Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS02Nzh4LXhmcDQtcjkycs2_gw
Apache Geronimo Application Server CSRF vulnerabilities
Ecosystems: maven
Packages: org.apache.geronimo.plugins:console
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Low
GSA_kwCzR0hTQS12d3g4LXFwcWgtcXdtOc4AAhfm
Jenkins Maven Release Plug-in Plugin stored credentials in plain text
Ecosystems: maven
Packages: org.jenkins-ci.plugins.m2release:m2release
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mcTUyLTZjamYtanc1Oc4AAlOl
Reflected XSS vulnerability in Jenkins VncRecorder Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:vncrecorder
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS02NzU1LWpncDQtOHE3aM4AAqzp
XML External Entity processing vulnerability in Pipeline Maven Integration Jenkins Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:pipeline-maven
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01bThmLXYzZ3ctaDk0d80sPw
Jenkins Support Core Plugin stores sensitive data in plain text
Ecosystems: maven
Packages: org.jenkins-ci.plugins:support-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zd3ctN2hycC1ndzl3
Drop of uninitialized memory in Ozone
Ecosystems: cargo
Packages: ozone
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS01Y3h3LTh2NjUtNzZ2Zs4AAoE1
CSRF vulnerability in Jenkins promoted builds Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:promoted-builds
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1teGYyLTRyMjItNWhxOc4AAu1J
XWiki Platform Web Parent POM vulnerable to XSS in the attachment history
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02Mjk2LW12Z3AtMjdocM4AAtJS
XML External Entity Reference in Eclipse Lyo
Ecosystems: maven
Packages: org.eclipse.lyo:lyo-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05Y2ZxLXYyaG0tYzN4cs4AAWob
Jenkins GitHub Branch Source Plugin vulnerable to Server-Side Request Forgery
Ecosystems: maven
Packages: org.jenkins-ci.plugins:github-branch-source
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ydjg3LXZjdjQtZmp2cs4AAWcR
URLTrigger Plugin server-side request forgery vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:urltrigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oNWozLTV4NjMtcDhqds4AAu1K
XWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS01amdqLWg5d3AtNTNmcs4AAtKk
Known vulnerable to code execution via SVG file in v1.3.1
Ecosystems: packagist
Packages: idno/known
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wNzU3LTR2M3Atajc0Zs4AAtKj
Known vulnerable to account takeover via host header injection attack in v1.3.1
Ecosystems: packagist
Packages: idno/known
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0zeGpxLThqODkteHJ3Oc4AAWcT
Jenkins Badge Plugin cross-site scripting vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:badge
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wNDg3LTM5aDktaG04NM4AAtJW
Jenkins Google Login Plugin 1.0 and 1.1 allows anonymous users to authenticate through client-side request modification
Ecosystems: maven
Packages: org.jenkins-ci.plugins:google-login
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jNXY4LTJxNHItNXc5ds4AAu1e
XWiki Platform Mentions UI vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-mentions-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1jcXA0LWN2N2gtN2pwNc4AATnd
Jenkins SaltStack Plugin allows attackers to capture credentials with a known credentials ID stored in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.plugins:saltstack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xd2d4LW1ydjUtODdqOM4AAgY7
CSRF vulnerability in Jenkins Script Security Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05OThtLWYyeDMtampxNM4AAoNt
CSRF vulnerability in Jenkins Config File Provider Plugin allows deleting configuration files
Ecosystems: maven
Packages: org.jenkins-ci.plugins:config-file-provider
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS01OTl2LXc0OGgtcmpybc4AAu1h
XWiki Platform Web Templates vulnerable to Missing Authorization, Exposure of Private Personal Information to Unauthorized Actor
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03cng2LTR2d3YtNDMyZ84AAoNz
Missing permission check in Jenkins CloudBees CD Plugin allows scheduling builds
Ecosystems: maven
Packages: org.jenkins-ci.plugins:electricflow
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ybTIzLTZtd3YtOHE5cc4AAtEW
XML External Entity Reference in Jenkins Recipe Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:recipe
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1meHdyLTR2cTktOXZoas4AAu2B
XWiki Cross-Site Request Forgery (CSRF) for actions on tags
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1qMzNyLWNnbTYtcHY0OM4AAtDI
Missing Authorization in Jenkins Recipe Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:recipe
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0yanYzLXYzN3AtNjV3M84AAuwx
CrafterCMS Crafter Studio Improperly Controls Dynamically-Managed Code Resources
Ecosystems: maven
Packages: org.craftercms:crafter-studio
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1tNHZ4LWNjcmYtdzM5Oc4AAuxl
NLnet Labs Routinator has Reachable Assertion vulnerability
Ecosystems: cargo
Packages: routinator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xZ3Y0LTdqaHgtYzcycc4AAu_U
Missing webhook endpoint authorization in Jenkins Rundeck Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:rundeck
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
GSA_kwCzR0hTQS13cHBwLXhxZnYtNmNtN84AAtDW
Token stored in plain text by Jenkins Cisco Spark Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cisco-spark
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xaG1qLTI5dmgtOG1qbc4AAtDj
Incorrect Authorization in Jenkins Request Rename Or Delete Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:rrod
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14djdyLTl2cTQtOXdycc4AAuzW
Project Wonder WebObjects vulnerable to Arbitrary HTTP Header Injection and Cross-site Scripting
Ecosystems: maven
Packages: wonder:wonder
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xMzdoLWpoZjMtODVjas4AAtaC
Bypass of CMS Safe Mode Security Feature
Ecosystems: packagist
Packages: wintercms/winter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jOWgzLWM2cWotaGg3cc4AAu9g
Apache Kafka vulnerability can lead to brokers hitting OutOfMemoryException, causing Denial of Service
Ecosystems: maven
Packages: org.apache.kafka:kafka
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
GSA_kwCzR0hTQS1jcG01LWNxcjktN3A3Oc4AAu-U
Jenkins BigPanda Notifier Plugin Missing Password Field Masking
Ecosystems: maven
Packages: org.jenkins-ci.plugins:bigpanda-jenkins
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS02cHg4LTIydzUtdzMzNM4AAUYz
Denial of service in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.All, Microsoft.AspNetCore.App, Microsoft.NETCore.App, System.Net.WebSockets.WebSocketProtocol, Microsoft.AspNetCore.Server.Kestrel.Core, Microsoft.AspNetCore.WebSockets
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02Y3ZyLXJ2cG0tOXd4NM4AAu-T
Jenkins SCM HttpClient Plugin vulnerable to Cross-Site Request Forgery
Ecosystems: maven
Packages: com.meowlomo.jenkins:scm-httpclient
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1nNDN4LXBjYzktZjQ3Ms4AAu_R
Jenkins Compuware Common Configuration Plugin vulnerable to Improper Restriction of XML External Entity Reference
Ecosystems: maven
Packages: com.compuware.jenkins:compuware-common-configuration
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS14aGZjLWdyOGYtZmZ3Y84AAguU
Denial of service in ASP.NET Core
Ecosystems: nuget
Packages: System.Private.Uri
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS0yeDloLWgzYzQtd3FxaM4AATaP
Improper Neutralization of Special Elements used in an LDAP Query in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS02NG1qLTNwOTItNTg5ds4AAs7p
Cross-site Scripting in Jenkins JUnit Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:junit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1tMmZjLTloNW0tMjljbc4AAt1k
@acrontum/filesystem-template vulnerable to Command Injection due to fetchRepo API missing sanitization
Ecosystems: npm
Packages: @acrontum/filesystem-template
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS02NXI2LXc3dnItYzc1cs4AAs8t
Cross-site Scripting in Jenkins Agent Server Parameter Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:agent-server-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14eGhmLXhxNnYtYzhtas4AAs8W
Improper authorization in Jenkins Embeddable Build Status Plugin bypasses ViewStatus permission requirement
Ecosystems: maven
Packages: org.jenkins-ci.plugins:embeddable-build-status
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
GSA_kwCzR0hTQS1mbXE5LXI0cDItODI3Ms4AAu-R
API token stored in plain text by Jenkins CONS3RT Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cons3rt
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS14cHZwLWg3M2MtbTlycc4AAu-W
Jenkins vulnerable to stored cross site scripting in the I:helpIcon component
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1qamNoLTdnODUtNG03Ms4AAu-a
Jenkins NS-ND Integration Performance Publisher Plugin vulnerable to Cross-Site Request Forgery
Ecosystems: maven
Packages: io.jenkins.plugins:cavisson-ns-nd-integration
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xcnFtLTU3NHgtcTdmMs4AAu-D
Awesome Support vulnerable to persistent cross-site scripting
Ecosystems: packagist
Packages: awesome-support/awesome-support
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05anJoLWhjaDgtcnI1Y84AAW49
Jenkins Copy To Slave Plugin allows access to arbitrary files on the Jenkins controller file system
Ecosystems: maven
Packages: org.jenkins-ci.plugins:copy-to-slave
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03NTU4LTZxNDUtNng3bc4AAs8y
Cross-site Scripting in Jenkins Dynamic Extended Choice Parameter Plugin
Ecosystems: maven
Packages: com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02NXdoLWc4eDgtZ20yaM4AAzyH
Apache NiFi vulnerable to Deserialization of Untrusted Data
Ecosystems: maven
Packages: org.apache.nifi:nifi-jms-bundle
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
GSA_kwCzR0hTQS05ZzRtLWZmeDYtYzI5Z84AAllI
Jenkins Cross-site Scripting vulnerability in project naming strategy
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jcTltLXJwbTUtMjdtOc36zA
Jenkins Perfecto Mobile Plugin stores credentials in plain text
Ecosystems: maven
Packages: org.jenkins-ci.plugins:perfectomobile
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS12cjRqLWdqOHEtbTg5ds4AAVZh
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1nM3E5LXhmOTUtOGhwNc4AAvPg
NuGet Elevation of Privilege Vulnerability
Ecosystems: nuget
Packages: NuGet.Protocol, NuGet.CommandLine, NuGet.Commands
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1qcGo1LWhnMjYtNmpnY80yfw
Cross-site Scripting in Alist
Ecosystems: go
Packages: github.com/Xhofe/alist
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1yNTdmLTd4dzMtcTJyOc4AAXaG
Improper Authentication in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1ycGhjLWg1NzItMng5Zs0yuw
Cross-site Scripting in showdoc/showdoc
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01cmNjLTZjbWotNzcyOM0wxA
Cross-site Scripting in BookStack
Ecosystems: packagist
Packages: ssddanbrown/bookstack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS13OWdxLThxMzUtM2pjY84AASj9
Jenkins Subversion Plugin Incorrect Authorization vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:subversion
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02NHE5LWYzOGgtOW13eM0sLg
Protection Mechanism Failure in Jenkins Doktor Plugin
Ecosystems: maven
Packages: by.dev.madhead.doktor:doktor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0zNzU2LWh3aHYtcXc1OM0uwg
Cross site scripting in francoisjacquet/rosariosis
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ydng0LWdnOHctcXcyNM4AASj4
Jenkins Google Play Android Publisher Plugin allows attacker to obtain credential IDs
Ecosystems: maven
Packages: org.jenkins-ci.plugins:google-play-android-publisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS04MnJyLW1xNHItcDRyM80uuw
SQL injection in francoisjacquet/rosariosis
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Low
GSA_kwCzR0hTQS1jZ2hnLWpjdjYtNHY1bc4AASj5
Jenkins Coverity Plugin has Insufficiently Protected Credentials
Ecosystems: maven
Packages: org.jenkins-ci.plugins:coverity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3aHEtajVxZy13anZw
Stored Cross-Site Scripting vulnerability in admin component of DotNetNuke
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 4 years ago
High
GSA_kwCzR0hTQS1wdjRtLTdjNjgtZjRjNc0y_A
CSRF vulnerability in Jenkins CloudBees AWS Credentials Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:aws-credentials
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1xcHAyLTJtY3AtMndtNc05dg
Unauthenticated user can list hidden document from multiple velocity templates in XWiki
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0yMzQ4LWNjcWotOHAyN84AAtD3
Jenkins RQM Plugin allows enumerating credentials IDs due to missing permission check
Ecosystems: maven
Packages: net.praqma:rqm-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0ybTl3LTl4aDItd3hjM80sSA
Link Following in Jenkins Pipeline Multibranch Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-multibranch
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS0zODlwLWZjaHItcTJtZ80r8Q
Path Traversal in ImpressCMS
Ecosystems: packagist
Packages: impresscms/impresscms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01cGNmLXZ4bTMtZnJwaM0sMw
CSRF vulnerability in Jenkins Checkmarx Plugin allow capturing credentials
Ecosystems: maven
Packages: com.checkmarx.jenkins:checkmarx
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0yNzNjLWZqdzgtdjJ3OM4AAtD1
Jenkins OpsGenie Plugin Plaintext Storage of a Password vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:opsgenie
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oNjc2LXBqcjQtaGdxeM0rZg
Path Traversal in S-Cart
Ecosystems: packagist
Packages: s-cart/s-cart
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS03ZzdnLTgyZnAtaHB4eM0sNQ
CSRF vulnerability in Jenkins SCP publisher Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:scp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1qOHgyLTJtNXctajkzOc4AAwP0
Amazon CloudWatch Agent for Windows has Privilege Escalation Vector
Ecosystems: go
Packages: github.com/aws/amazon-cloudwatch-agent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS01bXhnLXA1cWgtMmdjaM4AAtEX
Jenkins Deployment Dashboard Plugin has Insufficiently Protected Credentials
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ec2-deployment-dashboard
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ocnh2LTY5NGYtMjJnM80tkw
Exposure of Sensitive Information to an Unauthorized Actor in LemMinX
Ecosystems: maven
Packages: org.eclipse.lemminx:lemminx-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS02cThyLTVwbTYtdjJxOM0sPA
Stored Cross-site Scripting vulnerability in Jenkins Custom Checkbox Parameter Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:custom-checkbox-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS12djZqLXd3NngtNTRneM0uJA
Use after free in Animation
Ecosystems: nuget
Packages: CefSharp.Wpf.NETCore, CefSharp.WinForms.NETCore, CefSharp.OffScreen.NETCore, CefSharp.Common.NETCore, CefSharp.Wpf.HwndHost, CefSharp.Wpf, CefSharp.WinForms, CefSharp.OffScreen, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1oeHZmLTM1dzgtZjVtd80rEg
Cross-Site Request Forgery in Magnolia CMS
Ecosystems: maven
Packages: info.magnolia:magnolia-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1xcXd4LWhjcDYtMjV2cs0sQA
Stored XSS vulnerability in Jenkins Generic Webhook Trigger Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:generic-webhook-trigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1tNGhnLTVwMm0tZm01bc0rFQ
Arbitrary code execution in Magnolia CMS
Ecosystems: maven
Packages: info.magnolia:magnolia-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1yaDU4LXI3amgteGh4M84AAvhD
.NET Core Elevation of Privilege Vulnerability
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-x86
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02OWNqLWc3bXctbWg3Ms4AAYZz
Jenkins Docker Commons Plugin allows any user with Overall/Read permission to get list of valid credentials IDs
Ecosystems: maven
Packages: org.jenkins-ci.plugins:docker-commons
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1jMzYtNW0zNi1oamg1
Data races in slock
Ecosystems: cargo
Packages: slock
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxMzYtNHh4Ny14Y3hm
Untrusted data can lead to DoS attack due to hash collisions and stack overflow in MessagePack
Ecosystems: nuget
Packages: MessagePack.UnityShims, MessagePack.ReactiveProperty, MessagePack.ImmutableCollection, MessagePack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 4 years ago
High
GSA_kwCzR0hTQS0yeHZ4LXJ3OXAteGdmY84AAgY0
Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in Jenkins Pipeline: Groovy Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tcmY2LTRndzYtNjV2M84AAu-l
Jenkins extreme-feedback Plugin vulnerable to Missing Authorization
Ecosystems: maven
Packages: org.jenkins-ci.plugins:extreme-feedback
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xMmhtLTJoNDUtdjVnM84AAv_T
Plaintext storage of password after a reset in org.xwiki.platform:xwiki-platform-security-authentication-default
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-security-authentication-default
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05anE5LWMyY3YtcGNyas0pfw
Cross-site Scripting by SVG upload in xwiki-platform
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-tool-configuration-resources, org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14aDlnLWNwM3YtcDhxNM0myA
Missing Authorization in Crater Invoice
Ecosystems: packagist
Packages: bytefury/crater
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS12Z3dxLWhmcWMtNTh3ds4AAvfI
.NET Core Information Disclosure Vulnerability
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1tbTZnLW1tcTYtNTNmZs0mqg
Path Traversal in SharpZipLib
Ecosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0yOThtLWh2Z2gteDljd84AAz9S
Alluxio Cross Site Scripting vulnerability
Ecosystems: maven
Packages: org.alluxio:alluxio-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS02dmYyLW1mbXItcXFxd84AAz9f
Liufee CMS File Upload vulnerability
Ecosystems: packagist
Packages: feehi/cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Low
GSA_kwCzR0hTQS1mOWY5LTRyNjMtNHFjY84AAvda
Non-constant time webhook token comparison in Jenkins GitLab Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:gitlab-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03djN4LWg3cjItMzRqds0lXg
Insufficient Session Expiration in Pterodactyl API
Ecosystems: packagist
Packages: pterodactyl/panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1yOHhjLXh4aDMtcTV4M84AAz_x
XWiki Platform vulnerable to reflected cross-site scripting via back and xcontinue parameters in resubmit template
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
GSA_kwCzR0hTQS14N3dyLTI4M2gtNWgyds0kdA
Out-of-bounds Read in Onionshare
Ecosystems: pypi
Packages: onionshare-cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1tZmN3LTgzcWctNHZ3M84AAvct
Agent-to-controller security bypass vulnerability in Jenkins Compuware Xpediter Code Coverage Plugin
Ecosystems: maven
Packages: com.compuware.jenkins:compuware-xpediter-code-coverage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Statistics
Advisories: 18,330
Packages: 8,279
Repositories: 5,007
Ecosystems: 12
Filter by Severity
Moderate 7,912 High 6,344 Critical 2,805 Low 981
Filter by Ecosystem
maven 5,520 packagist 3,801 pypi 3,704 npm 3,535 go 1,889 nuget 1,390 rubygems 814 cargo 776 swift 31 hex 30 actions 16 pub 8
Filter by Package
tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 moodle/moodle 322 Microsoft.ChakraCore 247 org.jenkins-ci.main:jenkins-core 189 magento/community-edition 182 org.apache.tomcat:tomcat 134 pimcore/pimcore 116 dolibarr/dolibarr 105 typo3/cms 102 phpmyadmin/phpmyadmin 91 microweber/microweber 91 django 80 apache-airflow 78 drupal/core 76 typo3/cms-core 73 thorsten/phpmyfaq 70 com.fasterxml.jackson.core:jackson-databind 69 ansible 63 drupal/drupal 61 github.com/usememos/memos 59 actionpack 57 org.apache.struts:struts2-core 55 librenms/librenms 54 symfony/symfony 53 concrete5/concrete5 52 salt 50 apache-superset 48 shopware/platform 48 org.keycloak:keycloak-core 47 Plone 45 com.liferay.portal:release.portal.bom 45 plone 43 baserproject/basercms 43 nokogiri 42 rdiffweb 42 Pillow 41 craftcms/cms 40 intelliants/subrion 40 showdoc/showdoc 40 vyper 38 github.com/mattermost/mattermost/server/v8 38 nilsteampassnet/teampass 37 org.apache.tomcat.embed:tomcat-embed-core 37 github.com/mattermost/mattermost-server/v6 37 com.jfinal:jfinal 36 com.thoughtworks.xstream:xstream 36 shopware/core 36 froxlor/froxlor 36 net.mingsoft:ms-mcms 35 matrix-synapse 35 org.xwiki.platform:xwiki-platform-oldcore 34 github.com/answerdev/answer 34 org.elasticsearch:elasticsearch 32 k8s.io/kubernetes 32 silverstripe/framework 32 snipe/snipe-it 32 mlflow 31 opencv-python 30 opencv-contrib-python 30 org.jenkins-ci.plugins:script-security 30 mautic/core 29 parse-server 29 github.com/argoproj/argo-cd 29 github.com/grafana/grafana 28 github.com/rancher/rancher 28 github.com/hashicorp/vault 28 org.keycloak:keycloak-services 27 getgrav/grav 27 io.undertow:undertow-core 27 shopware/shopware 27 Django 27 centreon/centreon 27 github.com/hashicorp/nomad 26 openssl-src 26 electron 26 github.com/hashicorp/consul 26 org.keycloak:keycloak-parent 25 org.apache.solr:solr-core 25 rubygems-update 25 magento/core 24 prestashop/prestashop 24 gogs.io/gogs 24 remdex/livehelperchat 23 pocketmine/pocketmine-mp 23 puppet 23 moin 23 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 github.com/argoproj/argo-cd/v2 23 rack 22 getkirby/cms 22 ckb 22 org.apache.nifi:nifi 22 grumpydictator/firefly-iii 22 org.apache.openmeetings:openmeetings-parent 21 @openzeppelin/contracts-upgradeable 21 contao/core-bundle 21 activerecord 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 @openzeppelin/contracts 20 github.com/cilium/cilium 20 github.com/ethereum/go-ethereum 19 code.gitea.io/gitea 19 github.com/docker/docker 19 DotNetNuke.Core 19 org.springframework:spring-core 19 tribalsystems/zenario 18 org.bouncycastle:bcprov-jdk14 18 com.vaadin:vaadin-bom 18 helm.sh/helm/v3 18 com.liferay.portal:release.dxp.bom 18 langchain 18 contao/contao 18 forkcms/forkcms 18 golang.org/x/net 17 Microsoft.AspNetCore.App.Runtime.win-x64 17 org.apache.geode:geode-core 17 cakephp/cakephp 17 PaddlePaddle 17 mercurial 17 cobbler 17 simplesamlphp/simplesamlphp 17 Microsoft.AspNetCore.App.Runtime.win-x86 17 francoisjacquet/rosariosis 17 symfony/security 17 org.xwiki.platform:xwiki-platform-web-templates 17 genix/cms 17 cockpit-hq/cockpit 17 rusqlite 16 pillow 16 sequelize 16 org.apache.activemq:activemq-client 16 wasmtime 16 yetiforce/yetiforce-crm 16 org.bouncycastle:bcprov-jdk15 16 org.apache.dubbo:dubbo 16 Microsoft.AspNetCore.App.Runtime.win-arm 16 directus 16 nova 15 org.apache.struts.xwork:xwork-core 15 cryptography 15 github.com/goharbor/harbor 15 org.apache.jspwiki:jspwiki-main 15 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 15 Microsoft.AspNetCore.App.Runtime.linux-arm64 15 topthink/framework 15 openmage/magento-lts 15 paddlepaddle 15 notebook 15 Microsoft.AspNetCore.App.Runtime.linux-arm 15 Microsoft.AspNetCore.App.Runtime.osx-x64 15 Microsoft.AspNetCore.App.Runtime.linux-x64 15 ghost 14 activesupport 14 symfony/security-http 14 keystone 14 zendframework/zendframework1 14 pyftpdlib 14 publify_core 14 phpmailer/phpmailer 14 gradio 14 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 14 typo3/cms-backend 14 ezsystems/ezpublish-kernel 14 org.xwiki.platform:xwiki-platform-web 14 ec-cube/ec-cube 14 tinymce 14 pyload-ng 14 modoboa 14 smarty/smarty 14 Microsoft.AspNetCore.App.Runtime.win-arm64 14 swagger-ui 14 next 13 codeigniter4/framework 13 github.com/containerd/containerd 13 bolt/bolt 13 strapi 13 org.apache.cxf:cxf 13 lavalite/cms 13 neutron 13 github.com/nats-io/nats-server/v2 13 org.apache.hadoop:hadoop-main 13 passenger 13 github.com/mattermost/mattermost-server 13 ckeditor4 13 org.apache.inlong:manager-pojo 13 impresscms/impresscms 13 october/system 13 github.com/traefik/traefik/v2 13 joplin 13 elefant/cms 13 github.com/go-gitea/gitea 12 phpbb/phpbb 12 undici 12 dompdf/dompdf 12 org.apache.dolphinscheduler:dolphinscheduler 12 github.com/opencontainers/runc 12 phpmyfaq/phpmyfaq 12
Filter by Repository
https://github.com/tensorflow/tensorflow 432 https://github.com/chakra-core/ChakraCore 214 https://github.com/moodle/moodle 210 https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/pimcore/pimcore 111 https://github.com/apache/tomcat 96 https://github.com/apache/airflow 90 https://github.com/microweber/microweber 85 https://github.com/django/django 74 https://github.com/FasterXML/jackson-databind 70 https://github.com/thorsten/phpmyfaq 69 https://github.com/keycloak/keycloak 59 https://github.com/usememos/memos 59 https://github.com/Dolibarr/dolibarr 54 https://github.com/rails/rails 53 https://github.com/ansible/ansible 53 https://github.com/python-pillow/Pillow 52 https://github.com/kubernetes/kubernetes 48 https://github.com/symfony/symfony 47 https://github.com/apache/struts 46 https://github.com/librenms/librenms 46 https://github.com/shopware/platform 43 https://github.com/ikus060/rdiffweb 42 https://github.com/TYPO3/typo3 42 https://github.com/spring-projects/spring-framework 41 https://github.com/phpmyadmin/phpmyadmin 38 https://github.com/star7th/showdoc 38 https://github.com/vyperlang/vyper 38 https://github.com/argoproj/argo-cd 37 https://github.com/plone/Products.CMFPlone 37 https://github.com/x-stream/xstream 36 https://github.com/concretecms/concretecms 34 https://github.com/answerdev/answer 34 https://github.com/octobercms/october 33 https://github.com/saltstack/salt 32 https://github.com/apache/activemq 32 https://github.com/matrix-org/synapse 32 https://github.com/magento/magento2 31 https://github.com/go-gitea/gitea 31 https://github.com/sparklemotion/nokogiri 31 https://github.com/PaddlePaddle/Paddle 31 https://github.com/craftcms/cms 29 https://github.com/parse-community/parse-server 29 https://github.com/opencv/opencv 28 https://github.com/CVEProject/cvelist 28 https://github.com/snipe/snipe-it 28 https://github.com/mautic/mautic 27 https://github.com/froxlor/froxlor 26 https://github.com/rancher/rancher 25 https://github.com/apache/inlong 25 https://github.com/mlflow/mlflow 25 https://github.com/electron/electron 25 https://github.com/TYPO3/TYPO3.CMS 24 https://github.com/shopware/shopware 24 https://github.com/pmmp/PocketMine-MP 23 https://github.com/dotnet/runtime 23 https://github.com/github/advisory-database 23 https://github.com/livehelperchat/livehelperchat 23 https://github.com/getgrav/grav 23 https://github.com/eclipse/jetty.project 23 https://github.com/grafana/grafana 22 https://github.com/contao/contao 22 https://github.com/firefly-iii/firefly-iii 22 https://github.com/baserproject/basercms 22 https://github.com/nervosnetwork/ckb 22 https://github.com/apache/nifi 21 https://github.com/strapi/strapi 21 https://github.com/gogs/gogs 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/netty/netty 20 https://github.com/cilium/cilium 20 https://github.com/PrestaShop/PrestaShop 20 https://github.com/jenkinsci/script-security-plugin 20 https://github.com/OpenZeppelin/openzeppelin-contracts 20 https://github.com/OpenNMS/opennms 20 https://github.com/intelliants/subrion 19 https://github.com/hashicorp/consul 19 https://github.com/cloudfoundry/uaa 19 https://github.com/nilsteampassnet/teampass 19 https://github.com/apache/cxf 19 https://github.com/helm/helm 19 https://github.com/rubygems/rubygems 18 https://github.com/nilsteampassnet/TeamPass 18 https://github.com/getkirby/kirby 18 https://github.com/bcgit/bc-java 18 https://github.com/vaadin/platform 17 https://github.com/rack/rack 17 https://github.com/liufee/cms 17 https://github.com/bytecodealliance/wasmtime 17 https://github.com/etcd-io/etcd 16 https://github.com/hashicorp/vault 16 https://github.com/opencast/opencast 16 https://github.com/sequelize/sequelize 16 https://github.com/rusqlite/rusqlite 16 https://github.com/yetiforcecompany/yetiforcecrm 16 https://github.com/forkcms/forkcms 16 https://github.com/umbraco/Umbraco-CMS 16 https://github.com/ethereum/go-ethereum 15 https://github.com/puppetlabs/puppet 15 https://github.com/goharbor/harbor 15 https://github.com/geoserver/geoserver 15 https://github.com/centreon/centreon 15 https://github.com/OpenMage/magento-lts 15 https://github.com/apache/camel 15 https://github.com/directus/directus 15 https://github.com/langchain-ai/langchain 14 https://github.com/pyca/cryptography 14 https://github.com/simplesamlphp/simplesamlphp 14 https://github.com/cobbler/cobbler 14 https://github.com/vantage6/vantage6 14 https://github.com/pyload/pyload 14 https://github.com/mattermost/mattermost 14 https://github.com/denoland/deno 14 https://github.com/PHPMailer/PHPMailer 14 https://github.com/cockpit-hq/cockpit 14 https://github.com/moby/moby 14 https://github.com/tinymce/tinymce 14 https://github.com/modoboa/modoboa 13 https://github.com/ming-soft/MCMS 13 https://github.com/hashicorp/nomad 13 https://github.com/publify/publify 13 https://github.com/xuxueli/xxl-job 13 https://github.com/gradio-app/gradio 13 https://github.com/golang/go 13 https://github.com/traefik/traefik 13 https://github.com/undertow-io/undertow 13 https://github.com/containerd/containerd 13 https://github.com/silverstripe/silverstripe-framework 13 https://github.com/quarkusio/quarkus 13 https://github.com/swagger-api/swagger-ui 13 https://github.com/dompdf/dompdf 13 https://github.com/laurent22/joplin 12 https://github.com/ckeditor/ckeditor4 12 https://github.com/apache/kylin 12 https://github.com/nodejs/undici 12 https://github.com/patriksimek/vm2 12 https://github.com/twisted/twisted 12 https://github.com/centreon/centreon-archived 12 https://github.com/TryGhost/Ghost 12 https://github.com/backstage/backstage 12 https://github.com/apache/dolphinscheduler 12 https://github.com/dromara/hutool 12 https://github.com/janeczku/calibre-web 11 https://github.com/jquery/jquery 11 https://github.com/cakephp/cakephp 11 https://github.com/urllib3/urllib3 11 https://github.com/thorsten/phpMyFAQ 11 https://github.com/vaadin/flow 11 https://github.com/cloudflare/cfrpki 11 https://github.com/containers/podman 11 https://github.com/igniterealtime/Openfire 11 https://github.com/opencontainers/runc 11 https://github.com/openstack/keystone 11 https://github.com/openfga/openfga 11 https://github.com/zitadel/zitadel 11 https://github.com/drupal/core 11 https://github.com/Studio-42/elFinder 11 https://github.com/smarty-php/smarty 11 https://github.com/NodeBB/NodeBB 11 https://github.com/puma/puma 11 https://github.com/onionshare/onionshare 11 https://github.com/greenpau/caddy-security 10 https://github.com/jenkinsci/git-plugin 10 https://github.com/1Panel-dev/1Panel 10 https://github.com/OPCFoundation/UA-.NETStandard 10 https://github.com/phusion/passenger 10 https://github.com/dpgaspar/Flask-AppBuilder 10 https://github.com/aio-libs/aiohttp 10 https://github.com/jupyter/notebook 10 https://github.com/dotnet/aspnetcore 10 https://github.com/keystonejs/keystone 10 https://github.com/pimcore/admin-ui-classic-bundle 10 https://github.com/cosmos/cosmos-sdk 10 https://github.com/zopefoundation/Zope 10 https://github.com/wagtail/wagtail 10 https://github.com/dolibarr/dolibarr 10 https://github.com/WWBN/AVideo 10 https://github.com/codeigniter4/CodeIgniter4 10 https://github.com/nats-io/nats-server 10 https://github.com/ezsystems/ezpublish-kernel 10 https://github.com/nextauthjs/next-auth 10 https://github.com/vercel/next.js 9 https://github.com/top-think/framework 9 https://github.com/apache/superset 9 https://github.com/Graylog2/graylog2-server 9 https://github.com/cri-o/cri-o 9 https://github.com/neorazorx/facturascripts 9 https://github.com/fatfreecrm/fat_free_crm 9 https://github.com/semplon/GeniXCMS 9 https://github.com/laravel/framework 9 https://github.com/cui2shark/cms 9 https://github.com/yiisoft/yii2 9 https://github.com/kevinpapst/kimai2 9 https://github.com/apache/lucene-solr 9 https://github.com/funadmin/funadmin 9 https://github.com/ethyca/fides 9 https://github.com/Pylons/waitress 9 https://github.com/spring-projects/spring-security 9