apache.derby:derby
2
github.com/sap/cloud-security-client-go
2
alextselegidis/easyappointments
2
github.com/russellhaering/gosaml2
2
tenvoy
2
ghost
2
llama-index
2
org.springframework.amqp:spring-amqp
2
org.apache.flume.flume-ng-sources:flume-jms-source
2
apache-superset
2
locutus
2
org.apache.commons:commons-configuration2
2
github.com/crewjam/saml
2
eslint-config-eslint
2
org.apache.shiro:shiro-web
2
mathjs
2
nadesiko3
2
org.apache.inlong:manager-dao
2
org.xwiki.platform:xwiki-platform-notifications-ui
2
traceroute
2
graphite-web
2
torchserve
2
com.hazelcast.jet:hazelcast-jet
2
org.xwiki.platform:xwiki-platform-attachment-ui
2
pidusage
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/saltstack/salt
14
https://github.com/apache/airflow
14
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/top-think/framework
9
https://github.com/funadmin/funadmin
9
https://github.com/tensorflow/tensorflow
9
https://github.com/apache/inlong
8
https://github.com/django/django
8
https://github.com/magento/magento2
8
https://github.com/ikus060/rdiffweb
8
https://github.com/langchain-ai/langchain
8
https://github.com/ansible/ansible
7
https://github.com/gogs/gogs
7
https://github.com/apache/struts
7
https://github.com/Studio-42/elFinder
7
https://github.com/argoproj/argo-cd
7
https://github.com/rusqlite/rusqlite
7
https://github.com/python-pillow/Pillow
7
https://github.com/sequelize/sequelize
7
https://github.com/go-gitea/gitea
7
https://github.com/parse-community/parse-server
6
https://github.com/answerdev/answer
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/shenzhim/aaptjs
6
https://github.com/shopware/platform
6
https://github.com/symfony/symfony
6
https://github.com/apache/tomcat
5
https://github.com/stealjs/steal
5
https://github.com/apache/activemq
5
https://github.com/nervosnetwork/ckb
5
https://github.com/NodeBB/NodeBB
5
https://github.com/moodle/moodle
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/froxlor/froxlor
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/keycloak/keycloak
5
https://github.com/dromara/hutool
4
https://github.com/dompdf/dompdf
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/pippo-java/pippo
4
https://github.com/janeczku/calibre-web
4
https://github.com/otake84/messagepack-rs
4
https://github.com/swagger-api/swagger-ui
4
https://github.com/contao/contao
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/PrestaShop/PrestaShop
4
https://github.com/CVEProject/cvelist
4
https://github.com/usememos/memos
4
https://github.com/liufee/cms
4
https://github.com/pyload/pyload
4
https://github.com/spring-projects/spring-framework
4
https://github.com/hwchase17/langchain
4
https://github.com/servo/rust-smallvec
4
https://github.com/cloudfoundry/uaa
4
https://github.com/neorazorx/facturascripts
3
https://github.com/github/securitylab
3
https://github.com/dexidp/dex
3
https://github.com/apache/shiro
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/baserproject/basercms
3
https://github.com/pterodactyl/wings
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/smarty-php/smarty
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/facade/ignition
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/rubygems/rubygems.org
3
https://github.com/facebook/hermes
3
https://github.com/mbechler/marshalsec
3
https://github.com/hazelcast/hazelcast
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/pimcore/pimcore
3
https://github.com/star7th/showdoc
3
https://github.com/rancher/rancher
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/publify/publify
3
https://github.com/dwisiswant0/advisory
3
https://github.com/centreon/centreon-archived
3
https://github.com/shopware/shopware
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/kjur/jsrsasign
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/apache/camel
3
https://github.com/octobercms/october
3
https://github.com/ibexa/core
3
https://github.com/denoland/deno
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/crewjam/saml
3
https://github.com/nukeviet/nukeviet
3
https://github.com/actix/actix-web
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/andrewhickman/id-map
3
https://github.com/modoboa/modoboa
3
https://github.com/twisted/twisted
3
https://github.com/craftcms/cms
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/rubygems/rubygems
3
https://github.com/rochacbruno/quokka
2
https://github.com/gventuri/pandas-ai
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/KnpLabs/snappy
2
https://github.com/gnzlbg/slice_deque
2
https://github.com/ADOdb/ADOdb
2
https://github.com/ionicabizau/parse-url
2
https://github.com/pytorch/serve
2
https://github.com/sidorares/node-mysql2
2
https://github.com/javamelody/javamelody
2
https://github.com/Netflix/security-bulletins
2
https://github.com/neo4j-contrib/neo4j-apoc-procedures
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/yaml/pyyaml
2
https://github.com/rust-lang-nursery/failure
2
https://github.com/josdejong/mathjs
2
https://github.com/apache/jmeter
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/google/flatbuffers
2
https://github.com/IceWhaleTech/CasaOS
2
https://github.com/scalyr/scalyr-agent-2
2
https://github.com/intelliants/subrion
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/laurent22/joplin
2
https://github.com/benbusby/whoogle-search
2
https://github.com/graphite-project/graphite-web
2
https://github.com/js-data/js-data
2
https://github.com/quarkusio/quarkus
2
https://github.com/dominictarr/event-stream
2
https://github.com/kubernetes/kubernetes
2
https://github.com/mautic/mautic
2
https://github.com/russellhaering/gosaml2
2
https://github.com/hashicorp/go-getter
2
https://github.com/jmrozanec/cron-utils
2
https://github.com/keystonejs/keystone
2
https://github.com/apache/kylin
2
https://github.com/rubyzip/rubyzip
2
https://github.com/waycrate/swhkd
2
https://github.com/ahdinosaur/set-in
2
https://github.com/h2database/h2database
2
https://github.com/rest-client/rest-client
2
https://github.com/TribalSystems/Zenario
2
https://github.com/jfinal/jfinal
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/Automattic/mongoose
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/codeigniter4/CodeIgniter4
2
https://github.com/netvl/acc_reader
2
https://github.com/nodejs/llhttp
2
https://github.com/sjep/array
2
https://github.com/apache/submarine
2
https://github.com/drupal/core
2
https://github.com/folio-org/mod-data-export-spring
2
https://github.com/top-think/thinkphp
2
https://github.com/getgrav/grav
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/SAP/cloud-pysec
2
https://github.com/nats-io/jwt
2
https://github.com/web2py/web2py
2
https://github.com/michaelschwarz/Ajax.NET-Professional
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/jenkinsci/script-security-plugin
2
https://github.com/qcubed/qcubed
2
https://github.com/puma/puma
2
https://github.com/reem/rust-traitobject
2
https://github.com/actix/actix-net
2
https://github.com/Agoric/realms-shim
2
https://github.com/gofiber/fiber
2
https://github.com/apache/incubator-streampark
2
https://github.com/git-lfs/git-lfs
2
https://github.com/noear/solon
2
https://github.com/hashicorp/vault
2
https://github.com/skoranga/node-dns-sync
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/simplesamlphp/simplesamlphp
2
https://github.com/rust-random/rand
2
https://github.com/evmos/evmos
2
https://github.com/grafana/grafana
2
https://github.com/OpenMage/magento-lts
2
https://github.com/MrSwitch/hello.js
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/Codiad/Codiad
2
https://github.com/moby/buildkit
2
https://github.com/soketi/soketi
2
https://github.com/vert-x3/vertx-web
2
https://github.com/dominictarr/libnested
2