Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1wZmc2LWNqM2otcnB2NM4AA1uw
Missing permission check in Jenkins AWS CodeCommit Trigger Plugin allows enumerating credentials IDs
Ecosystems: maven
Packages: org.jenkins-ci.plugins:aws-codecommit-trigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1yNDI4LWczNzMtbTJoNM4AA1vJ
Missing permission check in Jenkins AWS CodeCommit Trigger Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:aws-codecommit-trigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
High
GSA_kwCzR0hTQS02cTRwLWpyanYtNDRnZs4AAhnn
Cross-site request forgery vulnerability in Jenkins XL TestView Plugin
Ecosystems: maven
Packages: com.xebialabs.xlt.ci:xltestview-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ndzhnLWhoNDctcTRnd84AAXbO
Cross-Site Request Forgery (CSRF) vulnerability in Jenkins global-build-stats plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:global-build-stats
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14Z21oLXJ2cHctNjQ5OM4AAXIn
Reflected cross-site-scripting vulnerability in report URL of Jenkins CppNCSS Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cppncss
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1nbWhqLXhqZmgtY2Y2bc4AAvAc
Caddy-SSH vulnerable to Authorization Bypass due to incorrect usage of PAM library
Ecosystems: go
Packages: github.com/mohammed90/caddy-ssh
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1xNzNmLXczaDctN3djY84AA5Cr
Nervos CKB Transaction which calls syscall load_cell_data_hash has nondeterministic result
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
GSA_kwCzR0hTQS13anhjLXBqeDktNHd2bc4AA5Cp
Nervos CKB Panic on malformed input
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Critical
GSA_kwCzR0hTQS00NDU2LXczOHItbTUzeM4AAvAa
Besu VM vulnerable to gas allocation error in CALL operations
Ecosystems: maven
Packages: org.hyperledger.besu:evm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1jM3YyLTUzODgtdjhwd84AAxqE
CSRF vulnerability in Jenkins Coverity Plugin allow capturing credentials
Ecosystems: maven
Packages: org.jenkins-ci.plugins:synopsys-coverity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1ycjNwLTVmY2YtdjVtM84AAz2X
SSL/TLS certificate validation disabled by default in Jenkins Checkmarx Plugin
Ecosystems: maven
Packages: com.checkmarx.jenkins:checkmarx
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS05cHZ3LThxOTItaG05d84AAz2V
Stored XSS vulnerability in Jenkins Maven Repository Server Plugin
Ecosystems: maven
Packages: jenkins:repository
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
GSA_kwCzR0hTQS1oajdwLWg3NGotNmd4as4AA1ur
Non-constant time nonce comparison in Jenkins Microsoft Entra ID (previously Azure AD) Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:azure-ad
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
High
GSA_kwCzR0hTQS12cnBnLWM3YzQtOG1weM4AA1us
SSRF vulnerability in Jenkins Bitbucket Push and Pull Request Plugin allows capturing credentials
Ecosystems: maven
Packages: io.jenkins.plugins:bitbucket-push-and-pull-request
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS00aHByLWhoNzctNnE5cM4AArfW
Cross site scripting in francoisjacquet/rosariosis
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS00Z2gyLW04OGgtOGNqOM4AA1uz
Disabled permissions can be granted by Jenkins SSH2 Easy Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ssh2easy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS02M3Z3LXJwcnYtNGY4as4AA1uv
CSRF vulnerability in Jenkins Ivy Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ivy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS05Y3E1LXhnZzQteDQ3N80mxg
SQL Injection in showdoc
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS01anhwLWY1cnItZzZqY84AA1ux
XSS vulnerability in Jenkins Job Configuration History Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:jobConfigHistory
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1wdmpmLTRoZmctd3I4NM4AA05Y
Incorrect control flow in Jenkins Gradle Plugin breaks credentials masking in the build log
Ecosystems: maven
Packages: org.jenkins-ci.plugins:gradle
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Low
GSA_kwCzR0hTQS04aGM2LXc0NG0td2Z4Zs4AA0zl
Potential leak of credentials in Micro Focus Dimensions CM Jenkins Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dimensionsscm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
High
GSA_kwCzR0hTQS1nZzUzLXdmNXgtcjNyNs4AAu8Q
XWiki Platform Security Parent POM vulnerable to overwriting of security rules of a page with a final page having the same reference
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1weDM5LTVoOGMtajNjOM4AA0zj
Exposure of system-scoped credentials in Jenkins Dimensions Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dimensionsscm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Moderate
GSA_kwCzR0hTQS1nNHFmLTU1MjMtN3d2Zs4AA1uy
HTML injection vulnerability in Jenkins AWS CodeCommit Trigger Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:aws-codecommit-trigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1wOTg2LWhwcjMtNDkzcM4AA1vD
Missing permission checks in Jenkins Frugal Testing Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:frugal-testing
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY4M3AteHdtOS12NGc4
Injection in Apache Archiva
Ecosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1xZjQyLWY1dmYtNnc5Oc4AA1vA
Disabled permissions granted by Jenkins Assembla Auth Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:assembla-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
High
GSA_kwCzR0hTQS1wNzVnLWdjdjUtNDJxZ84AAlex
Grin insufficient data validation
Ecosystems: cargo
Packages: grin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03dzZwLXJ3aGctN2gzZ84AAjXS
Grin Insufficient Validation
Ecosystems: cargo
Packages: grin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS04NHgyLTJxdjYtcWc1Ns4AA5Ch
Nervos CKB P2P DoS Attacks
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS12aDU1LTc4Nmctd2p3as4AA5C3
.NET Information Disclosure Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.win-x64, System.Security.Cryptography.Xml
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS1oNGMzLTUyNzUtdnJtZ84AA5Cu
Nervos CKB Pool does not remove the conflicting transactions from the statistics
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS05eGZ3LWpqcTItN3Y4aM4AA5Eg
1Panel set-cookie is missing the Secure keyword
Ecosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Critical
GSA_kwCzR0hTQS03eG04LXdqcTctODhyNc4AA47X
DeviceFarmer stf uses DES-ECB
Ecosystems: npm
Packages: @devicefarmer/stf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS1qbWhmLTlmajgtODhnaM0uLw
Open Redirect in AllTube
Ecosystems: packagist
Packages: rudloff/alltube
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS02NzI2LTJyeDMtY2d3aM4AA5JB
Apache Ozone Improper Authentication vulnerability
Ecosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS04djI4LTNnODYtY2hqNc4AA5Ke
PanelSwWix4.Sdk .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
Ecosystems: nuget
Packages: PanelSwWix4.Sdk
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS0yNTlwLXJ2angtZmZ3Z84AA5Kd
Panel::Software Customized WiX .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
Ecosystems: nuget
Packages: PanelSW.Custom.WiX
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS05MmN2LXd2MmMtODg5Oc4AAgNC
Apache MyFaces Cross-site Scripting vulnerability
Ecosystems: maven
Packages: org.apache.myfaces.core:myfaces-core-module
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1oNWptLWpqZ3gtcTJ3Zs2VbA
XWiki Remote Code Execution
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Low
GSA_kwCzR0hTQS1tM2Y0LTk1N3gtbTc4Nc4AA5OZ
lambda-middleware Inefficient Regular Expression Complexity vulnerability
Ecosystems: npm
Packages: @lambda-middleware/json-deserializer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS0yN3BnLTRjajYtODk5NM4AAypj
yuan1994 tpAdmin Unrestricted Upload of File with Dangerous Type vulnerability
Ecosystems: packagist
Packages: yuan1994/tpadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1nNzRxLTV4dzMtajdxOc4AA5RK
Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS01bXA0LTMycnItdjN4Nc4AA5Rp
Absolute path traversal vulnerability in digdag server
Ecosystems: maven
Packages: io.digdag:digdag-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS1yYzRwLXAzajktNjU3N84AA5ds
pypqc private key retrieval vulnerability
Ecosystems: pypi
Packages: pypqc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS13Zm0zLWdxOWgtbXJqbc4AA5dw
Appwrite Directory Traversal vulnerability
Ecosystems: packagist
Packages: appwrite/server-ce
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS1oeDVxLXY2cGotNTMzcs4AA5go
SAML authentication bypass due to missing validation on unsigned SAML messages
Ecosystems: maven
Packages: com.linecorp.centraldogma:centraldogma-server-auth-saml
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1jMzcyLXg1N3AtNng3ds2_bw
Apache Geronimo Application Server multiple cross-site scripting (XSS) vulnerabilities
Ecosystems: maven
Packages: org.apache.geronimo.plugins:console
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1xNmg4LTRqMnYtcGpnNM4AA5gv
Minder trusts client-provided mapping from repo name to upstream ID
Ecosystems: go
Packages: github.com/stacklok/minder
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS03NXgyLTZoNG0taDZteM4AA5oj
FullStackHero's WebAPI Boilerplate host header injection vulnerability
Ecosystems: nuget
Packages: FullStackHero.WebAPI.Boilerplate
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1meGo4LWNxY3AtM3Zncc4AAdTf
Jenkins cross-site scripting (XSS) vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS12NjI3LTY5djIteHgzN84AA5xb
`GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user
Ecosystems: go
Packages: github.com/stacklok/minder
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS1wNGpnLXBjY2YtaDgyY803PQ
Insecure Temporary File in SWHKD
Ecosystems: cargo
Packages: Simple-Wayland-HotKey-Daemon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Low
GSA_kwCzR0hTQS14NDQ2LTN4aHEtNXhmcM07mA
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon
Ecosystems: cargo
Packages: Simple-Wayland-HotKey-Daemon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1jOTY3LTI2NTItZ2Zqbc4AA5zF
CasaOS Username Enumeration
Ecosystems: go
Packages: github.com/IceWhaleTech/CasaOS-UserService
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS01cndtLTJ4dzgtaGg5cM4AA5X7
Deserialization of Untrusted Data in Torrentpier
Ecosystems: packagist
Packages: torrentpier/torrentpier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS14eHY5LXc1aG0tMzI4as4AA5zZ
Jenkins AppSpider Plugin missing permission checks
Ecosystems: maven
Packages: com.rapid7:jenkinsci-appspider-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1qNmpnLXc3OWMtN3A4ds0zJQ
File Upload Restriction Bypass leading to Cross-site Scripting in ShowDoc
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00aGZwLW05Z3YtbTc1M84AA5bO
XWiki extension license information is public, exposing instance id and license holder details
Ecosystems: maven
Packages: com.xwiki.licensing:application-licensing-licensor-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Low
GSA_kwCzR0hTQS01NTJmLTk3d2YtcG1wcc4AA6LG
Umbraco possible user enumeration
Ecosystems: nuget
Packages: UmbracoCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1ybXFwLW12djItNTRjNs4AA5ct
Apache Answer Unrestricted Upload of File with Dangerous Type vulnerability
Ecosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS01NnIzLWY1MzYtNWdmN84AA6JL
GeoServer's GWC Seed Form vulnerable to Stored Cross-Site Scripting (XSS)
Ecosystems: maven
Packages: org.geoserver:gs-gwc-rest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1wY204LXFxcnAtdzZxZs4AA5c8
Enhavo Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: enhavo/enhavo-app
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS05cTI0LWh3bWMtNzk3eM4AA5cx
Apache Answer Race Condition vulnerability
Ecosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1maDdwLTVmNmctdmoyd84AA6JH
Stored Cross-Site Scripting (XSS) vulnerability in GeoServer's REST Resources API
Ecosystems: maven
Packages: org.geoserver:gs-restconfig
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS04Zzd2LXZqcmMteDRnNc4AA6JF
GeoServer log file path traversal vulnerability
Ecosystems: maven
Packages: org.geoserver:gs-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS1oZnJnLTRqd3ItamZwas4AA6Gn
Improper HTML sanitization in ZITADEL
Ecosystems: go
Packages: github.com/zitadel/zitadel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS01ZnhqLXdoY3YtY3JyY84AA570
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.osx-arm64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS0yeDdtLWdmODUtMzc0Nc4AA587
Remote Denial of Service Vulnerability in Microsoft QUIC
Ecosystems: nuget
Packages: Microsoft.Native.Quic.MsQuic.OpenSSL, Microsoft.Native.Quic.MsQuic.Schannel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1ncDhnLWY0MmYtOTVxMs4AA6ar
ZITADEL's actions can overload reserved claims
Ecosystems: go
Packages: github.com/zitadel/zitadel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS13Mzg3LTVxcXctN2c4bc4AA6dw
Content-Security-Policy header generation in middleware could be compromised by malicious injections
Ecosystems: npm
Packages: @kindspells/astro-shield
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS02dmZ3LTc0d3ItM2NoaM0nNg
Cross-site Scripting in Crater Invoice
Ecosystems: packagist
Packages: bytefury/crater
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS05cTZ2LXJ4bXctZzNnaM4AA5ry
Apache Ambari: Various Cross site scripting problems
Ecosystems: maven
Packages: org.apache.ambari:ambari
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS02cjkyLWNneGMtcjVmZ80kJw
Denial of service in CBOR library
Ecosystems: nuget
Packages: PeterO.Cbor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1oaGY4LWY1dzktZzZ2aM4AA6i0
OpenID Connect Authentication (oidc) Typo3 extension Authentication Bypass
Ecosystems: packagist
Packages: causal/oidc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS12ajZxLXYyaDctNnE1bc4AAZqz
Jenkins cross-site scripting (XSS) vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS03bXhnLXI3NnAtMzYzZ84AA6kT
Gleez Cms Server Side Request Forgery (SSRF) vulnerability
Ecosystems: packagist
Packages: gleez/cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS03ZnBnLXBwM20taDIyZs4AAdTl
Jenkins allows attackers to execute arbitrary jobs
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1mcmMyLXcyY2MteDc5NM4AA6vy
Eclipse Kura LogServlet vulnerability
Ecosystems: maven
Packages: org.eclipse.kura:org.eclipse.kura.web2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1jMmdnLTRncTQtanY1as4AA630
XWiki Platform remote code execution from account through UIExtension parameters
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-uiextension-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1jdjU1LXY2cnctN3I1ds4AA63u
XWiki Platform remote code execution from account via custom skins support
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS14eHAyLTljOWctN3dtas4AA63q
XWiki Platform: Remote code execution from edit in multilingual wikis via translations
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-localization-source-wiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS0yODU4LThjZngtNjltOc4AA63p
XWiki Platform: Remote code execution as guest via DatabaseSearch
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS12eHdyLXdwanYtcWpxN84AA63o
XWiki Platform: Privilege escalation (PR) from user registration through PDFClass
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS0zNGZqLXI1Z3EtNzM5Nc4AA63n
XWiki Platform: Remote code execution from account via SearchSuggestSourceSheet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS12NzgyLXhyNHctM3ZxeM4AA63m
XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1oYzk0LTl2MjYtZ3h3ds4AAupY
Gluu Oxauth before v4.4.1 vulnerable to Server-Side Request Forgery attacks via a crafted request_uri parameter
Ecosystems: maven
Packages: org.gluu:oxauth-common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1yZjN3LTI5aDMtcjYzNs0V1Q
Arbitrary Code Execution in feehi/cms
Ecosystems: packagist
Packages: feehi/cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmM2MtZmZmcC0zNHFo
conference-scheduler-cli Arbitrary Code Execution
Ecosystems: pypi
Packages: conference-scheduler-cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS13dnB4LWc0MjctcTl3Y84AA64y
llama-index-core Prompt Injection vulnerability leading to Arbitrary Code Execution
Ecosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS13bXBtLWZxN3ItanE1Ns0VkA
Imporoper path validation in elFinder.NetCore
Ecosystems: nuget
Packages: elFinder.NetCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Low
GSA_kwCzR0hTQS00NXczLXYzZzQtNTRwbc0rDQ
Chrono has potential segfault issue in SPIFFE authenticator
Ecosystems: cargo
Packages: parsec-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS0yOXJ2LWZxeDItNGM5Zs0z6w
Deserialization of Untrusted Data in SinGooCMS.Utility
Ecosystems: nuget
Packages: SinGooCMS.Utility
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1mdnhmLXI5ZnctNDlwY84AArtW
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jOGZqLTRwbTgtbXAyY84AAui6
Broken Authorization in ZITADEL Actions
Ecosystems: go
Packages: github.com/zitadel/zitadel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5cjItcXJwbS00cm1q
Data race in disrustor
Ecosystems: cargo
Packages: disrustor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1xd3AzLTVmdzMtNXdnds4AAuWw
Incorrect Access Control and Cross Site Scripting in Jellyfin
Ecosystems: nuget
Packages: Jellyfin.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpoNm0tM3Bxdy0yNDJo
Keycloak Gatekeeper vulnerable to bypass on using lower case HTTP headers
Ecosystems: go
Packages: github.com/keycloak/keycloak-gatekeeper
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBwNzQtMzl3Mi12NHc5
Permissions bypass in pleaser
Ecosystems: cargo
Packages: pleaser
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2M2gtN2h3OC01Y3c0
Cross-Site Request Forgery in OpenNMS Horizon
Ecosystems: maven
Packages: org.opennms:opennms-config, org.opennms:opennms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Statistics
Advisories: 18,804
Packages: 8,398
Repositories: 5,089
Ecosystems: 12
Filter by Severity
Moderate 8,174 High 6,458 Critical 2,852 Low 1,019
Filter by Ecosystem
maven 5,579 packagist 4,016 pypi 3,849 npm 3,560 go 1,947 nuget 1,421 rubygems 815 cargo 784 swift 31 hex 30 actions 16 pub 8
Filter by Package
tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 moodle/moodle 323 Microsoft.ChakraCore 247 magento/community-edition 203 org.jenkins-ci.main:jenkins-core 189 org.apache.tomcat:tomcat 134 pimcore/pimcore 116 dolibarr/dolibarr 107 typo3/cms 102 phpmyadmin/phpmyadmin 92 microweber/microweber 91 drupal/core 90 django 80 apache-airflow 78 typo3/cms-core 77 drupal/drupal 75 thorsten/phpmyfaq 70 com.fasterxml.jackson.core:jackson-databind 69 ansible 63 github.com/usememos/memos 59 actionpack 57 org.apache.struts:struts2-core 55 librenms/librenms 54 symfony/symfony 53 salt 53 concrete5/concrete5 52 Plone 52 apache-superset 49 shopware/platform 48 org.keycloak:keycloak-core 47 github.com/grafana/grafana 45 com.liferay.portal:release.portal.bom 45 nova 45 plone 43 nokogiri 43 baserproject/basercms 43 rdiffweb 42 Pillow 41 intelliants/subrion 40 craftcms/cms 40 showdoc/showdoc 40 vyper 38 github.com/mattermost/mattermost/server/v8 38 froxlor/froxlor 37 github.com/mattermost/mattermost-server/v6 37 nilsteampassnet/teampass 37 com.jfinal:jfinal 36 org.apache.tomcat.embed:tomcat-embed-core 36 shopware/core 36 com.thoughtworks.xstream:xstream 36 matrix-synapse 35 net.mingsoft:ms-mcms 35 org.xwiki.platform:xwiki-platform-oldcore 34 github.com/answerdev/answer 34 moin 34 mlflow 33 k8s.io/kubernetes 33 snipe/snipe-it 32 org.elasticsearch:elasticsearch 32 org.jenkins-ci.plugins:script-security 32 silverstripe/framework 32 opencv-contrib-python 30 Django 30 opencv-python 30 mautic/core 30 keystone 30 github.com/argoproj/argo-cd 29 getgrav/grav 29 parse-server 29 github.com/rancher/rancher 28 github.com/hashicorp/vault 28 centreon/centreon 27 io.undertow:undertow-core 27 org.keycloak:keycloak-services 27 shopware/shopware 27 openssl-src 26 github.com/hashicorp/nomad 26 prestashop/prestashop 26 github.com/hashicorp/consul 26 electron 26 org.apache.solr:solr-core 25 rubygems-update 25 org.keycloak:keycloak-parent 25 magento/core 24 gogs.io/gogs 24 puppet 23 mediawiki/core 23 remdex/livehelperchat 23 org.eclipse.jetty:jetty-server 23 org.springframework.security:spring-security-core 23 pocketmine/pocketmine-mp 23 github.com/argoproj/argo-cd/v2 23 org.apache.nifi:nifi 22 rack 22 org.bouncycastle:bcprov-jdk14 22 ckb 22 getkirby/cms 22 grumpydictator/firefly-iii 22 org.apache.openmeetings:openmeetings-parent 21 activerecord 21 @openzeppelin/contracts-upgradeable 21 contao/core-bundle 21 @openzeppelin/contracts 20 github.com/ethereum/go-ethereum 20 github.com/docker/docker 20 github.com/cilium/cilium 20 org.cloudfoundry.identity:cloudfoundry-identity-server 20 tribalsystems/zenario 20 code.gitea.io/gitea 19 DotNetNuke.Core 19 org.springframework:spring-core 19 laravel/framework 19 simplesamlphp/simplesamlphp 18 glance 18 Microsoft.AspNetCore.App.Runtime.win-x86 18 cockpit-hq/cockpit 18 com.vaadin:vaadin-bom 18 golang.org/x/net 18 contao/contao 18 com.liferay.portal:release.dxp.bom 18 forkcms/forkcms 18 directus 18 langchain 18 Microsoft.AspNetCore.App.Runtime.win-x64 18 cakephp/cakephp 17 ezsystems/ezpublish-kernel 17 org.xwiki.platform:xwiki-platform-web-templates 17 genix/cms 17 helm.sh/helm/v3 17 org.apache.geode:geode-core 17 francoisjacquet/rosariosis 17 mercurial 17 cobbler 17 topthink/framework 17 symfony/security 17 Microsoft.AspNetCore.App.Runtime.win-arm 17 PaddlePaddle 17 sequelize 16 Microsoft.AspNetCore.App.Runtime.osx-x64 16 wasmtime 16 rusqlite 16 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 16 Microsoft.AspNetCore.App.Runtime.linux-arm64 16 pillow 16 org.apache.activemq:activemq-client 16 Microsoft.AspNetCore.App.Runtime.linux-arm 16 neutron 16 org.bouncycastle:bcprov-jdk15 16 yetiforce/yetiforce-crm 16 Microsoft.AspNetCore.App.Runtime.linux-x64 16 org.apache.dubbo:dubbo 16 gradio 15 next 15 notebook 15 org.apache.jspwiki:jspwiki-main 15 cryptography 15 openmage/magento-lts 15 github.com/goharbor/harbor 15 paddlepaddle 15 Microsoft.AspNetCore.App.Runtime.win-arm64 15 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 15 org.apache.struts.xwork:xwork-core 15 smarty/smarty 14 org.xwiki.platform:xwiki-platform-web 14 ghost 14 activesupport 14 symfony/security-http 14 pyftpdlib 14 publify_core 14 ec-cube/ec-cube 14 org.apache.inlong:manager-pojo 14 swagger-ui 14 zendframework/zendframework1 14 modoboa 14 phpmailer/phpmailer 14 pyload-ng 14 tinymce 14 typo3/cms-backend 14 github.com/containerd/containerd 14 github.com/traefik/traefik/v2 13 org.apache.cxf:cxf 13 codeigniter4/framework 13 elefant/cms 13 strapi 13 github.com/mattermost/mattermost-server 13 github.com/nats-io/nats-server/v2 13 impresscms/impresscms 13 october/system 13 lavalite/cms 13 passenger 13 org.apache.hadoop:hadoop-main 13 joplin 13 bolt/bolt 13 ckeditor4 13 OctoPrint 13 phpbb/phpbb 12 phpmyfaq/phpmyfaq 12 com.vaadin:flow-server 12
Filter by Repository
https://github.com/tensorflow/tensorflow 432 https://github.com/chakra-core/ChakraCore 214 https://github.com/moodle/moodle 210 https://github.com/xwiki/xwiki-platform 172 https://github.com/jenkinsci/jenkins 148 https://github.com/pimcore/pimcore 111 https://github.com/apache/tomcat 96 https://github.com/django/django 95 https://github.com/apache/airflow 90 https://github.com/microweber/microweber 85 https://github.com/FasterXML/jackson-databind 70 https://github.com/thorsten/phpmyfaq 69 https://github.com/usememos/memos 59 https://github.com/keycloak/keycloak 59 https://github.com/Dolibarr/dolibarr 55 https://github.com/ansible/ansible 53 https://github.com/rails/rails 53 https://github.com/python-pillow/Pillow 52 https://github.com/kubernetes/kubernetes 49 https://github.com/symfony/symfony 47 https://github.com/TYPO3/typo3 46 https://github.com/apache/struts 46 https://github.com/librenms/librenms 46 https://github.com/shopware/platform 43 https://github.com/ikus060/rdiffweb 42 https://github.com/spring-projects/spring-framework 41 https://github.com/grafana/grafana 39 https://github.com/phpmyadmin/phpmyadmin 38 https://github.com/star7th/showdoc 38 https://github.com/vyperlang/vyper 38 https://github.com/argoproj/argo-cd 37 https://github.com/plone/Products.CMFPlone 37 https://github.com/x-stream/xstream 36 https://github.com/openstack/nova 36 https://github.com/concretecms/concretecms 34 https://github.com/answerdev/answer 34 https://github.com/apache/activemq 33 https://github.com/octobercms/october 33 https://github.com/matrix-org/synapse 32 https://github.com/sparklemotion/nokogiri 32 https://github.com/saltstack/salt 32 https://github.com/go-gitea/gitea 31 https://github.com/PaddlePaddle/Paddle 31 https://github.com/magento/magento2 31 https://github.com/parse-community/parse-server 29 https://github.com/craftcms/cms 29 https://github.com/snipe/snipe-it 28 https://github.com/opencv/opencv 28 https://github.com/CVEProject/cvelist 28 https://github.com/mautic/mautic 28 https://github.com/openstack/keystone 27 https://github.com/mlflow/mlflow 27 https://github.com/apache/inlong 26 https://github.com/froxlor/froxlor 26 https://github.com/electron/electron 25 https://github.com/rancher/rancher 25 https://github.com/getgrav/grav 24 https://github.com/shopware/shopware 24 https://github.com/TYPO3/TYPO3.CMS 24 https://github.com/dotnet/runtime 24 https://github.com/github/advisory-database 23 https://github.com/eclipse/jetty.project 23 https://github.com/livehelperchat/livehelperchat 23 https://github.com/pmmp/PocketMine-MP 23 https://github.com/nervosnetwork/ckb 22 https://github.com/contao/contao 22 https://github.com/baserproject/basercms 22 https://github.com/PrestaShop/PrestaShop 22 https://github.com/firefly-iii/firefly-iii 22 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/strapi/strapi 21 https://github.com/apache/nifi 21 https://github.com/cilium/cilium 20 https://github.com/OpenNMS/opennms 20 https://github.com/gogs/gogs 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/OpenZeppelin/openzeppelin-contracts 20 https://github.com/netty/netty 20 https://github.com/intelliants/subrion 19 https://github.com/nilsteampassnet/teampass 19 https://github.com/cloudfoundry/uaa 19 https://github.com/apache/cxf 19 https://github.com/bcgit/bc-java 19 https://github.com/hashicorp/consul 19 https://github.com/nilsteampassnet/TeamPass 18 https://github.com/helm/helm 18 https://github.com/getkirby/kirby 18 https://github.com/rubygems/rubygems 18 https://github.com/rack/rack 17 https://github.com/liufee/cms 17 https://github.com/directus/directus 17 https://github.com/vaadin/platform 17 https://github.com/bytecodealliance/wasmtime 17 https://github.com/ethereum/go-ethereum 16 https://github.com/sequelize/sequelize 16 https://github.com/yetiforcecompany/yetiforcecrm 16 https://github.com/etcd-io/etcd 16 https://github.com/forkcms/forkcms 16 https://github.com/umbraco/Umbraco-CMS 16 https://github.com/hashicorp/vault 16 https://github.com/rusqlite/rusqlite 16 https://github.com/opencast/opencast 16 https://github.com/apache/camel 15 https://github.com/goharbor/harbor 15 https://github.com/centreon/centreon 15 https://github.com/laravel/framework 15 https://github.com/geoserver/geoserver 15 https://github.com/OpenMage/magento-lts 15 https://github.com/denoland/deno 15 https://github.com/puppetlabs/puppet 15 https://github.com/simplesamlphp/simplesamlphp 15 https://github.com/tinymce/tinymce 14 https://github.com/pyca/cryptography 14 https://github.com/gradio-app/gradio 14 https://github.com/cobbler/cobbler 14 https://github.com/PHPMailer/PHPMailer 14 https://github.com/cockpit-hq/cockpit 14 https://github.com/langchain-ai/langchain 14 https://github.com/containerd/containerd 14 https://github.com/pyload/pyload 14 https://github.com/vantage6/vantage6 14 https://github.com/mattermost/mattermost 14 https://github.com/moby/moby 14 https://github.com/hashicorp/nomad 13 https://github.com/golang/go 13 https://github.com/publify/publify 13 https://github.com/modoboa/modoboa 13 https://github.com/dromara/hutool 13 https://github.com/traefik/traefik 13 https://github.com/ming-soft/MCMS 13 https://github.com/dompdf/dompdf 13 https://github.com/quarkusio/quarkus 13 https://github.com/xuxueli/xxl-job 13 https://github.com/swagger-api/swagger-ui 13 https://github.com/silverstripe/silverstripe-framework 13 https://github.com/undertow-io/undertow 13 https://github.com/TryGhost/Ghost 12 https://github.com/twisted/twisted 12 https://github.com/centreon/centreon-archived 12 https://github.com/backstage/backstage 12 https://github.com/apache/dolphinscheduler 12 https://github.com/laurent22/joplin 12 https://github.com/nodejs/undici 12 https://github.com/apache/kylin 12 https://github.com/ckeditor/ckeditor4 12 https://github.com/patriksimek/vm2 12 https://github.com/opencontainers/runc 11 https://github.com/vaadin/flow 11 https://github.com/zitadel/zitadel 11 https://github.com/smarty-php/smarty 11 https://github.com/scrapy/scrapy 11 https://github.com/containers/podman 11 https://github.com/puma/puma 11 https://github.com/ezsystems/ezpublish-kernel 11 https://github.com/top-think/framework 11 https://github.com/Studio-42/elFinder 11 https://github.com/WWBN/AVideo 11 https://github.com/onionshare/onionshare 11 https://github.com/igniterealtime/Openfire 11 https://github.com/vercel/next.js 11 https://github.com/dotnet/aspnetcore 11 https://github.com/nats-io/nats-server 11 https://github.com/1Panel-dev/1Panel 11 https://github.com/drupal/core 11 https://github.com/cakephp/cakephp 11 https://github.com/thorsten/phpMyFAQ 11 https://github.com/janeczku/calibre-web 11 https://github.com/openfga/openfga 11 https://github.com/urllib3/urllib3 11 https://github.com/aio-libs/aiohttp 11 https://github.com/NodeBB/NodeBB 11 https://github.com/cloudflare/cfrpki 11 https://github.com/pimcore/admin-ui-classic-bundle 10 https://github.com/dpgaspar/Flask-AppBuilder 10 https://github.com/phusion/passenger 10 https://github.com/jenkinsci/git-plugin 10 https://github.com/Sylius/Sylius 10 https://github.com/dolibarr/dolibarr 10 https://github.com/codeigniter4/CodeIgniter4 10 https://github.com/zopefoundation/Zope 10 https://github.com/greenpau/caddy-security 10 https://github.com/openstack/glance 10 https://github.com/OPCFoundation/UA-.NETStandard 10 https://github.com/keystonejs/keystone 10 https://github.com/nocodb/nocodb 10 https://github.com/wagtail/wagtail 10 https://github.com/jquery/jquery 10 https://github.com/jupyter/notebook 10 https://github.com/nextauthjs/next-auth 10 https://github.com/apache/lucene-solr 9 https://github.com/funadmin/funadmin 9 https://github.com/nautobot/nautobot 9 https://github.com/pgadmin-org/pgadmin4 9 https://github.com/semplon/GeniXCMS 9 https://github.com/yiisoft/yii2 9 https://github.com/evershopcommerce/evershop 9 https://github.com/Pylons/waitress 9 https://github.com/Graylog2/graylog2-server 9 https://github.com/bolt/bolt 9