Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Low Security Advisories
Browse all Security Advisories for Low
Loading...
Low
Ecosystems: packagist
Packages: mautic/core-lib, mautic/core
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: 2 days ago
GSA_kwCzR0hTQS14djY4LXJybXctOXh3Zs4AA_rg
Mautic vulnerable to Cross-site Scripting (XSS) - stored (edit form HTML field)Ecosystems: packagist
Packages: mautic/core-lib, mautic/core
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: 2 days ago
Low
Ecosystems: go
Packages: github.com/coredns/coredns
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 2 days ago
GSA_kwCzR0hTQS1oOTJxLWZncHAtcWhycc4AA_rV
CoreDNS Cache Poisoning via a birthday attackEcosystems: go
Packages: github.com/coredns/coredns
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 2 days ago
Low
Ecosystems: go
Packages: github.com/authzed/spicedb
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 2 days ago
GSA_kwCzR0hTQS1qaGc2LTZxcngtMzhtcs4AA_rH
SpiceDB having multiple caveats on resources of the same type may improperly result in no permissionEcosystems: go
Packages: github.com/authzed/spicedb
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 2 days ago
Low
Ecosystems: maven
Packages: org.apache.druid.extensions:druid-pac4j
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 days ago
GSA_kwCzR0hTQS1wNzJ3LXI2ZnYtNmc1aM4AA_m_
druid-pac4j, Apache Druid extension, has Padding Oracle vulnerabilityEcosystems: maven
Packages: org.apache.druid.extensions:druid-pac4j
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 days ago
Low
Ecosystems: maven
Packages: org.apache.druid:druid
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 days ago
GSA_kwCzR0hTQS1qaDY2LTM1NDUtdnBtN84AA_nI
Apache Druid: Users can provide MySQL JDBC properties not on allow listEcosystems: maven
Packages: org.apache.druid:druid
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 days ago
Low
Ecosystems: cargo
Packages: lexical-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 days ago
GSA_kwCzR0hTQS0yMzI2LXBmcGotdngzaM4AA_kC
lexical-core has multiple soundness issuesEcosystems: cargo
Packages: lexical-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 days ago
Low
Ecosystems: npm
Packages: mattermost-desktop
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 days ago
GSA_kwCzR0hTQS01Nzc3LXJjamotOXAyMs4AA_j9
Mattermost Desktop App fails to safeguard screen capture functionalityEcosystems: npm
Packages: mattermost-desktop
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 days ago
Low
Ecosystems: npm
Packages: mattermost-desktop
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 days ago
GSA_kwCzR0hTQS14Z3E5LTdndzYtanI1cs4AA_j6
Mattermost Desktop App fails to sufficiently configure Electron FusesEcosystems: npm
Packages: mattermost-desktop
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 days ago
Low
Ecosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 22.8
Published: 11 days ago
GSA_kwCzR0hTQS1tcW05LWM5NWgteDJwNs4AA_YR
AngularJS allows attackers to bypass common image source restrictionsEcosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 22.8
Published: 11 days ago
Low
Ecosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 22.8
Published: 11 days ago
GSA_kwCzR0hTQS1tOWdmLTM5N3ItaHdwZ84AA_YN
AngularJS allows attackers to bypass common image source restrictionsEcosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 22.8
Published: 11 days ago
Low
Ecosystems: go
Packages: github.com/sigstore/sigstore-go
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 16 days ago
GSA_kwCzR0hTQS1jcTM4LWpoNWYtMzdtcc4AA_TY
sigstore-go has an unbounded loop over untrusted input can lead to endless data attackEcosystems: go
Packages: github.com/sigstore/sigstore-go
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 16 days ago
Low
Ecosystems: pypi
Packages: flask-appbuilder
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: 16 days ago
GSA_kwCzR0hTQS1mdzVyLTZtM3gtcmg3cM4AA_TB
Flask-AppBuilder's login form allows browser to cache sensitive fieldsEcosystems: pypi
Packages: flask-appbuilder
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: 16 days ago
Low
Ecosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 16 days ago
GSA_kwCzR0hTQS0yaDQ2LThnZjUtZm14ds4AA_S_
Timing-Based Username Enumeration Vulnerability in Fides Webserver AuthenticationEcosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 16 days ago
Low
Ecosystems: cargo
Packages: gix-path
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: 17 days ago
GSA_kwCzR0hTQS12MjZyLTRjOWMtaDNqNs4AA_QH
gix-path uses local config across repos when it is the highest scopeEcosystems: cargo
Packages: gix-path
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: 17 days ago
Low
Ecosystems: go
Packages: github.com/opencontainers/runc
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: 17 days ago
GSA_kwCzR0hTQS1qZnZwLTd4NnAtaDJwds4AA_QD
runc can be confused to create empty files/directories on the hostEcosystems: go
Packages: github.com/opencontainers/runc
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: 17 days ago
Low
Ecosystems: pypi
Packages: lti-consumer-xblock
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: 21 days ago
GSA_kwCzR0hTQS03ajlwLTY3bW0tNWc4N84AA_D0
LTI 1.3 Grade Pass Back Implementation has Missing Authorization VulnerabilityEcosystems: pypi
Packages: lti-consumer-xblock
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: 21 days ago
Low
Ecosystems: pypi
Packages: freewvs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 21 days ago
GSA_kwCzR0hTQS05Y2Z2LTk0NjMtOGdxds4AA_Dy
freewvs vulnerable to denial of service through large filesEcosystems: pypi
Packages: freewvs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 21 days ago
Low
Ecosystems: pypi
Packages: freewvs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 21 days ago
GSA_kwCzR0hTQS03cG1oLXZyd3ctMjV4eM4AA_Dx
freewvs's nested directory structure can interrupt scanEcosystems: pypi
Packages: freewvs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 21 days ago
Low
Ecosystems: go
Packages: github.com/hwameistor/hwameistor
Source: GitHub Advisory Database
Blast Radius: 0.7
Published: 22 days ago
GSA_kwCzR0hTQS1tZ3dyLWg3bXYtZmgyOc4AA_B2
Hwameistor Potential Permission Leakage of Cluster LevelEcosystems: go
Packages: github.com/hwameistor/hwameistor
Source: GitHub Advisory Database
Blast Radius: 0.7
Published: 22 days ago
Low
Ecosystems: packagist
Packages: drupal/core, drupal/core-recommended, drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 23 days ago
GSA_kwCzR0hTQS1tZzhqLXc5M3cteGpnY84AA_BD
Drupal Full Path DisclosureEcosystems: packagist
Packages: drupal/core, drupal/core-recommended, drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 23 days ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 29 days ago
GSA_kwCzR0hTQS0zajk1LThnNDctZnB3aM4AA-4h
Mattermost allows team admin user without "Add Team Members" permission to disable invite URLEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 29 days ago
Low
Ecosystems: cargo
Packages: gitoxide-core, gitoxide
Source: GitHub Advisory Database
Blast Radius: 0.8
Published: 29 days ago
GSA_kwCzR0hTQS04OGcyLXI5cnctZzU1aM4AA-4b
gitoxide-core does not neutralize special characters for terminalsEcosystems: cargo
Packages: gitoxide-core, gitoxide
Source: GitHub Advisory Database
Blast Radius: 0.8
Published: 29 days ago
Low
Ecosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: about 1 month ago
GSA_kwCzR0hTQS02djk2LW0yNHYtZjU4as4AA-1-
CKEditor4 low-risk cross-site scripting (XSS) vulnerability linked to potential domain takeoverEcosystems: npm
Packages: ckeditor4
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: about 1 month ago
Low
Ecosystems: go
Packages: github.com/trufflesecurity/trufflehog/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS0zcjc0LXY4M3AtZjRmNM4AA-xT
Trufflehog vulnerable to Blind SSRF in some DetectorsEcosystems: go
Packages: github.com/trufflesecurity/trufflehog/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Low
Ecosystems: maven
Packages: org.silverpeas.core:silverpeas-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS1oNmpxLXc0MzItajI2d84AA-ty
Silverpeas vulnerable to password complexity rule bypassEcosystems: maven
Packages: org.silverpeas.core:silverpeas-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: about 1 month ago
GSA_kwCzR0hTQS1jNDd3LTltY2Ytdzk3Ms4AA-hx
Concrete CMS vulnerable to Stored Cross-site ScriptingEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: about 1 month ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: about 1 month ago
GSA_kwCzR0hTQS1xNXd4LW05NXItNGNnY84AA-iF
Concrete CMS Stored Cross-site Scripting vulnerabilityEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: about 1 month ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: about 1 month ago
GSA_kwCzR0hTQS13Nmo2LXc2angtdmYycs4AA-gS
Concrete CMS Stored XSS in getAttributeSetNameEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: about 1 month ago
Low
Ecosystems: go
Packages: github.com/CosmWasm/wasmd
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: about 1 month ago
GSA_kwCzR0hTQS1tM3JoLWN2cjUteDZxNM4AA-gF
CosmWasm wasmd has large address count in ValidateBasicEcosystems: go
Packages: github.com/CosmWasm/wasmd
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: about 1 month ago
Low
Ecosystems: go
Packages: github.com/owncast/owncast
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS05MzU1LTI3bTgtaDc0ds4AA-Yv
Owncast Path Traversal vulnerabilityEcosystems: go
Packages: github.com/owncast/owncast
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: packagist
Packages: ipl/web
Source: GitHub Advisory Database
Blast Radius: 2.4
Published: about 2 months ago
GSA_kwCzR0hTQS13OXBnLTdjM2gtZmM4as4AA-Xn
ipl/web's `ipl\Web\Common\CsrfCounterMeasure` is susceptible to CSRFEcosystems: packagist
Packages: ipl/web
Source: GitHub Advisory Database
Blast Radius: 2.4
Published: about 2 months ago
Low
Ecosystems: npm
Packages: elliptic
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: about 2 months ago
GSA_kwCzR0hTQS05Nzd4LWc3aDUtN3Fnd84AA-Vv
Elliptic's ECDSA missing check for whether leading bit of r and s is zeroEcosystems: npm
Packages: elliptic
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: about 2 months ago
Low
Ecosystems: npm
Packages: elliptic
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: about 2 months ago
GSA_kwCzR0hTQS1mN3E0LXB3YzYtdzI0cM4AA-Vu
Elliptic's EDDSA missing signature length checkEcosystems: npm
Packages: elliptic
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: about 2 months ago
Low
Ecosystems: npm
Packages: elliptic
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: about 2 months ago
GSA_kwCzR0hTQS00OXE3LWM3ajQtM3A3bc4AA-Vw
Elliptic allows BER-encoded signaturesEcosystems: npm
Packages: elliptic
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: about 2 months ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 2 months ago
GSA_kwCzR0hTQS0zY3BmLWptbWMtOGptM84AA-Us
Concrete CMS vulnerable to Stored Cross-site ScriptingEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 2 months ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS12dnBnLTU1cDctNWg4d84AA-UY
Mattermost did not properly restrict channel creationEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS05ZnB3LWM5eDctY3Yzas4AA-Ua
Mattermost allows remote actor to set arbitrary RemoteId values for synced usersEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1qcTNnLXhxcHgtMzd4M84AA-UR
Mattermost failed to properly validate synced reactionsEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: cargo
Packages: biscuit-auth
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 2 months ago
GSA_kwCzR0hTQS1wOXc0LTU4NWgtZzNjN84AA-TH
biscuit-auth vulnerable to public key confusion in third party blockEcosystems: cargo
Packages: biscuit-auth
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 2 months ago
Low
Ecosystems: maven
Packages: org.biscuitsec:biscuit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS01aGNqLXJ3bTYteG13NM4AA-TA
biscuit-java vulnerable to public key confusion in third party blockEcosystems: maven
Packages: org.biscuitsec:biscuit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Low
Ecosystems: npm
Packages: @fuel-ts/account
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS0zamNnLXZ4N2YtajZxZs4AA-RP
The fuels-ts typescript SDK has no awareness of to-be-spent transactionsEcosystems: npm
Packages: @fuel-ts/account
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Low
Ecosystems: cargo
Packages: xmp_toolkit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS02NmZ3LTQzaDgtZjhwM84AA-I3
XMP Toolkit's `XmpFile::close` can trigger undefined behaviorEcosystems: cargo
Packages: xmp_toolkit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: cargo
Packages: gix-attributes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1jeDdoLWg4N3ItanBncs4AA-Hz
The kstring integration in gix-attributes is unsoundEcosystems: cargo
Packages: gix-attributes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: anki
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: 2 months ago
GSA_kwCzR0hTQS1xNDdwLXY1cnctdjU3NM4AA-FC
Ankitects Anki LaTeX Blocklist Bypass vulnerabilityEcosystems: pypi
Packages: anki
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: 2 months ago
Low
Ecosystems: pypi
Packages: puncia
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
GSA_kwCzR0hTQS1yd2NqLTdqanAtNHczOM4AA-A0
[PUNCIA] [CWE-319] Cleartext Transmission of Sensitive Information via HTTP urls in `API_URLS`Ecosystems: pypi
Packages: puncia
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Low
Ecosystems: maven
Packages: org.apache.cxf:cxf-rt-transports-http
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: 2 months ago
GSA_kwCzR0hTQS00bWdnLWZxZnEtNjRoZ84AA-AU
Apache CXF allows unrestricted memory consumption in CXF HTTP clientsEcosystems: maven
Packages: org.apache.cxf:cxf-rt-transports-http
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: 2 months ago
Low
Ecosystems: pypi
Packages: sentry-sdk
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: 2 months ago
GSA_kwCzR0hTQS1nOTJqLXFobWgtNjR2Ms4AA9_r
Sentry's Python SDK unintentionally exposes environment variables to subprocessesEcosystems: pypi
Packages: sentry-sdk
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: 2 months ago
Low
Ecosystems: cargo
Packages: vodozemac
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: 2 months ago
GSA_kwCzR0hTQS1qOGNtLWc3cjYtaGZwcc4AA9-3
vodozemac's usage of non-constant time base64 decoder could lead to leakage of secret key materialEcosystems: cargo
Packages: vodozemac
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: 2 months ago
Low
Ecosystems: nuget
Packages: Steeltoe.Discovery.ClientAutofac, Steeltoe.Discovery.ClientCore, Steeltoe.Discovery.EurekaBase, Steeltoe.Discovery.Eureka
Source: GitHub Advisory Database
Blast Radius: 0.8
Published: 2 months ago
GSA_kwCzR0hTQS12bWNwLTY2cjUtM3BjcM4AA9-0
Steeltoe Leaks Basic Auth Credentials to Logs After Fetch Registry ErrorEcosystems: nuget
Packages: Steeltoe.Discovery.ClientAutofac, Steeltoe.Discovery.ClientCore, Steeltoe.Discovery.EurekaBase, Steeltoe.Discovery.Eureka
Source: GitHub Advisory Database
Blast Radius: 0.8
Published: 2 months ago
Low
Ecosystems: cargo
Packages: risc0-zkvm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS01eGdqLXBtamotZ3c0Oc4AA95u
RISC Zero zkVM notes on zero-knowledgeEcosystems: cargo
Packages: risc0-zkvm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Low
Ecosystems: npm
Packages: @jmondi/url-to-png
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
GSA_kwCzR0hTQS0zNDJxLTJtYzItNWdtcM4AA95a
@jmondi/url-to-png enables capture screenshot of localhost web services (unauthenticated pages)Ecosystems: npm
Packages: @jmondi/url-to-png
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Low
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: 2 months ago
GSA_kwCzR0hTQS0zZzkyLXc4YzUtNzNwcc4AA9rQ
Undici vulnerable to data leak when using response.arrayBuffer()Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: 2 months ago
Low
Ecosystems: pypi
Packages: yt-dlp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS0zdjMzLTN3bXctMzc4Nc4AA9n3
yt-dlp has dependency on potentially malicious third-party code in Douyu extractorsEcosystems: pypi
Packages: yt-dlp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Low
Ecosystems: go
Packages: google.golang.org/grpc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS14cjdxLWp4NG0teDU1bc4AA9m4
Private tokens could appear in logs if context containing gRPC metadata is logged in github.com/grpc/grpc-goEcosystems: go
Packages: google.golang.org/grpc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: pypi
Packages: certifi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS0yNDh2LTM0NnctOWN3Y84AA9m3
Certifi removes GLOBALTRUST root certificateEcosystems: pypi
Packages: certifi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: packagist
Packages: aimeos/ai-admin-graphql
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: 3 months ago
GSA_kwCzR0hTQS1qajY4LWNwNHYtOThxZs4AA9d2
aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own servicesEcosystems: packagist
Packages: aimeos/ai-admin-graphql
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: 3 months ago
Low
Ecosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS1jdnc0LWM2OWctN3Y3bc4AA9d0
Inclusion of Untrusted polyfill.io Code Vulnerability in fides.jsEcosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Low
Ecosystems: cargo
Packages: sequoia-openpgp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS05MzQ0LXA4NDctcW01Y84AA9Xy
Low severity (DoS) vulnerability in sequoia-openpgpEcosystems: cargo
Packages: sequoia-openpgp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:structs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS14ZngzLWNyNzQteDNjds4AA9Xv
Exposure of secrets through system log in Jenkins Structs PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:structs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Low
Ecosystems: packagist
Packages: october/system
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 3 months ago
GSA_kwCzR0hTQS12MnZmLWp2ODgtM2ZwNc4AA9Xp
October System module has an Open Redirect for Administrator AccountsEcosystems: packagist
Packages: october/system
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 3 months ago
Low
Ecosystems: packagist
Packages: october/system
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: 3 months ago
GSA_kwCzR0hTQS1yanc4LXY3cnItcjU2M84AA9Xl
October System module has a Reflected XSS via X-October-Request-Handler HeaderEcosystems: packagist
Packages: october/system
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: 3 months ago
Low
Ecosystems: maven
Packages: org.dspace:dspace-server-webapp
Source: GitHub Advisory Database
Blast Radius: 3.9
Published: 3 months ago
GSA_kwCzR0hTQS05NGNjLXhqeHItcHd2Zs4AA9WR
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML documentEcosystems: maven
Packages: org.dspace:dspace-server-webapp
Source: GitHub Advisory Database
Blast Radius: 3.9
Published: 3 months ago
Low
Ecosystems: maven
Packages: org.keycloak:keycloak-ldap-federation
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 3 months ago
GSA_kwCzR0hTQS1jMjVoLWMyN3EtNXFwds4AA9SS
Keycloak leaks configured LDAP bind credentials through the Keycloak admin consoleEcosystems: maven
Packages: org.keycloak:keycloak-ldap-federation
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 3 months ago
Low
Ecosystems: go
Packages: github.com/authzed/spicedb
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 3 months ago
GSA_kwCzR0hTQS1ncmp2LWdqZ3ItNjZnMs4AA9Px
SpiceDB exclusions can result in no permission returned when permission expectedEcosystems: go
Packages: github.com/authzed/spicedb
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 3 months ago
Low
Ecosystems: npm
Packages: mattermost-desktop
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS14Z3FtLXdwN3ctbWdnMs4AA9GA
Mattermost Desktop App allows for bypassing TCC restrictions on macOSEcosystems: npm
Packages: mattermost-desktop
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS05eHBqLTYybW0tMjRoMs4AA9GF
Apache Airflow does not return the "Cache-Control" header for dynamic contentEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 3 months ago
GSA_kwCzR0hTQS0zMmNqLTV3eDQtZ3E4cM4AA8_N
HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience ClaimsEcosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 3 months ago
Low
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 3 months ago
GSA_kwCzR0hTQS1jcTQyLXZodjcteHI3cM4AA8_H
Keycloak Denial of Service via account lockoutEcosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 3 months ago
Low
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 3 months ago
GSA_kwCzR0hTQS00dmM4LXBnNWMtdmc0eM4AA8_G
Keycloak's improper input validation allows using email as usernameEcosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 3 months ago
Low
Ecosystems: npm
Packages: @strapi/plugin-content-manager
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: 3 months ago
GSA_kwCzR0hTQS02ajg5LWZyeGMtcTI2bc4AA8_C
@strapi/plugin-content-manager leaks data via relations via the Admin PanelEcosystems: npm
Packages: @strapi/plugin-content-manager
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: 3 months ago
Low
Ecosystems: go
Packages: github.com/docker/docker
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 3 months ago
GSA_kwCzR0hTQS12OTk0LWY4dnctZzdqNM4AA84U
`docker cp` allows unexpected chmod of host files in Moby Docker EngineEcosystems: go
Packages: github.com/docker/docker
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 3 months ago
Low
Ecosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: 3 months ago
GSA_kwCzR0hTQS05OWhtLTg2aDctZ3IzZ84AA81n
zenml-io/zenml does not expire the session after password resetEcosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: 3 months ago
Low
Ecosystems: cargo
Packages: wasmer
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: 4 months ago
GSA_kwCzR0hTQS01NWYzLTNxdmctOHB2Nc4AA8zV
Symlink bypasses filesystem sandboxEcosystems: cargo
Packages: wasmer
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: 4 months ago
Low
Ecosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: 4 months ago
GSA_kwCzR0hTQS12d2dmLTdmOWgtaDQ5Oc4AA8w7
Cross site scripting in zenmlEcosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: 4 months ago
Low
Ecosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: 4 months ago
GSA_kwCzR0hTQS1jNTQ2LThqbXEtaHByas4AA8w2
Race condition in zenmlEcosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: 4 months ago
Low
Ecosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: 4 months ago
GSA_kwCzR0hTQS1qNTI3LXY1NzktbTk4aM4AA8xd
Improper authentication in zenmlEcosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: 4 months ago
Low
Ecosystems: go
Packages: github.com/evmos/evmos/v6, github.com/evmos/evmos/v7, github.com/evmos/evmos/v8, github.com/evmos/evmos/v9, github.com/evmos/evmos/v10, github.com/evmos/evmos/v11, github.com/evmos/evmos/v12, github.com/evmos/evmos/v13, github.com/evmos/evmos/v14, github.com/evmos/evmos/v15, github.com/evmos/evmos/v16, github.com/evmos/evmos/v17
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: 4 months ago
GSA_kwCzR0hTQS1weHY4LXFocmgtamM3ds4AA8wK
evmos allows transferring unvested tokens after delegationsEcosystems: go
Packages: github.com/evmos/evmos/v6, github.com/evmos/evmos/v7, github.com/evmos/evmos/v8, github.com/evmos/evmos/v9, github.com/evmos/evmos/v10, github.com/evmos/evmos/v11, github.com/evmos/evmos/v12, github.com/evmos/evmos/v13, github.com/evmos/evmos/v14, github.com/evmos/evmos/v15, github.com/evmos/evmos/v16, github.com/evmos/evmos/v17
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: 4 months ago
Low
Ecosystems: cargo
Packages: s2n-tls
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS01MnhmLTVwMm0tOXdyds4AA8wF
s2n-tls has a potentially observable differences in RSA premaster secret handlingEcosystems: cargo
Packages: s2n-tls
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: born05/craft-twofactorauthentication
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS0zcDR4LWdycG0teHc1OM4AA8wD
Password hash exposed in CraftCMS two factor authentication pluginEcosystems: packagist
Packages: born05/craft-twofactorauthentication
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1oOTM0LWY0bTQtd2M4eM4AA8uc
Typo3 Information Disclosure in Page TreeEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: 4 months ago
GSA_kwCzR0hTQS1jN3A2LTNjOWMtZjg4cc4AA8uE
Information Disclosure in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: 4 months ago
Low
Ecosystems: pypi
Packages: gradio_pdf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS00bTNnLTZyN2ctanY0Zs4AA8t0
Arbitrary JavaScript execution due to using outdated librariesEcosystems: pypi
Packages: gradio_pdf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Low
Ecosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: 4 months ago
GSA_kwCzR0hTQS12dzYzLTgyNHYtcWYyas4AA8mZ
SQL Injection in Harbor scan log APIEcosystems: go
Packages: github.com/goharbor/harbor
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: 4 months ago
Low
Ecosystems: packagist
Packages: statamic/cms
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 4 months ago
GSA_kwCzR0hTQS1xdnBqLXc3eGotcjZ3Oc4AA8mW
Password confirmation stored in plain text via registration form in statamic/cmsEcosystems: packagist
Packages: statamic/cms
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 4 months ago
Low
Ecosystems: pypi
Packages: sentry
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 4 months ago
GSA_kwCzR0hTQS1jMmcyLWd4NGotcmozas4AA8mO
Slack integration leaks sensitive information in logsEcosystems: pypi
Packages: sentry
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 4 months ago
Low
Ecosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS04Y201LWpmajItMjZxN84AA8jP
Fides Webserver Logs Hosted Database Password Partial Exposure VulnerabilityEcosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Low
Ecosystems: nuget
Packages: Umbraco.Forms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1wNTcyLXAycmotcTVmNM4AA8jE
Umbraco Forms components vulnerable to Stored Cross-site ScriptingEcosystems: nuget
Packages: Umbraco.Forms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: 4 months ago
GSA_kwCzR0hTQS12aDdxLWo4cDUtMmg0aM4AA8ix
silverstripe/framework sends passwords back to browsers under some circumstancesEcosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: 4 months ago
Low
Ecosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 4 months ago
GSA_kwCzR0hTQS01cjh3LTY2aHEtcmMzOc4AA8ie
silverstripe/framework's pre-existing alc_enc cookies log users in if remember me is disabledEcosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 4 months ago
Low
Ecosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1mM3dwLXhwdjItNnZtZ84AA8ib
silverstripe/framework password encryption salt not updatedEcosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Low
Ecosystems: go
Packages: github.com/huandu/facebook/v2
Source: GitHub Advisory Database
Blast Radius: 3.9
Published: 4 months ago
GSA_kwCzR0hTQS0zZjY1LW0yMzQtOW14cs4AA8iZ
github.com/huandu/facebook may expose access_token in error message.Ecosystems: go
Packages: github.com/huandu/facebook/v2
Source: GitHub Advisory Database
Blast Radius: 3.9
Published: 4 months ago
Low
Ecosystems: npm
Packages: vxe-table
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: 4 months ago
GSA_kwCzR0hTQS0ycWpwLWZnOGMtZzg3OM4AA8iS
vxe-table Cross-site Scripting vulnerabilityEcosystems: npm
Packages: vxe-table
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: 4 months ago
Low
Ecosystems: packagist
Packages: silverstripe/admin
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: 4 months ago
GSA_kwCzR0hTQS03NzljLTd3NHAtMmM0Z84AA8ft
Silverstripe admin XSS Vulnerability via WYSIWYG editorEcosystems: packagist
Packages: silverstripe/admin
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: 4 months ago
Low
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 4 months ago
GSA_kwCzR0hTQS05OXI0LWNqcDQtM2hteM4AA8fs
vantage6 collaboration admins can extend their influence by expanding the collaborationEcosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 4 months ago
Low
Ecosystems: go
Packages: github.com/bincyber/go-sqlcrypter
Source: GitHub Advisory Database
Blast Radius: 1.1
Published: 4 months ago
GSA_kwCzR0hTQS0yajZyLTl2djQtNmdmNc4AA8WS
github.com/bincyber/go-sqlcrypter vulnerable to IV collisionEcosystems: go
Packages: github.com/bincyber/go-sqlcrypter
Source: GitHub Advisory Database
Blast Radius: 1.1
Published: 4 months ago
Low
Ecosystems: packagist
Packages: passbolt/passbolt_api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1mNXBwLXBtcTgtZ3A0Ns4AA8Vu
Passbolt Api Retrieval of HTTP-only cookiesEcosystems: packagist
Packages: passbolt/passbolt_api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: paragonie/random_compat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS0zZm1xLXg5cTYtd20zOc4AA8Rz
random_compat Uses insecure CSPRNGEcosystems: packagist
Packages: paragonie/random_compat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: onelogin/php-saml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS05d3J3LXA5cm0tcjc4Ms4AA8Rx
onelogin/php-saml Improper signature validation on LogoutRequest/LogoutResponse.Ecosystems: packagist
Packages: onelogin/php-saml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: neos/flow
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: 4 months ago
GSA_kwCzR0hTQS03aDc0LTd2Y3ctNG13cM4AA8Ro
Insecure deserialize Vulnerability in FLOW3Ecosystems: packagist
Packages: neos/flow
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: 4 months ago
Low
Ecosystems: packagist
Packages: monolog/monolog
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1mNTd2LXE5NjYtN2ZoNs4AA8I3
Monolog Header injection in NativeMailerHandlerEcosystems: packagist
Packages: monolog/monolog
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Statistics
Advisories: 20,108
Packages: 8,840
Repositories: 495
Ecosystems: 12
Packages: 8,840
Repositories: 495
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow-gpu
109
tensorflow-cpu
109
tensorflow
109
moodle/moodle
17
concrete5/concrete5
17
github.com/mattermost/mattermost/server/v8
14
typo3/cms
13
shopware/platform
12
phpmyadmin/phpmyadmin
10
shopware/core
10
org.jenkins-ci.main:jenkins-core
9
nova
9
org.apache.tomcat:tomcat
9
vyper
7
matrix-synapse
7
ethyca-fides
6
org.keycloak:keycloak-services
6
undici
6
puppet
6
Umbraco.CMS
6
typo3/cms-core
5
october/backend
5
rack
5
sweetalert2
5
baserproject/basercms
5
silverstripe/framework
5
k8s.io/kubernetes
5
helm.sh/helm/v3
5
wasmtime
5
magento/community-edition
4
helm.sh/helm
4
simplesamlphp/simplesamlphp
4
github.com/cilium/cilium
4
zenml
4
com.vaadin:flow-server
4
github.com/mattermost/mattermost-server/v6
4
shopware/shopware
4
github.com/authzed/spicedb
4
actionpack
4
electron
4
bin-links
3
plone
3
go.etcd.io/etcd/v3
3
nautobot
3
ansible
3
github.com/cosmos/cosmos-sdk
3
@openzeppelin/contracts-upgradeable
3
org.apache.hive:hive
3
org.apache.hive:hive-service
3
org.apache.hive:hive-exec
3
ckb
3
glance
3
passenger
3
node-forge
3
symfony/symfony
3
github.com/opencontainers/runc
3
github.com/mattermost/mattermost-server
3
mattermost-desktop
3
org.graylog2:graylog2-server
3
com.vaadin:vaadin-bom
3
wagtail
3
cryptography
3
vantage6
3
elliptic
3
tools.devnull:build-notifications
2
org.eclipse.jetty:jetty-server
2
Nova
2
apache-airflow
2
tuf
2
flarum/core
2
braces
2
mautic/core
2
Flask-Security-Too
2
org.bouncycastle:bcprov-jdk14
2
node-ipc
2
vodozemac
2
Pillow
2
github.com/containerd/containerd
2
winter/wn-backend-module
2
org.jenkins-ci.plugins:wso2id-oauth
2
github.com/hashicorp/nomad
2
activesupport
2
org.jenkins-ci.plugins:ec2
2
github.com/sigstore/cosign
2
craftcms/cms
2
com.inedo.proget:inedo-proget
2
org.apache.activemq:activemq-parent
2
sylius/sylius
2
org.keycloak:keycloak-ldap-federation
2
org.jenkins-ci.plugins:mercurial
2
gilacms/gila
2
next-auth
2
org.jenkins-ci.plugins:artifactory
2
grumpydictator/firefly-iii
2
github.com/docker/docker
2
aiohttp
2
typo3/cms-install
2
github.com/mutagen-io/mutagen
2
s2n-quic
2
freewvs
2
moin
2
keystone
2
ezsystems/ezplatform-kernel
2
ezsystems/ezpublish-kernel
2
go.etcd.io/etcd/client/v3
2
github.com/cometbft/cometbft
2
github.com/nats-io/nats-server/v2
2
Zope
2
OctoPrint
2
angular
2
drupal/drupal
2
@apollo/server
2
github.com/answerdev/answer
2
symfony/security-http
2
com.ruoyi:ruoyi
2
langchain
2
github.com/ntbosscher/gobase
2
horizon
2
salt
2
github.com/mattermost/mattermost-plugin-jira
2
pip
2
typo3/cms-frontend
2
github.com/goharbor/harbor
2
statamic/cms
2
october/system
2
sequoia-openpgp
2
httplib2
2
cargo
2
org.jenkins-ci.plugins:azure-ad
2
org.xwiki.platform:xwiki-platform-oldcore
2
parse-server
2
october/cms
2
@openzeppelin/contracts
2
Flask-AppBuilder
2
ceph-deploy
2
org.jenkins-ci.plugins:bigpanda-jenkins
2
github.com/hashicorp/vault
2
org.jenkins-ci.plugins:repository-connector
2
microweber/microweber
2
github.com/flyteorg/flyteadmin
1
plone.restapi
1
github.com/Masterminds/goutils
1
@liquity/contracts
1
rabbit_common
1
markdown-link-extractor
1
github.com/tendermint/tendermint
1
github.com/aws/aws-sdk-go
1
github.com/consensys/gnark-crypto
1
go.etcd.io/etcd
1
org.xmlunit:xmlunit-core
1
org.keycloak:keycloak-parent
1
croogo/croogo
1
debug
1
@floffah/build
1
solidus_backend
1
phpmyfaq/phpmyfaq
1
admidio/admidio
1
fast-xml-parser
1
org.silverpeas.core:silverpeas-core
1
spina
1
es5-ext
1
automad/automad
1
org.keycloak:keycloak-server-spi-private
1
datasette-graphql
1
org.xwiki.platform:xwiki-platform-security-authentication-script
1
hyper
1
xmpp-http-upload
1
org.jenkins-ci.plugins:labmanager
1
transformers
1
@node-red/runtime
1
org.springframework.cloud:spring-cloud-contract-shade
1
io.jenkins.plugins:frugal-testing
1
fastify-http-proxy
1
org.jenkins-ci.plugins:synopsys-coverity
1
cinder
1
contao/core-bundle
1
basti-cdk
1
neutron
1
io.jenkins.plugins:gitlab-branch-source
1
org.springframework.batch:spring-batch-core
1
org.jenkins-ci.plugins:ghprb
1
com.xuxueli:xxl-job-core
1
virtualenv
1
com.typesafe.play:play
1
nokogiri
1
ember-source
1
@aedart/support
1
@vendure/core
1
google-translate-api-browser
1
org.jenkins-ci.plugins:Parameterized-Remote-Trigger
1
puma
1
@hapi/hoek
1
node-fetch
1
serve-static
1
@actions/core
1
datadog/dd-trace
1
org.apache.solr:solr-core
1
github.com/crossplane/crossplane
1
org.jenkins-ci.plugins:skytap
1
org.apache.struts:struts2-core
1
Filter by Repository
https://github.com/tensorflow/tensorflow
109
https://github.com/moodle/moodle
17
https://github.com/concretecms/concretecms
16
https://github.com/shopware/platform
12
https://github.com/openstack/nova
11
https://github.com/octobercms/october
9
https://github.com/keycloak/keycloak
9
https://github.com/etcd-io/etcd
8
https://github.com/umbraco/Umbraco-CMS
7
https://github.com/matrix-org/synapse
7
https://github.com/vyperlang/vyper
7
https://github.com/phpmyadmin/phpmyadmin
7
https://github.com/eclipse/jetty.project
7
https://github.com/rails/rails
6
https://github.com/ethyca/fides
6
https://github.com/nodejs/undici
6
https://github.com/sweetalert2/sweetalert2
5
https://github.com/puppetlabs/puppet
5
https://github.com/baserproject/basercms
5
https://github.com/bytecodealliance/wasmtime
5
https://github.com/helm/helm
5
https://github.com/xwiki/xwiki-platform
5
https://github.com/rack/rack
5
https://github.com/kubernetes/kubernetes
5
https://github.com/TYPO3/typo3
5
https://github.com/jenkinsci/jenkins
5
https://github.com/shopware/shopware
4
https://github.com/authzed/spicedb
4
https://github.com/vantage6/vantage6
4
https://github.com/electron/electron
4
https://github.com/cilium/cilium
4
https://github.com/simplesamlphp/simplesamlphp
4
https://github.com/wintercms/winter
4
https://github.com/apache/tomcat
4
https://github.com/silverstripe/silverstripe-framework
4
https://github.com/mattermost/mattermost
4
https://github.com/vaadin/platform
4
https://github.com/wagtail/wagtail
3
https://github.com/indutny/elliptic
3
https://github.com/symfony/symfony
3
https://github.com/cosmos/cosmos-sdk
3
https://github.com/Graylog2/graylog2-server
3
https://github.com/phusion/passenger
3
https://github.com/nervosnetwork/ckb
3
https://github.com/dpgaspar/Flask-AppBuilder
3
https://github.com/zenml-io/zenml
3
https://github.com/vaadin/flow
3
https://github.com/digitalbazaar/forge
3
https://github.com/openstack/keystone
3
https://gitlab.com/sequoia-pgp/sequoia
3
https://github.com/ansible/ansible
3
https://github.com/opencontainers/runc
3
https://github.com/Byron/gitoxide
3
https://github.com/nautobot/nautobot
3
https://github.com/pyca/cryptography
3
https://github.com/apache/airflow
3
https://github.com/CVEProject/cvelist
3
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/theupdateframework/python-tuf
2
https://github.com/sigstore/cosign
2
https://github.com/openstack/horizon
2
https://github.com/parse-community/parse-server
2
https://github.com/octoprint/octoprint
2
https://github.com/hashicorp/nomad
2
https://github.com/RIAEvangelist/node-ipc
2
https://github.com/mattermost/mattermost-plugin-jira
2
https://github.com/openstack/glance
2
https://github.com/quarkusio/quarkus
2
https://github.com/httplib2/httplib2
2
https://github.com/cometbft/cometbft
2
https://github.com/firefly-iii/firefly-iii
2
https://github.com/statamic/cms
2
https://github.com/schokokeksorg/freewvs
2
https://github.com/ceph/ceph-deploy
2
https://github.com/ntbosscher/gobase
2
https://github.com/apache/activemq
2
https://github.com/nextauthjs/next-auth
2
https://github.com/opencontainers/distribution-spec
2
https://github.com/rust-lang/cargo
2
https://github.com/nats-io/nats-server
2
https://github.com/zopefoundation/Zope
2
https://github.com/moby/moby
2
https://github.com/mautic/mautic
2
https://github.com/Flask-Middleware/flask-security
2
https://github.com/aio-libs/aiohttp
2
https://github.com/Alexhuszagh/rust-lexical
2
https://github.com/containerd/containerd
2
https://github.com/mutagen-io/mutagen
2
https://github.com/matrix-org/vodozemac
2
https://github.com/bcgit/bc-java
2
https://github.com/jenkinsci/ec2-plugin
2
https://github.com/Sylius/Sylius
2
https://github.com/TYPO3/TYPO3.CMS
2
https://github.com/goharbor/harbor
2
https://github.com/saltstack/salt
2
https://github.com/ezsystems/ezplatform-kernel
2
https://github.com/aws/s2n-quic
2
https://github.com/craftcms/cms
2
https://github.com/flarum/framework
2
https://github.com/answerdev/answer
2
https://github.com/pypa/pip
2
https://github.com/microweber/microweber
2
https://github.com/apache/druid
2
https://github.com/GilaCMS/gila
2
https://github.com/micromatch/braces
2
https://github.com/apollographql/apollo-server
2
https://github.com/artifacthub/hub
1
https://github.com/jenkinsci/github-plugin
1
https://github.com/octokit/octokit.rb
1
https://github.com/encode/starlette
1
https://github.com/langchain-ai/langchain
1
https://github.com/bbatsov/rubocop
1
https://github.com/IdentityPython/pysaml2
1
https://github.com/yourls/yourls
1
https://github.com/Icinga/ipl-web
1
https://github.com/xuxueli/xxl-job
1
https://github.com/cloudflare/tableflip
1
https://github.com/sjwall/mdx-mermaid
1
https://github.com/paragonie/random_compat
1
https://github.com/DataDog/dd-trace-php
1
https://github.com/tailscale/tailscale
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/redis/redis-py
1
https://github.com/visionmedia/debug
1
https://github.com/plone/plone.restapi
1
https://github.com/seattlerb/ruby_parser
1
https://github.com/crossplane/crossplane
1
https://github.com/Seldaek/monolog
1
https://github.com/node-js-libs/cli
1
https://github.com/x-extends/vxe-table
1
https://github.com/fog/fog
1
https://github.com/octokit/octopoller.rb
1
https://github.com/mganss/HtmlSanitizer
1
https://github.com/joniles/mpxj
1
https://github.com/onelogin/php-saml
1
https://github.com/plone/plone.namedfile
1
https://github.com/sigstore/sigstore-go
1
https://github.com/biscuit-auth/biscuit-rust
1
https://github.com/C2FO/fast-csv
1
https://github.com/kiwitcms/Kiwi
1
https://github.com/aws/aws-dynamodb-encryption-python
1
https://gitlab.com/gitlab-org/cves
1
https://github.com/pterodactyl/panel
1
https://github.com/auth0/lock
1
https://github.com/apache/lucene-solr
1
https://github.com/silverstripe/silverstripe-omnipay
1
https://github.com/jenkinsci/gitlab-plugin
1
https://github.com/sparklemotion/nokogiri
1
https://github.com/IncludeSecurity/safeurl-python
1
https://github.com/gayanhewa/sailsjs-cacheman
1
https://github.com/ethereum/web3.js
1
https://github.com/tektoncd/pipeline
1
https://github.com/DataDog/datadog-api-client-java
1
https://github.com/fluture-js/fluture-node
1
https://github.com/wasmerio/wasmer
1
https://github.com/zopefoundation/Products.GenericSetup
1
https://github.com/louislam/uptime-kuma
1
https://github.com/npm/npm-user-validate
1
https://github.com/jenkinsci/coverity-plugin
1
https://github.com/wiremock/wiremock
1
https://github.com/kimai/kimai
1
https://github.com/actions/toolkit
1
https://github.com/SteeltoeOSS/security-advisories
1
https://github.com/aws/aws-encryption-sdk-cli
1
https://github.com/personnummer/python
1
https://github.com/jenkinsci/gitlab-branch-source-plugin
1
https://github.com/risc0/risc0
1
https://github.com/onionshare/onionshare
1
https://github.com/jupyterhub/jupyterhub
1
https://github.com/oauth2-proxy/oauth2-proxy
1
https://github.com/ory/oathkeeper
1
https://github.com/MicrochipTech/cryptoauthlib
1
https://github.com/topgrade-rs/topgrade
1
https://github.com/moment/moment-timezone
1
https://github.com/jenkinsci/ssh-agent-plugin
1
https://github.com/jenkinsci/parameterized-trigger-plugin
1
https://github.com/tendermint/tendermint
1
https://github.com/petergoldstein/dalli
1
https://github.com/syncthing/syncthing
1
https://github.com/mportuga/eslint-detailed-reporter
1
https://github.com/evmos/evmos
1
https://github.com/screetsec/VDD
1
https://github.com/jenkinsci/parameterized-remote-trigger-plugin
1
https://github.com/zopefoundation/Products.PluggableAuthService
1
https://github.com/visionmedia/send
1
https://github.com/DSpace/DSpace
1
https://github.com/Katello/katello
1
https://github.com/urllib3/urllib3
1
https://github.com/isaacs/chownr
1
https://github.com/aedart/ion
1
https://github.com/snipe/snipe-it
1
https://github.com/jenkinsci/mercurial-plugin
1
https://github.com/google/zerocopy
1
https://github.com/jquery-validation/jquery-validation
1
https://github.com/octo-sts/app
1
https://github.com/Azure/setup-kubectl
1
https://github.com/knative-extensions/eventing-github
1
https://github.com/dojo/dijit
1
https://github.com/ktorio/ktor
1