Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories

Loading...
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThjaDQtNThxcC1nM21w
Observable Timing Discrepancy in aaugustin websockets library
Ecosystems: pypi
Packages: websockets
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1mNHc2LWg0ZjUtd3g0Nc4AAu13
TensorFlow vulnerable to `CHECK` failure in tf.reshape via overflows
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgyMjUtNmN2ci04cHFw
superagent vulnerable to zip bomb attacks
Ecosystems: npm
Packages: superagent
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: almost 6 years ago
Moderate
GSA_kwCzR0hTQS1ncDJmLTI1NG0tcmgzMs0W9A
Unauthorized access to data in @sap-cloud-sdk/core
Ecosystems: npm
Packages: @sap-cloud-sdk/core
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS13cndmLXBtbWotdzk4Oc32Ww
Observable Discrepancy in BouncyCastle
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15on
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1xNHYzLXdtbTYtaGNyeM3g3w
pyrad is vulnerable to the use of Insufficiently Random Values
Ecosystems: pypi
Packages: pyrad
Source: GitHub Advisory Database
Blast Radius: 13.5
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ3cHYtY2o2eC12M2p3
http vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
Ecosystems: rubygems
Packages: http
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: about 6 years ago
Moderate
GSA_kwCzR0hTQS1ocjlyLThwaHEtNXg4as4AA0IN
OpenFGA vulnerable to denial of service due to circular relationship
Ecosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdtNDctOHY1cC13anBq
Possible request smuggling in HTTP/2 due missing validation
Ecosystems: maven
Packages: io.netty:netty, org.jboss.netty:netty, io.netty:netty-codec-http2
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS12ZnZqLTNtM2ctbTUzMs4AAyE3
fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime
Ecosystems: go
Packages: github.com/crossplane/crossplane-runtime
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1jMzVnLWpyNWYtaDgzcM4AAQt2
SleekXMPP and Slixmpp Incorrect Implementation of Message Carbons
Ecosystems: pypi
Packages: SleekXMPP, slixmpp
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThxZmMtY3ZqcC1tZ3Bx
Moderate severity vulnerability that affects org.apache.ignite:ignite-core
Ecosystems: maven
Packages: org.apache.ignite:ignite-core
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2ZzMtdjQ2cS01cDI4
Moderate severity vulnerability that affects org.apache.tika:tika-core
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 22.3
Published: over 5 years ago
Moderate
GSA_kwCzR0hTQS00cjZqLWZ3Y3gtOTRjZs4AAvz3
snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS)
Ecosystems: pypi
Packages: snowflake-connector-python
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS13cjl2LWc5dmYtYzc0ds4AAu24
TensorFlow vulnerable to segfault in `RaggedBincount`
Ecosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xMmMzLWpwbWMtZ2ZqeM4AAu2t
TensorFlow vulnerable to `CHECK` fail in `Conv2DBackpropInput`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0cjctN3A2Mi1xM2Zy
miekg/dns insecurely generates random numbers
Ecosystems: go
Packages: github.com/miekg/dns
Source: GitHub Advisory Database
Blast Radius: 28.9
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0ZzQtNWNmNi1oanAz
Apache Hive Information Exposure and Observable Timing Discrepancy
Ecosystems: maven
Packages: org.apache.hive:hive
Source: GitHub Advisory Database
Blast Radius: 5.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS12Yzg5LWhjY2YtcnE1Nc0hAg
Hash collision in typelevel jawn
Ecosystems: maven
Packages: org.typelevel:jawn-parser
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgybWYtbW1oNy1oeHA1
Directory traversal in development mode handler in Vaadin 14 and 15-17
Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 21.5
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB3aGYtNzQyNy05dnYy
Non-atomic writes in cgc
Ecosystems: cargo
Packages: cgc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMydzctOXdocC1janA5
Session Fixation in Tryton
Ecosystems: pypi
Packages: tryton
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI5Y2gtbTRmaC1mYzdx
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: over 5 years ago
Moderate
GSA_kwCzR0hTQS1jNm1tLTJnODQtdjRtN84AAzGy
Mage-ai missing user authentication
Ecosystems: pypi
Packages: mage-ai
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1qam1jLTRwODMtcHAyNs4AAp5_
Logic error in Matrix SDK for Android
Ecosystems: maven
Packages: org.matrix.android:matrix-android-sdk2
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14OTg5LXEycHEtNHE1eM4AAu2h
TensorFlow vulnerable to Int overflow in `RaggedRangeOp`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1ybTd2LWdxZmctcDJ3Y84AATps
Improper Validation of Certificate with Host Mismatch in Shibboleth Identity Provider and OpenSAML Java
Ecosystems: maven
Packages: org.opensaml:opensaml, edu.internet2.middleware:shibboleth-identityprovider
Source: GitHub Advisory Database
Blast Radius: 18.9
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS03ajNtLThnM2MtOXFxcc4AAu2N
TensorFlow vulnerable to null-dereference in `mlir::tfg::TFOp::nameAttr`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xOWg4LWdwdzUtYzk1Y84AAgem
Matrix Sydent mishandles emails
Ecosystems: pypi
Packages: matrix-sydent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02ZmdmLXg3d2ctaHA4cs4AAesG
Plone Unrestricted Filed Manipulation vulnerability via content edit forms
Ecosystems: pypi
Packages: plone
Source: GitHub Advisory Database
Blast Radius: 5.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdwanItajU3eC13eGZ3
Data leakage via cache key collision in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: almost 4 years ago
Moderate
GSA_kwCzR0hTQS0zajZnLWh4eDUtM3EyNs0V9g
Observable Discrepancy in Apache Kafka
Ecosystems: maven
Packages: org.apache.kafka:kafka-clients, org.apache.kafka:kafka_2.13, org.apache.kafka:kafka_2.12, org.apache.kafka:kafka_2.11
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1tZ21oLWcydjYtbXF3Nc4AAu2J
TensorFlow vulnerable to `CHECK` failure in `AvgPoolOp`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg0cm0tcWYzNy1mZ2My
Integer Overflow in openssl-src
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS14M2pyLXBmNmctYzQ4Zs4AAgxZ
Golang/x/crypto message forgery vulnerability
Ecosystems: go
Packages: golang.org/x/crypto
Source: GitHub Advisory Database
Blast Radius: 32.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMzOGctNDY5Zy1jbWd4
Improper Neutralization of Special Elements in Output in helm.sh/helm/v3
Ecosystems: go
Packages: helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS04amh3LTI4OWgtamgyZ84AA6l1
Vite's `server.fs.deny` did not deny requests for patterns with directories.
Ecosystems: npm
Packages: vite
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS0yODZ2LXBjZjUtMjVyY84AAof1
Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13NmYyLTh3eDQtNDdyNc4AAqY0
Incorrect Authorization in MySQL Connector Java
Ecosystems: maven
Packages: mysql:mysql-connector-java
Source: GitHub Advisory Database
Blast Radius: 33.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jcjZyLTZ4bTktd3cyMs4AAUL8
Yii Incorrectly Implements CORS
Ecosystems: packagist
Packages: yiisoft/yii2
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ncGN2LXAyOHAtZnYycM4AA1CL
odoh-rs's Invalid Slice Split Results in Server Panic
Ecosystems: cargo
Packages: odoh-rs
Source: GitHub Advisory Database
Blast Radius: 2.8
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1tNjU4LXAyNHgtcDc0cs0rEA
TLS certificate validation error in mellium.im/xmpp
Ecosystems: go
Packages: mellium.im/xmpp
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS0zZjg5LTg2OWYtNXc3Ns4AAug3
Cross-site scripting from dynamic options in the multiselect field
Ecosystems: packagist
Packages: getkirby/cms
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4NXEtd2hjOS1nNHA5
Use of Cryptographically Weak Pseudo-Random Number Generator in showdoc
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS00NG1yLTh2bW0td2poZ84AAv0V
Wasmtime out of bounds read/write with zero-memory-pages configuration
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgzbXgtNTczeC01cnc5
openssl-src NULL pointer Dereference in signature_algorithms processing
Ecosystems: cargo
Packages: openssl-src
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk0aGgtcGpqZy1yd21y
Padding Oracle Attack due to Observable Timing Discrepancy in jose-browser-runtime
Ecosystems: npm
Packages: jose-browser-runtime
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlncDQtcXJmZi1jNjQ4
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4OGMtM3g0OS02cnFq
rack-protection gem timing attack vulnerability when validating CSRF token
Ecosystems: rubygems
Packages: rack-protection
Source: GitHub Advisory Database
Blast Radius: 30.1
Published: about 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0ZzItOWhqNi01NDcy
Moderate severity vulnerability that affects com.rabbitmq:amqp-client and org.springframework.amqp:spring-amqp
Ecosystems: maven
Packages: com.rabbitmq:amqp-client, org.springframework.amqp:spring-amqp
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: over 5 years ago
Moderate
GSA_kwCzR0hTQS1nNjNoLXE4NTUtdnAzcc4AArtG
Configuration API in EdgeXFoundry 2.1.0 and earlier exposes message bus credentials to local unauthenticated users
Ecosystems: go
Packages: github.com/edgexfoundry/app-functions-sdk-go/v2, github.com/edgexfoundry/device-sdk-go/v2
Source: GitHub Advisory Database
Blast Radius: 9.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12NjVnLWYzY2otZmpwNM4AAuXk
Regular expression denial of service in eth-account
Ecosystems: pypi
Packages: eth-account
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xaHc0LXd3cjctZ2pjNc4AAu2c
TensorFlow vulnerable to `CHECK` fail in `EmptyTensorList`
Ecosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdxd2YteDVjai1yZzU2
Kubernetes Arbitrary Command Injection
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY1MjgtN2hybS1mcnFw
Improper Check for Unusual or Exceptional Conditions in json-smart
Ecosystems: maven
Packages: net.minidev:json-smart, net.minidev:json-smart-mini
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhqeGMtNDYyeC14Nzdq
TOCTOU Race Condition in Yarn
Ecosystems: npm
Packages: yarn
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1jMmZmLTg4eDIteDlwZ84AA3RL
JWT Algorithm Confusion
Ecosystems: npm
Packages: fast-jwt
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: 6 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1xNjYtdmNmYy04MjQ2
Mercurial Path Traversal/Link Following vulnerability
Ecosystems: pypi
Packages: mercurial
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpncmgtNW0zaC05YzVm
Web Cache Poisoning in find-my-way
Ecosystems: npm
Packages: find-my-way
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: over 3 years ago
Moderate
GSA_kwCzR0hTQS05ajR2LXBwMjgtbXh2N84AAu2F
TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannel`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS13NTg5LXIzMzUtNGY1Nc4AAnsP
SaltStack Salt Improper Certificate Validation
Ecosystems: pypi
Packages: salt
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yNWM1LXByOGotcGZwN84AAgqb
golang.org/x/crypto/salsa20/salsa uses insufficiently random values
Ecosystems: go
Packages: golang.org/x/crypto
Source: GitHub Advisory Database
Blast Radius: 32.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00NHByLW1nY3AtdjM2cs4AAZbj
SimpleSAMLphp Unauthenticated encryption in CBC mode
Ecosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZocm0tanFwMy02NGN2
Improper Certificate Validation in TweetStream
Ecosystems: rubygems
Packages: tweetstream
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS02cnJyLTc4eHAtNWpwOM4AAw6R
Zitadel RefreshToken invalidation vulnerability
Ecosystems: go
Packages: github.com/zitadel/zitadel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1jZ2dtLTUycXAtd3Z3N84AAa-o
txAWS AWSServiceEndpoint defaults to not verifying server certificates
Ecosystems: pypi
Packages: txaws
Source: GitHub Advisory Database
Blast Radius: 2.8
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThnZjUtcTlwOS13dm1j
Data race in atomic-option
Ecosystems: cargo
Packages: atomic-option
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS01OTdjLW1oN20tNDh2N84AASBA
SimpleSAMLphp Invalid token creation and validation
Ecosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1mcXhjLXB2ZjgtMnc5ds4AAu2b
TensorFlow vulnerable to null dereference on MLIR on empty function attributes
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1oeHAyLXhxZjMtdjgzaM4AAxd5
Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2
Ecosystems: go
Packages: github.com/pion/dtls, github.com/pion/dtls/v2
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZqNTktZjZjMy0zdnc0
Command Injection in systeminformation
Ecosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5NzMtMnFjYy1wNzh4
User Impersonation in converse.js
Ecosystems: npm
Packages: converse.js
Source: GitHub Advisory Database
Blast Radius: 5.0
Published: over 3 years ago
Moderate
GSA_kwCzR0hTQS02NWo1LXZwbTctNnhwNM4AAU0X
Smarty Path Traversal Vulnerability
Ecosystems: packagist
Packages: smarty/smarty
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS04NnZxLThxaGMtNXJxd84AAWrf
Apache Struts vulnerable to possible DoS attack when using URLValidator
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS05dng4LWY1YzQtODYyeM4AAxzX
XML External Entity (XXE) vulnerability in apoc.import.graphml
Ecosystems: maven
Packages: org.neo4j.procedure:apoc
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: about 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJjajItdnZqeC04N3Bt
Missing Encryption of Sensitive Data in arrow-kt Arrow
Ecosystems: maven
Packages: io.arrow-kt:arrow-ank-gradle
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc3NTMtangzNy03eHdo
ECDSA signature vulnerability of Minerva timing attack in jsrsasign
Ecosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: almost 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMyNWotMjRmNC1xdjV4
Regular Expression Denial of Service in ssri
Ecosystems: npm
Packages: ssri
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: about 6 years ago
Moderate
GSA_kwCzR0hTQS1nd3B4LXEyaDktd3hneM0YzA
elgg is vulnerable to Authorization Bypass Through User-Controlled Key
Ecosystems: packagist
Packages: elgg/elgg
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3amYtZmpqZi14Y3d3
Invalid Curve Attack in openpgp
Ecosystems: npm
Packages: openpgp
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: over 4 years ago
Moderate
GSA_kwCzR0hTQS13dzN3LTU5MmotNXFyd84AAZbs
SimpleSAMLphp Incorrect IV generation for encryption
Ecosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02ODljLXI3aDItZnY5ds4AAu2x
TensorFlow vulnerable to segfault in `QuantizedMatMul`
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1yMnJxLTNoNTYtZnFtNM4AATu7
Symfony DoS
Ecosystems: packagist
Packages: symfony/http-foundation, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0zMzY2LTkyODctN3Fwcs4AA5Zv
Path disclosure in JavaScript variable
Ecosystems: packagist
Packages: prestashop/prestashop
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS00aDJxLTg0dzctNG1oeM4AAywf
nilsteampassnet/teampass vulnerable to stored cross-site scripting (XSS)
Ecosystems: packagist
Packages: nilsteampassnet/teampass
Source: GitHub Advisory Database
Blast Radius: 3.5
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1yd2ZxLXY0aHEtaDdmZ84AA7eH
static-web-server vulnerable to stored Cross-site Scripting in directory listings via file names
Ecosystems: cargo
Packages: static-web-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 13 days ago
Moderate
GSA_kwCzR0hTQS1ncHh2LTc3NnAtN2djN84AAjcM
Jenkins vulnerable to UDP amplification reflection attack
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05cGhoLXIzN3YtMzR3aM4AA1SQ
lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files
Ecosystems: go
Packages: github.com/treeverse/lakefs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU5cWctZ3JwNy01cjcz
Weave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisements
Ecosystems: go
Packages: github.com/weaveworks/weave
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1yNjU3LTN3cWgtZzJ4Oc4AA2Jx
Microweber uses hard coded credentials
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: 8 months ago
Moderate
GSA_kwCzR0hTQS03N212LTRyZzctcjhxds4AArtT
Potential Sensitive Cookie Exposure in NPM Packages @finastra/nestjs-proxy, @ffdc/nestjs-proxy
Ecosystems: npm
Packages: @finastra/nestjs-proxy
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00MndxLXJjaDgtNmY2as4AAt2p
CKEditor5 cross-site scripting vulnerability caused by the editor instance destroying process
Ecosystems: npm
Packages: @ckeditor/ckeditor5-html-embed, @ckeditor/ckeditor5-html-support, @ckeditor/ckeditor5-markdown-gfm
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qNTYyLWMzY3ctM3A1Z84AArtS
Potential Authorization Header Exposure in NPM Packages @finastra/nestjs-proxy, @ffdc/nestjs-proxy
Ecosystems: npm
Packages: @finastra/nestjs-proxy
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmcmMtN3I3Yy13OW14
Prototype Pollution in highlight.js
Ecosystems: npm
Packages: highlight.js
Source: GitHub Advisory Database
Blast Radius: 33.9
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZoN3ctZmM4NC14N3A2
StaticFile.fromUrl can leak presence of a directory
Ecosystems: maven
Packages: org.http4s:http4s-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS04OGcyLXhnaDktNHBoMs4AA3Yk
OroCommerce get-totals-for-checkout API endpoint returns unwanted data
Ecosystems: packagist
Packages: oro/commerce
Source: GitHub Advisory Database
Blast Radius: 10.5
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1nY2o3LWo0MzgtaGpqMs05RQ
Smokescreen SSRF via deny list bypass
Ecosystems: go
Packages: github.com/stripe/smokescreen
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0zcG1qLWpxcXAtMm1qM84AA1Dg
matrix-appservice-irc IRC command injection via admin commands containing newlines
Ecosystems: npm
Packages: matrix-appservice-irc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS02Y3FqLTY5NjktcDU3eM4AAv-p
Lack of proper validation of server UUID can be used by the server to trick the client to accept invalid proofs
Ecosystems: go
Packages: github.com/codenotary/immudb
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1qMndoLXdydjMtNHg0Z84AAxq7
Unwanted access to the entire file system vulnerability due to a missing check in `staticFiles` HTTP handler
Ecosystems: npm
Packages: @graphql-mesh/http, @graphql-mesh/cli
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: about 1 year ago
Statistics
Advisories: 18,459
Packages: 8,320
Repositories: 5,041
Ecosystems: 12
Filter by Severity
Moderate 7,975 High 6,383 Critical 2,818 Low 992
Filter by Ecosystem
maven 5,538 packagist 3,825 pypi 3,754 npm 3,557 go 1,905 nuget 1,391 rubygems 815 cargo 780 swift 31 hex 30 actions 16 pub 8
Filter by Package
tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 moodle/moodle 323 Microsoft.ChakraCore 247 org.jenkins-ci.main:jenkins-core 189 magento/community-edition 182 org.apache.tomcat:tomcat 134 pimcore/pimcore 116 dolibarr/dolibarr 107 typo3/cms 102 phpmyadmin/phpmyadmin 92 microweber/microweber 91 django 80 apache-airflow 78 drupal/core 76 typo3/cms-core 73 thorsten/phpmyfaq 70 com.fasterxml.jackson.core:jackson-databind 69 ansible 63 drupal/drupal 61 github.com/usememos/memos 59 actionpack 57 org.apache.struts:struts2-core 55 librenms/librenms 54 symfony/symfony 53 salt 53 concrete5/concrete5 52 apache-superset 49 shopware/platform 48 org.keycloak:keycloak-core 47 Plone 47 com.liferay.portal:release.portal.bom 45 baserproject/basercms 43 plone 43 nokogiri 43 rdiffweb 42 Pillow 41 intelliants/subrion 40 showdoc/showdoc 40 craftcms/cms 40 github.com/mattermost/mattermost/server/v8 38 vyper 38 froxlor/froxlor 37 github.com/mattermost/mattermost-server/v6 37 nilsteampassnet/teampass 37 shopware/core 36 com.jfinal:jfinal 36 org.apache.tomcat.embed:tomcat-embed-core 36 com.thoughtworks.xstream:xstream 36 matrix-synapse 35 net.mingsoft:ms-mcms 35 github.com/answerdev/answer 34 org.xwiki.platform:xwiki-platform-oldcore 34 k8s.io/kubernetes 32 snipe/snipe-it 32 silverstripe/framework 32 org.jenkins-ci.plugins:script-security 32 org.elasticsearch:elasticsearch 32 mlflow 31 opencv-python 30 opencv-contrib-python 30 parse-server 29 github.com/argoproj/argo-cd 29 mautic/core 29 Django 28 github.com/grafana/grafana 28 getgrav/grav 28 github.com/hashicorp/vault 28 github.com/rancher/rancher 28 io.undertow:undertow-core 27 centreon/centreon 27 shopware/shopware 27 org.keycloak:keycloak-services 27 github.com/hashicorp/nomad 26 openssl-src 26 github.com/hashicorp/consul 26 electron 26 org.apache.solr:solr-core 25 org.keycloak:keycloak-parent 25 rubygems-update 25 magento/core 24 gogs.io/gogs 24 moin 24 prestashop/prestashop 24 org.springframework.security:spring-security-core 23 pocketmine/pocketmine-mp 23 puppet 23 remdex/livehelperchat 23 github.com/argoproj/argo-cd/v2 23 org.eclipse.jetty:jetty-server 23 getkirby/cms 22 org.apache.nifi:nifi 22 ckb 22 rack 22 grumpydictator/firefly-iii 22 contao/core-bundle 21 org.apache.openmeetings:openmeetings-parent 21 activerecord 21 @openzeppelin/contracts-upgradeable 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 tribalsystems/zenario 20 github.com/cilium/cilium 20 @openzeppelin/contracts 20 github.com/ethereum/go-ethereum 20 DotNetNuke.Core 19 org.bouncycastle:bcprov-jdk14 19 org.springframework:spring-core 19 github.com/docker/docker 19 code.gitea.io/gitea 19 simplesamlphp/simplesamlphp 18 contao/contao 18 directus 18 helm.sh/helm/v3 18 forkcms/forkcms 18 com.liferay.portal:release.dxp.bom 18 langchain 18 com.vaadin:vaadin-bom 18 symfony/security 17 keystone 17 nova 17 org.xwiki.platform:xwiki-platform-web-templates 17 cakephp/cakephp 17 golang.org/x/net 17 topthink/framework 17 francoisjacquet/rosariosis 17 PaddlePaddle 17 Microsoft.AspNetCore.App.Runtime.win-x64 17 mercurial 17 cobbler 17 org.apache.geode:geode-core 17 cockpit-hq/cockpit 17 genix/cms 17 Microsoft.AspNetCore.App.Runtime.win-x86 17 Microsoft.AspNetCore.App.Runtime.win-arm 16 org.apache.dubbo:dubbo 16 sequelize 16 yetiforce/yetiforce-crm 16 pillow 16 rusqlite 16 org.apache.activemq:activemq-client 16 org.bouncycastle:bcprov-jdk15 16 wasmtime 16 Microsoft.AspNetCore.App.Runtime.osx-x64 15 cryptography 15 notebook 15 Microsoft.AspNetCore.App.Runtime.linux-x64 15 org.apache.struts.xwork:xwork-core 15 openmage/magento-lts 15 github.com/goharbor/harbor 15 paddlepaddle 15 next 15 org.apache.jspwiki:jspwiki-main 15 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 15 gradio 15 Microsoft.AspNetCore.App.Runtime.linux-arm64 15 Microsoft.AspNetCore.App.Runtime.linux-arm 15 typo3/cms-backend 14 zendframework/zendframework1 14 ezsystems/ezpublish-kernel 14 ec-cube/ec-cube 14 pyftpdlib 14 symfony/security-http 14 phpmailer/phpmailer 14 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 14 Microsoft.AspNetCore.App.Runtime.win-arm64 14 ghost 14 publify_core 14 org.xwiki.platform:xwiki-platform-web 14 smarty/smarty 14 swagger-ui 14 pyload-ng 14 modoboa 14 activesupport 14 org.apache.inlong:manager-pojo 14 tinymce 14 joplin 13 strapi 13 bolt/bolt 13 elefant/cms 13 github.com/containerd/containerd 13 org.apache.hadoop:hadoop-main 13 lavalite/cms 13 neutron 13 codeigniter4/framework 13 github.com/traefik/traefik/v2 13 impresscms/impresscms 13 github.com/nats-io/nats-server/v2 13 org.apache.cxf:cxf 13 october/system 13 passenger 13 ckeditor4 13 github.com/mattermost/mattermost-server 13 org.jenkins-ci.plugins.workflow:workflow-cps 12 actionview 12 studio-42/elfinder 12 dompdf/dompdf 12 vantage6 12 deno 12 com.vaadin:flow-server 12
Filter by Repository
https://github.com/tensorflow/tensorflow 432 https://github.com/chakra-core/ChakraCore 214 https://github.com/moodle/moodle 210 https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/pimcore/pimcore 111 https://github.com/apache/tomcat 96 https://github.com/apache/airflow 90 https://github.com/django/django 85 https://github.com/microweber/microweber 85 https://github.com/FasterXML/jackson-databind 70 https://github.com/thorsten/phpmyfaq 69 https://github.com/keycloak/keycloak 59 https://github.com/usememos/memos 59 https://github.com/Dolibarr/dolibarr 55 https://github.com/ansible/ansible 53 https://github.com/rails/rails 53 https://github.com/python-pillow/Pillow 52 https://github.com/kubernetes/kubernetes 48 https://github.com/symfony/symfony 47 https://github.com/librenms/librenms 46 https://github.com/apache/struts 46 https://github.com/shopware/platform 43 https://github.com/TYPO3/typo3 42 https://github.com/ikus060/rdiffweb 42 https://github.com/spring-projects/spring-framework 41 https://github.com/phpmyadmin/phpmyadmin 38 https://github.com/star7th/showdoc 38 https://github.com/vyperlang/vyper 38 https://github.com/argoproj/argo-cd 37 https://github.com/plone/Products.CMFPlone 37 https://github.com/x-stream/xstream 36 https://github.com/answerdev/answer 34 https://github.com/concretecms/concretecms 34 https://github.com/apache/activemq 33 https://github.com/octobercms/october 33 https://github.com/saltstack/salt 32 https://github.com/matrix-org/synapse 32 https://github.com/sparklemotion/nokogiri 32 https://github.com/magento/magento2 31 https://github.com/PaddlePaddle/Paddle 31 https://github.com/go-gitea/gitea 31 https://github.com/craftcms/cms 29 https://github.com/parse-community/parse-server 29 https://github.com/opencv/opencv 28 https://github.com/CVEProject/cvelist 28 https://github.com/snipe/snipe-it 28 https://github.com/mautic/mautic 27 https://github.com/apache/inlong 26 https://github.com/froxlor/froxlor 26 https://github.com/electron/electron 25 https://github.com/rancher/rancher 25 https://github.com/mlflow/mlflow 25 https://github.com/shopware/shopware 24 https://github.com/TYPO3/TYPO3.CMS 24 https://github.com/dotnet/runtime 23 https://github.com/getgrav/grav 23 https://github.com/pmmp/PocketMine-MP 23 https://github.com/eclipse/jetty.project 23 https://github.com/livehelperchat/livehelperchat 23 https://github.com/github/advisory-database 23 https://github.com/grafana/grafana 22 https://github.com/baserproject/basercms 22 https://github.com/firefly-iii/firefly-iii 22 https://github.com/nervosnetwork/ckb 22 https://github.com/contao/contao 22 https://github.com/strapi/strapi 21 https://github.com/apache/nifi 21 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/cilium/cilium 20 https://github.com/OpenNMS/opennms 20 https://github.com/netty/netty 20 https://github.com/OpenZeppelin/openzeppelin-contracts 20 https://github.com/PrestaShop/PrestaShop 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/gogs/gogs 20 https://github.com/hashicorp/consul 19 https://github.com/nilsteampassnet/teampass 19 https://github.com/bcgit/bc-java 19 https://github.com/apache/cxf 19 https://github.com/intelliants/subrion 19 https://github.com/helm/helm 19 https://github.com/cloudfoundry/uaa 19 https://github.com/rubygems/rubygems 18 https://github.com/getkirby/kirby 18 https://github.com/nilsteampassnet/TeamPass 18 https://github.com/rack/rack 17 https://github.com/bytecodealliance/wasmtime 17 https://github.com/directus/directus 17 https://github.com/vaadin/platform 17 https://github.com/liufee/cms 17 https://github.com/rusqlite/rusqlite 16 https://github.com/opencast/opencast 16 https://github.com/ethereum/go-ethereum 16 https://github.com/hashicorp/vault 16 https://github.com/etcd-io/etcd 16 https://github.com/forkcms/forkcms 16 https://github.com/yetiforcecompany/yetiforcecrm 16 https://github.com/umbraco/Umbraco-CMS 16 https://github.com/sequelize/sequelize 16 https://github.com/geoserver/geoserver 15 https://github.com/denoland/deno 15 https://github.com/puppetlabs/puppet 15 https://github.com/OpenMage/magento-lts 15 https://github.com/apache/camel 15 https://github.com/openstack/keystone 15 https://github.com/simplesamlphp/simplesamlphp 15 https://github.com/centreon/centreon 15 https://github.com/goharbor/harbor 15 https://github.com/gradio-app/gradio 14 https://github.com/cockpit-hq/cockpit 14 https://github.com/pyload/pyload 14 https://github.com/mattermost/mattermost 14 https://github.com/pyca/cryptography 14 https://github.com/cobbler/cobbler 14 https://github.com/PHPMailer/PHPMailer 14 https://github.com/tinymce/tinymce 14 https://github.com/langchain-ai/langchain 14 https://github.com/moby/moby 14 https://github.com/vantage6/vantage6 14 https://github.com/hashicorp/nomad 13 https://github.com/publify/publify 13 https://github.com/containerd/containerd 13 https://github.com/golang/go 13 https://github.com/traefik/traefik 13 https://github.com/ming-soft/MCMS 13 https://github.com/quarkusio/quarkus 13 https://github.com/swagger-api/swagger-ui 13 https://github.com/modoboa/modoboa 13 https://github.com/undertow-io/undertow 13 https://github.com/xuxueli/xxl-job 13 https://github.com/dompdf/dompdf 13 https://github.com/silverstripe/silverstripe-framework 13 https://github.com/TryGhost/Ghost 12 https://github.com/twisted/twisted 12 https://github.com/nodejs/undici 12 https://github.com/patriksimek/vm2 12 https://github.com/apache/dolphinscheduler 12 https://github.com/apache/kylin 12 https://github.com/centreon/centreon-archived 12 https://github.com/laurent22/joplin 12 https://github.com/ckeditor/ckeditor4 12 https://github.com/dromara/hutool 12 https://github.com/backstage/backstage 12 https://github.com/smarty-php/smarty 11 https://github.com/top-think/framework 11 https://github.com/puma/puma 11 https://github.com/igniterealtime/Openfire 11 https://github.com/cloudflare/cfrpki 11 https://github.com/containers/podman 11 https://github.com/NodeBB/NodeBB 11 https://github.com/aio-libs/aiohttp 11 https://github.com/drupal/core 11 https://github.com/opencontainers/runc 11 https://github.com/jquery/jquery 11 https://github.com/vercel/next.js 11 https://github.com/openfga/openfga 11 https://github.com/urllib3/urllib3 11 https://github.com/onionshare/onionshare 11 https://github.com/zitadel/zitadel 11 https://github.com/Studio-42/elFinder 11 https://github.com/vaadin/flow 11 https://github.com/cakephp/cakephp 11 https://github.com/janeczku/calibre-web 11 https://github.com/thorsten/phpMyFAQ 11 https://github.com/1Panel-dev/1Panel 11 https://github.com/jupyter/notebook 10 https://github.com/greenpau/caddy-security 10 https://github.com/zopefoundation/Zope 10 https://github.com/wagtail/wagtail 10 https://github.com/keystonejs/keystone 10 https://github.com/OPCFoundation/UA-.NETStandard 10 https://github.com/Sylius/Sylius 10 https://github.com/codeigniter4/CodeIgniter4 10 https://github.com/jenkinsci/git-plugin 10 https://github.com/nextauthjs/next-auth 10 https://github.com/pimcore/admin-ui-classic-bundle 10 https://github.com/dolibarr/dolibarr 10 https://github.com/phusion/passenger 10 https://github.com/ezsystems/ezpublish-kernel 10 https://github.com/nocodb/nocodb 10 https://github.com/dpgaspar/Flask-AppBuilder 10 https://github.com/dotnet/aspnetcore 10 https://github.com/nats-io/nats-server 10 https://github.com/WWBN/AVideo 10 https://github.com/apache/lucene-solr 9 https://github.com/Pylons/waitress 9 https://github.com/nautobot/nautobot 9 https://github.com/cosmos/cosmos-sdk 9 https://github.com/apache/superset 9 https://github.com/faucetsdn/ryu 9 https://github.com/spring-projects/spring-security 9 https://github.com/kevinpapst/kimai2 9 https://github.com/DSpace/DSpace 9 https://github.com/cri-o/cri-o 9 https://github.com/neorazorx/facturascripts 9 https://github.com/fatfreecrm/fat_free_crm 9 https://github.com/giampaolo/pyftpdlib 9 https://github.com/pgadmin-org/pgadmin4 9