Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Low Security Advisories
Loading...
Low
Ecosystems: npm
Packages: fastify-http-proxy
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM0cXItZ21yOS12MjN3
Prefix escapeEcosystems: npm
Packages: fastify-http-proxy
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 3 years ago
Low
Ecosystems: maven
Packages: io.swagger:swagger-codegen
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBjMjItM2c3Ni1nbTZq
Generator Web Application: Local Privilege Escalation Vulnerability via System Temp DirectoryEcosystems: maven
Packages: io.swagger:swagger-codegen
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: about 3 years ago
Low
Ecosystems: maven
Packages: org.mapfish.print:print-standalone, org.mapfish.print:print-servlet, org.mapfish.print:print-lib
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc1MzQtcTR4Zi1oNXYy
XSS in Mapfish Print relating to JSONP supportEcosystems: maven
Packages: org.mapfish.print:print-standalone, org.mapfish.print:print-servlet, org.mapfish.print:print-lib
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: almost 4 years ago
Low
Ecosystems: npm
Packages: vega
Source: GitHub Advisory Database
Blast Radius: 29.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIycWMtdzY0eC02ajU0
XSS in VegaEcosystems: npm
Packages: vega
Source: GitHub Advisory Database
Blast Radius: 29.7
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: prestashop/productcomments
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2NDQtNzY0Ny14Znc5
Blind SQL injection in PrestaShop productcomments moduleEcosystems: packagist
Packages: prestashop/productcomments
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: over 3 years ago
Low
Ecosystems: maven
Packages: org.opencastproject:opencast-common-jpa-impl
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzNjItbThmMi01eDdj
Password Hashing: Do not use MD5Ecosystems: maven
Packages: org.opencastproject:opencast-common-jpa-impl
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: over 4 years ago
Low
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3NDYtdzQ0bS0zanEz
Parse Server stores password in plain textEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ3NXEtajlwNC0zdnhn
Blog comment posting, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: over 3 years ago
Low
Ecosystems: npm
Packages: dojox
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNodzUtcTg1NS1nNmN3
Prototype Pollution in DojoxEcosystems: npm
Packages: dojox
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: about 4 years ago
Low
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3M3gtZjV3eC1meHB3
Cross Site Scripting and RCE in baserCMSEcosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: over 3 years ago
Low
Ecosystems: go
Packages: github.com/nats-io/nats-server/v2
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3ajUtM3ZmcS1xOTky
Import loops in account imports, nats-server DoSEcosystems: go
Packages: github.com/nats-io/nats-server/v2
Source: GitHub Advisory Database
Blast Radius: 33.0
Published: almost 3 years ago
Low
Ecosystems: pypi
Packages: tlslite-ng
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd2Y3YtODMycS1mamc3
RSA weakness in tslite-ngEcosystems: pypi
Packages: tlslite-ng
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: over 3 years ago
Low
Ecosystems: go
Packages: github.com/syncthing/syncthing
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg0NjItODlwZi02cjVo
Crash due to malformed relay protocol messageEcosystems: go
Packages: github.com/syncthing/syncthing
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: almost 3 years ago
Low
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdwd3ctNGpmNC00aHg4
Edit feed settings and others, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyM20tajZ4NS00OG0z
Cross Site Scripting(XSS) Vulnerability in Latest Release 4.3.6 Site basic settingsEcosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNweGMtNjdyYy1jNzc1
Cross Site Scripting in baserCMSEcosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 3 years ago
Low
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ2cnYtOTRqdi1jcnJn
Context isolation bypass via Promise in ElectronEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: almost 4 years ago
Low
Ecosystems: pypi
Packages: httplib2
Source: GitHub Advisory Database
Blast Radius: 31.9
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdnODQtcWd2OS13NHBx
CRLF injection in httplib2Ecosystems: pypi
Packages: httplib2
Source: GitHub Advisory Database
Blast Radius: 31.9
Published: almost 4 years ago
Low
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxdzUtcHFoYy14bTRn
Users with SCRIPT right can execute arbitrary code in XWikiEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: django-user-sessions
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmcTgtM3EyZi00bTVn
Session key exposure through session list in Django User SessionsEcosystems: pypi
Packages: django-user-sessions
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 4 years ago
Low
Ecosystems: pypi
Packages: pysaml2
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY0ZzktaDg5aC1qZ3Y5
SAML XML Signature wrapping in PySAML2Ecosystems: pypi
Packages: pysaml2
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: over 3 years ago
Low
Ecosystems: npm
Packages: auth0-lock
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZnZzMtcG1tNy05N3hj
DOM-based XSS in auth0-lockEcosystems: npm
Packages: auth0-lock
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: over 3 years ago
Low
Ecosystems: nuget
Packages: HtmlSanitizer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqOXYtaDJ2cC0yaGh2
XSS in HtmlSanitizerEcosystems: nuget
Packages: HtmlSanitizer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJyZnAtajJtcC1ocTlj
Segfault in `tf.quantization.quantize_and_dequantize`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 3 years ago
Low
Ecosystems: npm
Packages: @fast-csv/parse, fast-csv
Source: GitHub Advisory Database
Blast Radius: 23.1
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjdjUtcDkzNC0zaHdw
Denial of service in fast-csvEcosystems: npm
Packages: @fast-csv/parse, fast-csv
Source: GitHub Advisory Database
Blast Radius: 23.1
Published: over 3 years ago
Low
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU2cGMtNmpxcC14cWo4
Context isolation bypass in ElectronEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 27.8
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3ZzMtM2o1dy02NHc0
Exposure of Resource to Wrong Sphere and Insecure Temporary File in AnsibleEcosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 3 years ago
Low
Ecosystems: maven
Packages: io.ktor:ktor-server-cio, io.ktor:ktor-client-cio
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhycjktcmg4cC00MzN2
Request smuggling is possible when both chunked TE and content length specifiedEcosystems: maven
Packages: io.ktor:ktor-server-cio, io.ktor:ktor-client-cio
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: over 4 years ago
Low
Ecosystems: go
Packages: github.com/oauth2-proxy/oauth2-proxy, github.com/oauth2-proxy/oauth2-proxy/v7
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtZjItZjN3aC1ndmYy
Subdomain checking of whitelisted domains could allow unintended redirects in oauth2-proxyEcosystems: go
Packages: github.com/oauth2-proxy/oauth2-proxy, github.com/oauth2-proxy/oauth2-proxy/v7
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Low
Ecosystems: maven
Packages: org.apache.syncope.client:syncope-client-enduser
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZxajgtYzI3dy1ycDMz
Cross-site scripting in Apache Syncome EndUserEcosystems: maven
Packages: org.apache.syncope.client:syncope-client-enduser
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: over 2 years ago
Low
Ecosystems: maven
Packages: com.google.crypto.tink:tink
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc1dmYtdjZ3Zi03dzJy
Ciphertext Malleability Issue in Tink JavaEcosystems: maven
Packages: com.google.crypto.tink:tink
Source: GitHub Advisory Database
Blast Radius: 14.3
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: october/cms
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI4OXYtY2d2Ny0zamh4
Bypass of fix for CVE-2020-15247, Twig sandbox escapeEcosystems: packagist
Packages: october/cms
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: croogo/croogo
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpmdmYtcmZtcS1xd2Y4
Croos-site scripting in CroogoEcosystems: packagist
Packages: croogo/croogo
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: almost 3 years ago
Low
Ecosystems: maven
Packages: com.linecorp.armeria:armeria
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI0cjgtZm05ci1jcGoy
Low severity vulnerability that affects com.linecorp.armeria:armeriaEcosystems: maven
Packages: com.linecorp.armeria:armeria
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: over 4 years ago
Low
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZjZzgtOThxOC1nN21q
Exposure of Sensitive Information to an Unauthorized Actor and Insecure Temporary File in AnsibleEcosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: about 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEyNjMtZnZ4bS1tNW13
Heap out of bounds access in MakeEdge in TensorFlowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhodmMtZzVodi00OGM2
Write to immutable memory region in TensorFlowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02NDgtMzNxZi12M2dw
CHECK-fail in LSTM with zero-length input in TensorFlowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: sylius/sylius
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXByZzUtaGcyNS04Z3Jx
Ability to switch channels via GET parameter enabled in production environmentsEcosystems: packagist
Packages: sylius/sylius
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 4 years ago
Low
Ecosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZnYzYtbTM2NC04NXd3
Log injection in SimpleSAMLphpEcosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: over 4 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFoeHgtajczci1xcG0y
Uninitialized memory access in TensorFlowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5ZjMtOXdmci13Z2g3
Lack of validation in data format attributes in TensorFlowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: over 3 years ago
Low
Ecosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1qOXAtdjJyOC13Zjh3
Cross-site scripting in SimpleSAMLphpEcosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: over 4 years ago
Low
Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 2.4
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMzcDYtZng0Mi03cmY1
Harbor is vulnerable to a limited Server-Side Request Forgery (SSRF) (CVE-2020-13788)Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 2.4
Published: about 2 years ago
Low
Ecosystems: packagist
Packages: october/backend
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmamMteHJtZi01dnZ3
Privilege escalation by backend users assigned to the default "Publisher" system roleEcosystems: packagist
Packages: october/backend
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: over 3 years ago
Low
Ecosystems: nuget
Packages: Microsoft.Identity.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 21 days ago
GSA_kwCzR0hTQS14Njc0LXY0NWotZnd4d84AA7DY
MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of serviceEcosystems: nuget
Packages: Microsoft.Identity.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 21 days ago
Low
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: about 1 month ago
GSA_kwCzR0hTQS1tNHY4LXdxdnItcDlmN84AA6o1
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipelineEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: about 1 month ago
Low
Ecosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 19 days ago
GSA_kwCzR0hTQS02bTloLTJwcjItOWo4Zs4AA7Lw
1Panel's password verification is suspected to have a timing attack vulnerabilityEcosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 19 days ago
Low
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 7 months ago
GSA_kwCzR0hTQS13cXE0LTV3cHYtbXgyZ84AA2eY
Undici's cookie header not cleared on cross-origin redirect in fetchEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 7 months ago
Low
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 1 year ago
GSA_kwCzR0hTQS1jaDg5LTVnNDUtcXdjN84AAy_z
Undefined Behavior in Rust runtime functionsEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkyM3AtZnIyYy1nNW0y
Exposure of Sensitive Information to an Unauthorized Actor in AnsibleEcosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: about 3 years ago
Low
Ecosystems: pypi, maven
Packages: wiremock, com.github.tomakehurst:wiremock-jre8-standalone, com.github.tomakehurst:wiremock-jre8, org.wiremock:wiremock, org.wiremock:wiremock-standalone
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 8 months ago
GSA_kwCzR0hTQS1wbXhxLXBqNDctajhqNM4AA1xF
Domain restrictions bypass via DNS Rebinding in WireMock and WireMock Studio webhooks, proxy and recorder modesEcosystems: pypi, maven
Packages: wiremock, com.github.tomakehurst:wiremock-jre8-standalone, com.github.tomakehurst:wiremock-jre8, org.wiremock:wiremock, org.wiremock:wiremock-standalone
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 8 months ago
Low
Ecosystems: pypi
Packages: tqdm
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: 4 days ago
GSA_kwCzR0hTQS1nN3Z2LTJ2N3gtZ2o5cM4AA7v0
tqdm CLI arguments injection attackEcosystems: pypi
Packages: tqdm
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: 4 days ago
Low
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 3 months ago
GSA_kwCzR0hTQS0zNzg3LTZwcnYtaDl3M84AA5Vg
Undici proxy-authorization header not cleared on cross-origin redirect in fetchEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 3 months ago
Low
Ecosystems: npm
Packages: @diez/generation
Source: GitHub Advisory Database
Blast Radius: 3.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjM2YteDVmOS02aDYy
Command injection in @diez/generationEcosystems: npm
Packages: @diez/generation
Source: GitHub Advisory Database
Blast Radius: 3.9
Published: over 2 years ago
Low
Ecosystems: maven
Packages: org.scala-sbt:io_3, org.scala-sbt:io_2.13, org.scala-sbt:io_2.12, org.scala-sbt:sbt
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: 7 months ago
GSA_kwCzR0hTQS1oOW13LWdyZ3gtMmZoZs4AA2oM
sbt vulnerable to arbitrary file write via archive extraction (Zip Slip)Ecosystems: maven
Packages: org.scala-sbt:io_3, org.scala-sbt:io_2.13, org.scala-sbt:io_2.12, org.scala-sbt:sbt
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: 7 months ago
Low
Ecosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1mZ2pqLTVqbXItZ2g4M84AA2oR
Fides JavaScript Injection Vulnerability in Privacy Center URLEcosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Low
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-xml
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 10 months ago
GSA_kwCzR0hTQS01OHF3LXA3cW0tNXJ2aM4AA0ib
Eclipse Jetty XmlParser allows arbitrary DOCTYPE declarationsEcosystems: maven
Packages: org.eclipse.jetty:jetty-xml
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 10 months ago
Low
Ecosystems: cargo
Packages: cargo
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: over 1 year ago
GSA_kwCzR0hTQS1yZmoyLXEzaDMtaG01as4AAu1O
Cargo extracting malicious crates can corrupt arbitrary filesEcosystems: cargo
Packages: cargo
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: over 1 year ago
Low
Ecosystems: packagist
Packages: snipe/snipe-it
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS0yY3FnLXE3am0tajM1Y80XNw
snipe-it is vulnerable to Cross-site ScriptingEcosystems: packagist
Packages: snipe/snipe-it
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Low
Ecosystems: go
Packages: tailscale.com/cmd
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xY2NtLXdtY3EtcHdyNs4AAv_M
Tailscale daemon is vulnerable to information disclosure via CSRFEcosystems: go
Packages: tailscale.com/cmd
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: over 2 years ago
GSA_kwCzR0hTQS1tNDM0LW01cHYtcDM1d80mbQ
Insufficient user authorization in MoodleEcosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: over 2 years ago
Low
Ecosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1oMndnLTgzZmMteHZtOc4AAyMw
Answer vulnerable to Business Logic ErrorsEcosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.wildfly:wildfly-parent
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYyd3gtamo2Ni0yaHA3
Cross-site Scripting in WildflyEcosystems: maven
Packages: org.wildfly:wildfly-parent
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: almost 3 years ago
Low
Ecosystems: npm
Packages: limdu
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3cXYtZ2g2Zi1wZ2g0
Command Injection in LimduEcosystems: npm
Packages: limdu
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 4 years ago
Low
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 3 months ago
GSA_kwCzR0hTQS1oODRxLW04cnItM3Y5cc4AA4-6
wasmtime_trap_code C API function has out of bounds write vulnerabilityEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 3 months ago
Low
Ecosystems: go
Packages: github.com/hashicorp/vagrant
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS00N3h3LXZ3Nm0tdzlmcc4AA2wh
HashiCorp Vagrant Insecure Operation on Windows Junction / Mount Point vulnerabilityEcosystems: go
Packages: github.com/hashicorp/vagrant
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Low
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS05cm1mLTZxZ2otZzN3as4AA1Og
Froxlor vulnerable to business logic errorsEcosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Low
Ecosystems: packagist
Packages: gilacms/gila
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS00dmY2LTJybXgtZmdxeM4AA4KC
Gila CMS SQL Injection vulnerabilityEcosystems: packagist
Packages: gilacms/gila
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: phpmyfaq/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 1 month ago
GSA_kwCzR0hTQS1tbWg2LTVjcGYtMmM3Ms4AA6RR
phpMyFAQ Path Traversal in AttachmentsEcosystems: packagist
Packages: phpmyfaq/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 1 month ago
Low
Ecosystems: packagist
Packages: gilacms/gila
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS0zcGZqLWc0d3ItcWozas4AA4J-
Gila CMS SQL Injection vulnerabilityEcosystems: packagist
Packages: gilacms/gila
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Low
Ecosystems: go
Packages: github.com/tektoncd/pipeline
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 10 months ago
GSA_kwCzR0hTQS13MmgzLXZ2dnEtM201M84AA0fs
Pipelines do not validate child UIDsEcosystems: go
Packages: github.com/tektoncd/pipeline
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 10 months ago
Low
Ecosystems: cargo
Packages: quiche
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 2 months ago
GSA_kwCzR0hTQS14aGc5LXh3Y2gtdnI3eM4AA585
quiche vulnerable to unbounded storage of information related to connection ID retirementEcosystems: cargo
Packages: quiche
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: starlette
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 12 months ago
GSA_kwCzR0hTQS12NWd3LW13N2YtODRweM4AAzXu
Starlette has Path Traversal vulnerability in StaticFilesEcosystems: pypi
Packages: starlette
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 12 months ago
Low
Ecosystems: maven
Packages: io.jenkins:configuration-as-code
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1mcGo3LTl4bTYtOGhncs0ijQ
Observable Discrepancy and Observable Timing Discrepancy in Jenkins Configuration as Code PluginEcosystems: maven
Packages: io.jenkins:configuration-as-code
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Low
Ecosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1majY5LXA4ZjYtcTk3aM3txQ
Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten PasswordEcosystems: maven
Packages: org.cloudfoundry.identity:cloudfoundry-identity-server
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: almost 2 years ago
Low
Ecosystems: pypi
Packages: django-registration
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4YzctcHg1di04Mmho
Potential sensitive information disclosed in error reportsEcosystems: pypi
Packages: django-registration
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: about 3 years ago
Low
Ecosystems: npm
Packages: webpack-subresource-integrity
Source: GitHub Advisory Database
Blast Radius: 21.5
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRmYzQtY2hnNy1oOGdo
Unprotected dynamically loaded chunksEcosystems: npm
Packages: webpack-subresource-integrity
Source: GitHub Advisory Database
Blast Radius: 21.5
Published: over 3 years ago
Low
Ecosystems: maven
Packages: org.apache.activemq:activemq-parent, org.apache.activemq:activemq-openwire-generator
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: almost 2 years ago
GSA_kwCzR0hTQS03cW00LXAzNzctZnIycs3ypg
ActiveMQ's OpenWire protocol exposes certain system details as plain textEcosystems: maven
Packages: org.apache.activemq:activemq-parent, org.apache.activemq:activemq-openwire-generator
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: almost 2 years ago
Low
Ecosystems: pypi
Packages: salt
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: about 2 years ago
GSA_kwCzR0hTQS1jdmNjLTV4OTItZ21oY802tg
SaltStack Salt Improper Authentication via Man in the Middle AttackEcosystems: pypi
Packages: salt
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: about 2 years ago
Low
Ecosystems: packagist
Packages: october/backend
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNwYzItZm03cC1xMnZn
Cross-site Scripting in OctoberEcosystems: packagist
Packages: october/backend
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: almost 4 years ago
Low
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel, ezsystems/ezplatform-kernel
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: about 1 year ago
GSA_kwCzR0hTQS02Nm00LWdjOGgtaHBqeM4AAyDt
Timing attack in eZ Platform IbexaEcosystems: packagist
Packages: ezsystems/ezpublish-kernel, ezsystems/ezplatform-kernel
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: about 1 year ago
Low
Ecosystems: go
Packages: github.com/caddyserver/caddy
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1qZjJ3LW1xNnItNTZ2OM4AAUTk
Caddy allows enumeration of Certificates and HostnamesEcosystems: go
Packages: github.com/caddyserver/caddy
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: almost 2 years ago
Low
Ecosystems: pypi
Packages: configobj
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: about 1 year ago
GSA_kwCzR0hTQS1jMzN3LTI0cDktOG0yNM4AAygl
configobj ReDoS exploitable by developer using values in a server-side configuration fileEcosystems: pypi
Packages: configobj
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: over 1 year ago
GSA_kwCzR0hTQS00OXdtLTRmcDYtaDU5Y84AAu_E
OctoPrint vulnerable to Unrestricted Upload of File with Dangerous TypeEcosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: over 1 year ago
Low
Ecosystems: npm
Packages: jsx-slack
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: over 2 years ago
GSA_kwCzR0hTQS01NXh2LWY4NWMtMjQ4cc0c0w
Regular Expression Denial of Service (ReDoS) in jsx-slackEcosystems: npm
Packages: jsx-slack
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: over 2 years ago
Low
Ecosystems: npm
Packages: @aedart/support
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS13d3hoLTc0ZngtMzNjNs4AAzCl
Possible prototype pollution in metadata record, when using meta decoratorEcosystems: npm
Packages: @aedart/support
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4d3YtOTUzcC03cXBm
Phusion Passenger allows remote attackers to spoof headersEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: over 5 years ago
Low
Ecosystems: npm
Packages: google-translate-api-browser
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 5 months ago
GSA_kwCzR0hTQS00MjMzLTdxNXEtbTdwNs4AA3Yl
google-translate-api-browser Server-Side Request Forgery (SSRF) VulnerabilityEcosystems: npm
Packages: google-translate-api-browser
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 5 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 2 months ago
GSA_kwCzR0hTQS05cDhyLTR4cDQtZ3c1d84AA5gq
Vyper's `_abi_decode` vulnerable to Memory OverflowEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 2 months ago
Low
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core, org.apache.logging.log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ3cXEtNXZyYy14dzlo
Improper validation of certificate with host mismatch in Apache Log4j SMTP appenderEcosystems: maven
Packages: org.apache.logging.log4j:log4j-core, org.apache.logging.log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: almost 4 years ago
Low
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: almost 2 years ago
GSA_kwCzR0hTQS12NHc1LXAyaGctOGZoNs4AAcGU
Urllib3 Incorrect Certificate ValidationEcosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: almost 2 years ago
Low
Ecosystems: pypi
Packages: Zope
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 8 months ago
GSA_kwCzR0hTQS13bThxLTk5NzUteGg1ds4AA1_u
Zope vulnerable to Stored Cross Site Scripting with SVG imagesEcosystems: pypi
Packages: Zope
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 8 months ago
Low
Ecosystems: maven
Packages: struts:struts
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: about 2 years ago
GSA_kwCzR0hTQS1wM3Z3LWZ2d3gtcWN2Nc2A-g
Cross-site scripting in Apache StrutsEcosystems: maven
Packages: struts:struts
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: about 2 years ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 12 months ago
GSA_kwCzR0hTQS12eG1tLWN3aDItcTc2Ms4AAzbG
Vyper's nonpayable default functions are sometimes payableEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 12 months ago
Low
Ecosystems: packagist
Packages: typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: 10 months ago
GSA_kwCzR0hTQS1qcTZnLTR2NW0td205cs4AA04k
Information Disclosure due to Out-of-scope Site ResolutionEcosystems: packagist
Packages: typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: 10 months ago
Low
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE5Y3AtbWM5Ni1tNHcy
XML External Entity in Dashboard WidgetEcosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh3aGYtZzZqNS1qNWdj
Float cast overflow undefined behaviorEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: over 3 years ago
Low
Ecosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: over 2 years ago
GSA_kwCzR0hTQS00OHcyLXJtNjUtNjJ4eM0Whw
Puma with proxy which forwards LF characters as line endings could allow HTTP request smugglingEcosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: over 2 years ago
Low
Ecosystems: npm
Packages: braces
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5NWYtcDI5cS05eHc0
Regular Expression Denial of Service in bracesEcosystems: npm
Packages: braces
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: almost 5 years ago
Statistics
Advisories: 18,390
Packages: 8,299
Repositories: 438
Ecosystems: 12
Packages: 8,299
Repositories: 438
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
109
tensorflow-cpu
93
tensorflow-gpu
93
moodle/moodle
17
concrete5/concrete5
13
shopware/platform
12
typo3/cms
11
shopware/core
10
github.com/mattermost/mattermost/server/v8
10
phpmyadmin/phpmyadmin
10
org.jenkins-ci.main:jenkins-core
9
org.apache.tomcat:tomcat
9
matrix-synapse
7
vyper
7
Umbraco.CMS
6
puppet
6
helm.sh/helm/v3
5
october/backend
5
k8s.io/kubernetes
5
baserproject/basercms
5
ansible
5
wasmtime
5
sweetalert2
5
undici
5
rack
5
helm.sh/helm
4
com.vaadin:flow-server
4
github.com/cilium/cilium
4
org.keycloak:keycloak-services
4
actionpack
4
electron
4
magento/community-edition
4
typo3/cms-core
4
simplesamlphp/simplesamlphp
4
github.com/mattermost/mattermost-server/v6
4
shopware/shopware
4
@openzeppelin/contracts-upgradeable
3
org.apache.hive:hive-exec
3
org.apache.hive:hive-service
3
org.graylog2:graylog2-server
3
passenger
3
httplib2
3
bin-links
3
org.apache.hive:hive
3
wagtail
3
nautobot
3
plone
3
ckb
3
symfony/symfony
3
github.com/cosmos/cosmos-sdk
3
go.etcd.io/etcd
3
github.com/mattermost/mattermost-server
3
ethyca-fides
3
cryptography
3
node-forge
3
com.vaadin:vaadin-bom
3
org.jenkins-ci.plugins:ec2
2
pip
2
gilacms/gila
2
github.com/sigstore/cosign
2
typo3/cms-frontend
2
com.inedo.proget:inedo-proget
2
craftcms/cms
2
org.apache.activemq:activemq-parent
2
ceph-deploy
2
@apollo/server
2
salt
2
tools.devnull:build-notifications
2
@openzeppelin/contracts
2
github.com/opencontainers/runc
2
Django
2
silverstripe/framework
2
github.com/answerdev/answer
2
org.jenkins-ci.plugins:azure-ad
2
moin
2
org.jenkins-ci.plugins:bigpanda-jenkins
2
node-ipc
2
next-auth
2
github.com/authzed/spicedb
2
winter/wn-backend-module
2
braces
2
Flask-Security-Too
2
Pillow
2
tuf
2
django
2
org.eclipse.jetty:jetty-server
2
grumpydictator/firefly-iii
2
aiohttp
2
github.com/ntbosscher/gobase
2
typo3/cms-install
2
github.com/mutagen-io/mutagen
2
parse-server
2
org.jenkins-ci.plugins:wso2id-oauth
2
symfony/security-http
2
org.xwiki.platform:xwiki-platform-oldcore
2
go.etcd.io/etcd/client/v3
2
october/cms
2
activesupport
2
Flask-AppBuilder
2
org.jenkins-ci.plugins:repository-connector
2
s2n-quic
2
langchain
2
cargo
2
com.ruoyi:ruoyi
2
github.com/cometbft/cometbft
2
sylius/sylius
2
org.bouncycastle:bcprov-jdk14
2
org.jenkins-ci.plugins:mercurial
2
Zope
2
microweber/microweber
2
github.com/hashicorp/nomad
2
org.jenkins-ci.plugins:artifactory
2
OctoPrint
2
vantage6
2
ezsystems/ezplatform-kernel
2
ezsystems/ezpublish-kernel
2
flarum/core
2
github.com/mattermost/mattermost-plugin-jira
2
org.scala-sbt:io_2.12
1
org.scala-sbt:io_2.13
1
hyper
1
org.scala-sbt:io_3
1
org.jenkins-ci.plugins:snsnotify
1
io.swagger:swagger-codegen
1
org.xwiki.platform:xwiki-platform-security-authentication-script
1
io.quarkus.resteasy.reactive:resteasy-reactive-common
1
es5-ext
1
com.github.tomakehurst:wiremock-jre8
1
com.github.tomakehurst:wiremock-jre8-standalone
1
wiremock
1
github.com/nats-io/nats-server/v2
1
github.com/oauth2-proxy/oauth2-proxy/v7
1
github.com/oauth2-proxy/oauth2-proxy
1
org.wiremock:wiremock
1
horizon
1
org.wiremock:wiremock-standalone
1
@diez/generation
1
org.jenkins-ci.plugins:openshift-deployer
1
org.keycloak:keycloak-core
1
rabbit_common
1
@liquity/contracts
1
github.com/Masterminds/goutils
1
org.scala-sbt:sbt
1
io.jenkins.plugins:tuleap-oauth
1
net.sf.mpxj:mpxj
1
net.sf.mpxj
1
net.sf.mpxj-for-csharp
1
net.sf.mpxj-for-vb
1
mpxj
1
keylime
1
zerocopy
1
francoisjacquet/rosariosis
1
RPLY
1
seneca
1
hooka-tools
1
github.com/canonical/lxd
1
njwt
1
ascii-art
1
merge-objects
1
bigint-money
1
put
1
org.springframework.batch:spring-batch-core
1
org.jenkins-ci.plugins:ghprb
1
com.xuxueli:xxl-job-core
1
virtualenv
1
com.typesafe.play:play
1
ember-source
1
@aedart/support
1
streamlit
1
org.jenkins-ci.plugins:reverse-proxy-auth-plugin
1
flarum/framework
1
Werkzeug
1
django-basic-auth-ip-whitelist
1
qutebrowser
1
automad/automad
1
mindspore
1
go.elastic.co/apm
1
kafo
1
firebase-tools
1
plone.restapi
1
datasette-graphql
1
org.keycloak:keycloak-server-spi-private
1
spina
1
admidio/admidio
1
phpmyfaq/phpmyfaq
1
solidus_backend
1
debug
1
org.keycloak:keycloak-parent
1
org.xmlunit:xmlunit-core
1
github.com/consensys/gnark-crypto
1
github.com/tendermint/tendermint
1
github.com/aws/aws-sdk-go
1
github.com/goharbor/harbor
1
croogo/croogo
1
@floffah/build
1
ajenti
1
apostrophe
1
org.eclipse.jetty:jetty-openid
1
type-graphql
1
org.bouncycastle:bcprov-jdk18on
1
Filter by Repository
https://github.com/tensorflow/tensorflow
109
https://github.com/moodle/moodle
17
https://github.com/concretecms/concretecms
13
https://github.com/shopware/platform
12
https://github.com/etcd-io/etcd
8
https://github.com/umbraco/Umbraco-CMS
7
https://github.com/matrix-org/synapse
7
https://github.com/phpmyadmin/phpmyadmin
7
https://github.com/eclipse/jetty.project
7
https://github.com/vyperlang/vyper
7
https://github.com/octobercms/october
7
https://github.com/rails/rails
6
https://github.com/helm/helm
5
https://github.com/nodejs/undici
5
https://github.com/kubernetes/kubernetes
5
https://github.com/keycloak/keycloak
5
https://github.com/bytecodealliance/wasmtime
5
https://github.com/baserproject/basercms
5
https://github.com/ansible/ansible
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/xwiki/xwiki-platform
5
https://github.com/puppetlabs/puppet
5
https://github.com/rack/rack
5
https://github.com/jenkinsci/jenkins
5
https://github.com/cilium/cilium
4
https://github.com/electron/electron
4
https://github.com/simplesamlphp/simplesamlphp
4
https://github.com/TYPO3/typo3
4
https://github.com/apache/tomcat
4
https://github.com/wintercms/winter
4
https://github.com/mattermost/mattermost
4
https://github.com/vaadin/platform
4
https://github.com/shopware/shopware
4
https://github.com/nautobot/nautobot
3
https://github.com/Graylog2/graylog2-server
3
https://github.com/vaadin/flow
3
https://github.com/CVEProject/cvelist
3
https://github.com/pyca/cryptography
3
https://github.com/httplib2/httplib2
3
https://github.com/ethyca/fides
3
https://github.com/django/django
3
https://github.com/phusion/passenger
3
https://github.com/cosmos/cosmos-sdk
3
https://github.com/vantage6/vantage6
3
https://github.com/wagtail/wagtail
3
https://github.com/digitalbazaar/forge
3
https://github.com/symfony/symfony
3
https://github.com/nervosnetwork/ckb
3
https://github.com/mattermost/mattermost-plugin-jira
2
https://github.com/zopefoundation/Zope
2
https://github.com/craftcms/cms
2
https://github.com/ezsystems/ezplatform-kernel
2
https://github.com/jenkinsci/ec2-plugin
2
https://github.com/hashicorp/nomad
2
https://github.com/Flask-Middleware/flask-security
2
https://github.com/saltstack/salt
2
https://github.com/nextauthjs/next-auth
2
https://github.com/apollographql/apollo-server
2
https://github.com/apache/activemq
2
https://gitlab.com/sequoia-pgp/sequoia
2
https://github.com/rust-lang/cargo
2
https://github.com/flarum/framework
2
https://github.com/opencontainers/runc
2
https://github.com/opencontainers/distribution-spec
2
https://github.com/ntbosscher/gobase
2
https://github.com/ceph/ceph-deploy
2
https://github.com/RIAEvangelist/node-ipc
2
https://github.com/cometbft/cometbft
2
https://github.com/openstack/keystone
2
https://github.com/Sylius/Sylius
2
https://github.com/TYPO3/TYPO3.CMS
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/GilaCMS/gila
2
https://github.com/quarkusio/quarkus
2
https://github.com/mutagen-io/mutagen
2
https://github.com/answerdev/answer
2
https://github.com/aio-libs/aiohttp
2
https://github.com/authzed/spicedb
2
https://github.com/dpgaspar/Flask-AppBuilder
2
https://github.com/parse-community/parse-server
2
https://github.com/aws/s2n-quic
2
https://github.com/octoprint/octoprint
2
https://github.com/sigstore/cosign
2
https://github.com/microweber/microweber
2
https://github.com/theupdateframework/python-tuf
2
https://github.com/pypa/pip
2
https://github.com/micromatch/braces
2
https://github.com/firefly-iii/firefly-iii
2
https://github.com/Consensys/gnark-crypto
1
https://github.com/rrrodzilla/rusty_paseto
1
https://github.com/httpie/httpie
1
https://github.com/waysact/webpack-subresource-integrity
1
https://github.com/keystonejs/keystone
1
https://github.com/contao/contao
1
https://github.com/statamic/cms
1
https://github.com/aws/aws-encryption-sdk-cli
1
https://github.com/plone/Products.CMFPlone
1
https://github.com/jenkinsci/mercurial-plugin
1
https://github.com/canonical/lxd
1
https://github.com/fluent/fluentd
1
https://github.com/aws/aws-sdk-go
1
https://github.com/google/zerocopy
1
https://github.com/ezsystems/ezpublish-kernel
1
https://github.com/tinymce/tinymce
1
https://github.com/NVIDIA/NeMo
1
https://github.com/vapor/postgres-nio
1
https://github.com/jquery-validation/jquery-validation
1
https://github.com/personnummer/java
1
https://github.com/gsemac/Gsemac.Common
1
https://github.com/parallaxsecond/parsec
1
https://github.com/karmada-io/karmada
1
https://github.com/python-pillow/Pillow
1
https://github.com/bcgit/bc-java
1
https://github.com/tokio-rs/tokio
1
https://github.com/senchalabs/connect
1
https://github.com/personnummer/js
1
https://github.com/erelsgl/limdu
1
https://github.com/sbt/sbt
1
https://github.com/personnummer/rust
1
https://github.com/jenkinsci/snsnotify-plugin
1
https://github.com/jenkinsci/credentials-binding-plugin
1
https://github.com/apache/storm
1
https://github.com/personnummer/python
1
https://github.com/authelia/authelia
1
https://github.com/rest-client/rest-client
1
https://github.com/IlicMiljan/Secure-Props
1
https://github.com/jenkinsci/backlog-plugin
1
https://github.com/PHPMailer/PHPMailer
1
https://github.com/personnummer/csharp
1
https://github.com/silverstripe/silverstripe-framework
1
https://github.com/openjdk/jfx
1
https://github.com/livehelperchat/livehelperchat
1
https://github.com/CosmWasm/cosmwasm
1
https://github.com/cjvnjde/google-translate-api-browser
1
https://github.com/actions/toolkit
1
https://github.com/zowe/imperative
1
https://github.com/ESAPI/esapi-java-legacy
1
https://github.com/jenkinsci/digitalocean-plugin
1
https://github.com/theupdateframework/go-tuf
1
https://github.com/croogo/croogo
1
https://github.com/moov-io/customers
1
https://github.com/ain/smartbanner.js
1
https://github.com/derbyjs/derby
1
https://github.com/puma/puma
1
https://github.com/endojs/endo
1
https://github.com/moq/moq
1
https://github.com/rails/globalid
1
https://github.com/medikoo/es5-ext
1
https://github.com/wiremock/wiremock
1
https://github.com/jenkinsci/email-ext-plugin
1
https://github.com/python-imaging/Pillow
1
https://github.com/jenkinsci/qmetry-for-jira-test-management-plugin
1
https://github.com/Azure/setup-kubectl
1
https://github.com/swagger-api/swagger-codegen
1
https://github.com/knative-extensions/eventing-github
1
https://github.com/dojo/dijit
1
https://github.com/jcubic/jquery.terminal
1
https://github.com/joeferner/redis-commander
1
https://github.com/fastify/fastify-http-proxy
1
https://github.com/brefphp/bref
1
https://github.com/electron-userland/electron-packager
1
https://github.com/ktorio/ktor
1
https://github.com/PrestaShop/productcomments
1
https://github.com/mlflow/mlflow
1
https://github.com/kopia/kopia
1
https://github.com/floriangaerber/Magnesium-PHP
1
https://github.com/lexik/LexikJWTAuthenticationBundle
1
https://github.com/kitabisa/teler
1
https://github.com/firebase/firebase-tools
1
https://github.com/jeremylong/DependencyCheck
1
https://github.com/tauri-apps/tauri
1
https://github.com/node-red/node-red
1
https://github.com/ubernostrum/django-registration
1
https://github.com/oauth2-proxy/oauth2-proxy
1
https://github.com/octokit/octokit.rb
1
https://github.com/jenkinsci/inedo-buildmaster-plugin
1
https://github.com/onionshare/onionshare
1
https://github.com/sparklemotion/sqlite3-ruby
1
https://github.com/memorysafety/sudo-rs
1
https://github.com/ericcornelissen/shescape
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/aws/aws-dynamodb-encryption-java
1
https://github.com/tailscale/tailscale
1
https://github.com/Nebulosus/shamir
1
https://github.com/RhinoSecurityLabs/CVEs
1
https://github.com/jenkinsci/support-core-plugin
1
https://github.com/ajenti/ajenti
1
https://github.com/xuxueli/xxl-job
1
https://github.com/yourls/yourls
1
https://github.com/bbatsov/rubocop
1
https://github.com/dan1hc/fgr
1
https://github.com/slsa-framework/slsa-verifier
1
https://github.com/jenkinsci/github-plugin
1
https://github.com/newcontext-oss/kitchen-terraform
1
https://github.com/kiwitcms/Kiwi
1
https://github.com/horazont/xmpp-http-upload
1
https://github.com/jenkinsci/git-client-plugin
1
https://github.com/personnummer/go
1
https://github.com/amundsen-io/amundsenfrontendlibrary
1