Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: maven
Packages: org.jgroups:jgroups
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: about 2 years ago
GSA_kwCzR0hTQS1yYzdoLXg2Y3EtOTg4cc3p0Q
Improper Input Validation in JGroupsEcosystems: maven
Packages: org.jgroups:jgroups
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: about 2 years ago
Critical
Ecosystems: cargo
Packages: ozone
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zd3ctN2hycC1ndzl3
Drop of uninitialized memory in OzoneEcosystems: cargo
Packages: ozone
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: centreon/centreon
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdnangtaG0zNC1xZ2Y3
SQL injection in CentreonEcosystems: packagist
Packages: centreon/centreon
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: org.apache.nifi:nifi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS0yOXBoLWZqZjMtYzVjbc4AAXbk
Apache NiFi XSS issue in context path handlingEcosystems: maven
Packages: org.apache.nifi:nifi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Critical
Ecosystems: cargo
Packages: calamine
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBwcXAtNzh4eC0zcjM4
Out of bounds write in calamineEcosystems: cargo
Packages: calamine
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: io.jenkins.plugin-management:plugin-management-parent-pom
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tOHI0LWM3am0tdzc4Ms4AAmvY
Jenkins Plugin Installation Manager Tool did not verify plugin downloadsEcosystems: maven
Packages: io.jenkins.plugin-management:plugin-management-parent-pom
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:active-directory
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1yZjkyLTN2anItdzYyOM4AAmgK
Improper Authentication in Jenkins Active Directory PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:active-directory
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: AgileConfig.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tajV3LXc1ODgtajZ4Z84AAuFw
Use of Hard-coded Credentials in AgileConfig.ClientEcosystems: nuget
Packages: AgileConfig.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: almost 2 years ago
GSA_kwCzR0hTQS01NjdyLXZxajctNWN3N84AAbZ2
phpMyAdmin Authentication BypassEcosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: about 2 years ago
GSA_kwCzR0hTQS03Y3YzLWd2bWMtOG1xNc4AAUCS
Phusion Passenger SpawningKit Contains Arbitrary Read/Write VulnerabilityEcosystems: rubygems
Packages: passenger
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
GSA_kwCzR0hTQS1oeDhwLTltNDgtZzc2cs4AAyiO
Ming-Soft MCMS vulnerable to SQL injectionEcosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: ps-kill
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxbW0tcTM5NC1mbWNo
Command Injection in ps-killEcosystems: npm
Packages: ps-kill
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Critical
Ecosystems: go
Packages: github.com/apache/trafficcontrol
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmOHItNHF3bS1yN2pm
Improper Authentication in Apache Traffic ControlEcosystems: go
Packages: github.com/apache/trafficcontrol
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
Critical
Ecosystems: cargo
Packages: id-map
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJjY3EtajJtNy04Zndy
Double-free in id-mapEcosystems: cargo
Packages: id-map
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 2 years ago
GSA_kwCzR0hTQS02amhtLTR2bXgtbXI3Ns0mbA
SQL injection in MoodleEcosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 2 years ago
Critical
Ecosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS03NHI2LWdyajktOHJxNs0ZEw
Remote Code Execution in AjaxNetProfessionalEcosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: phpjs
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW00MjgtanFjNC0ycDVq
Prototype Pollution in phpjsEcosystems: npm
Packages: phpjs
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: node-oojs
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo0cncteDN2Zy1jOHI3
Prototype Pollution in node-oojsEcosystems: npm
Packages: node-oojs
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: about 3 years ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 56.1
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg5Mmgtd21nMi02aHA3
Invalid HTTP method overrides allow possible XSS or other attacks in SymfonyEcosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 56.1
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: nodemailer
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4d3ctajRmYy00MzVw
Command injection in nodemailerEcosystems: npm
Packages: nodemailer
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: about 3 years ago
Critical
Ecosystems: go
Packages: github.com/elgs/gosqljson
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: over 1 year ago
GSA_kwCzR0hTQS1nN213LTlwZjktcDJwbc4AAwzR
gosqljson SQL Injection vulnerabilityEcosystems: go
Packages: github.com/elgs/gosqljson
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: 6 months ago
GSA_kwCzR0hTQS03NXcyLXF2NTUteDdmds4AA3We
openssl npm package vulnerable to command executionEcosystems: npm
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: 6 months ago
Critical
Ecosystems: npm
Packages: js-rha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk1Y2ctM3I0Zy03dzZq
Malicious Package in js-rha3Ecosystems: npm
Packages: js-rha3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: go
Packages: go.etcd.io/etcd/v3
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: about 1 year ago
GSA_kwCzR0hTQS1nbXBoLXdmN2otOWdjbc4AAyiB
Etcd-io Improper Authentication vulnerabilityEcosystems: go
Packages: go.etcd.io/etcd/v3
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: axis:axis, org.apache.axis:axis
Source: GitHub Advisory Database
Blast Radius: 33.3
Published: 8 months ago
GSA_kwCzR0hTQS1ybXFwLTl3NGMtZ2M3d84AA1sf
Apache Axis 1.x (EOL) may allow RCE when untrusted input is passed to getServiceEcosystems: maven
Packages: axis:axis, org.apache.axis:axis
Source: GitHub Advisory Database
Blast Radius: 33.3
Published: 8 months ago
Critical
Ecosystems: maven
Packages: com.mikesamuel:json-sanitizer
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tOGotOXg4NC1tOWN2
Arbitrary code injection in json-sanitizerEcosystems: maven
Packages: com.mikesamuel:json-sanitizer
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: almost 3 years ago
Critical
Ecosystems: maven
Packages: org.apache.cxf:cxf
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN3NnctcTg4ai02bXFm
Potential session hijack in Apache CXFEcosystems: maven
Packages: org.apache.cxf:cxf
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: bmap
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1OWctNmNxci1tNzN3
Malicious Package in bmapEcosystems: npm
Packages: bmap
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 3 years ago
Critical
Ecosystems: cargo
Packages: ash
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: over 2 years ago
GSA_kwCzR0hTQS02NHd2LTh2d3AteGd3Ms0fmg
Use of Uninitialized Resource in ash.Ecosystems: cargo
Packages: ash
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjZzgtcHE5di14OThx
Sandbox Breakout in realms-shimEcosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: formio
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: almost 2 years ago
GSA_kwCzR0hTQS01MnZqLW1yMmotZjhqaM4AArVX
Server-Side Template Injection in formioEcosystems: npm
Packages: formio
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: crossbeam-deque
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBxcXAteG1oai13Z2N3
crossbeam-deque Data Race before v0.7.4 and v0.8.1Ecosystems: cargo
Packages: crossbeam-deque
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: yourls/yourls
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmMjMtZjI2Zi1tamo5
Access of Resource Using Incompatible Type ('Type Confusion') in yourls/yourlsEcosystems: packagist
Packages: yourls/yourls
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: plist
Source: GitHub Advisory Database
Blast Radius: 55.3
Published: about 2 years ago
GSA_kwCzR0hTQS00Y3BnLTN2Z3ctNDg3N80s1Q
Prototype pollution in Plist before 3.0.5 can cause denial of serviceEcosystems: npm
Packages: plist
Source: GitHub Advisory Database
Blast Radius: 55.3
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: conf-cfg-ini
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tNm1nLWp2amYtdzQ0eM4AAtpF
conf-cfg-ini Prototype Pollution via malicious INI file before v1.2.2Ecosystems: npm
Packages: conf-cfg-ini
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: airbrake-ruby
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJwODItdjc3di1tcHBy
Airbrake keys not being filteredEcosystems: rubygems
Packages: airbrake-ruby
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: set-value
Source: GitHub Advisory Database
Blast Radius: 64.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRnODgtZnBwci01M3Bw
Prototype Pollution in set-valueEcosystems: npm
Packages: set-value
Source: GitHub Advisory Database
Blast Radius: 64.5
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: com.jamesmurty.utils:java-xmlbuilder
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: about 1 year ago
GSA_kwCzR0hTQS0zdnJjLXJycHctcjVwd84AAxu4
java-xmlbuilder vulnerable to XML External Entity ReferenceEcosystems: maven
Packages: com.jamesmurty.utils:java-xmlbuilder
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: com.jflyfox:jflyfox_jfinal
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS01cmY0LWYyNGMtaHB2aM4AAuZt
SQL injection in jflyfox jfinalEcosystems: maven
Packages: com.jflyfox:jflyfox_jfinal
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS0yeDloLWgzYzQtd3FxaM4AATaP
Improper Neutralization of Special Elements used in an LDAP Query in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: rubygems
Packages: rexical, nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyNWotOTUzai14dzVw
Nokogiri Command Injection VulnerabilityEcosystems: rubygems
Packages: rexical, nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: rfc6902
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: over 1 year ago
GSA_kwCzR0hTQS1wNDk1LWp4aDItd3JmZ84AAwYT
npm package rfc6902 vulnerable to Prototype PollutionEcosystems: npm
Packages: rfc6902
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: json-pointer
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
GSA_kwCzR0hTQS02eHJmLXE5NzctNXZnY84AAwmb
json-pointer vulnerable to Prototype PollutionEcosystems: npm
Packages: json-pointer
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: ch.qos.logback:logback-core, ch.qos.logback:logback-classic
Source: GitHub Advisory Database
Blast Radius: 50.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZtZmctcmpqbS1yanJq
QOS.ch Logback vulnerable to Deserialization of Untrusted DataEcosystems: maven
Packages: ch.qos.logback:logback-core, ch.qos.logback:logback-classic
Source: GitHub Advisory Database
Blast Radius: 50.6
Published: almost 3 years ago
Critical
Ecosystems: pypi
Packages: numpy
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: almost 2 years ago
GSA_kwCzR0hTQS05ZnEyLXg5cjYtd2ZtZs4AAq9p
Numpy Deserialization of Untrusted DataEcosystems: pypi
Packages: numpy
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.ethereum:ethereumj-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhmNHAtam03ci12ampq
Deserialization of Untrusted Data in EthereumJEcosystems: maven
Packages: org.ethereum:ethereumj-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
Critical
Ecosystems: rubygems
Packages: paranoid2
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRnNGMtOGdxaC1tNHZt
paranoid2 gem Code backdoorEcosystems: rubygems
Packages: paranoid2
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: almost 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.cxf:cxf
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: about 2 years ago
GSA_kwCzR0hTQS0ycDd4LWpjcjMtN3AyY83wWQ
Improper Authentication in Apache CXFEcosystems: maven
Packages: org.apache.cxf:cxf
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: about 2 years ago
Critical
Ecosystems: rubygems
Packages: slanger
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJnMzItbTNoZi03NzJ2
Slanger Arbitrary command executionEcosystems: rubygems
Packages: slanger
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: almost 5 years ago
Critical
Ecosystems: go
Packages: github.com/KubeOperator/kubepi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS12amhmLTh2cXgtdnFwcc4AAwyJ
KubePi allows malicious actor to login with a forged JWT token via Hardcoded JwtsigkeysEcosystems: go
Packages: github.com/KubeOperator/kubepi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.geode:geode-core
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: about 2 years ago
GSA_kwCzR0hTQS13Mzk1LWhwcTktN3h3cs4AAXMW
Apache Geode unsafe deserialization in TcpServerEcosystems: maven
Packages: org.apache.geode:geode-core
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: freediskspace
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRnZnEtNm0yOC1tNW1n
Improper neutralization of arguments in freediskspaceEcosystems: npm
Packages: freediskspace
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 3 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS0yNndjLTN3cXAtZzNycM3mng
Deserialization of Untrusted Data in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: io.dataease:dataease-plugin-common
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xNHFxLWpoanYtN3JoMs4AAvaS
MySQL JDBC deserialization vulnerabilityEcosystems: maven
Packages: io.dataease:dataease-plugin-common
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: node-serialize
Source: GitHub Advisory Database
Blast Radius: 24.9
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0djctNHJody05aHFt
Code Execution through IIFE in node-serializeEcosystems: npm
Packages: node-serialize
Source: GitHub Advisory Database
Blast Radius: 24.9
Published: almost 6 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05Mm1yLTR3MnEtNDU3OM4AAbHa
Exposure of Sensitive Information to an Unauthorized Actor in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: express-cart
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmYzUtOXg5bS12cWM0
Privilege Escalation in express-cartEcosystems: npm
Packages: express-cart
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 5 years ago
Critical
Ecosystems: maven
Packages: org.richfaces:richfaces-core
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: about 2 years ago
GSA_kwCzR0hTQS0zaHg2LWZxcGoteGZqcs386w
RichFaces vulnerable to Expression Language InjectionEcosystems: maven
Packages: org.richfaces:richfaces-core
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: about 2 years ago
Critical
Ecosystems: nuget
Packages: log4net
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJjd2otOGNodi05cHA5
XML External Entity attack in log4netEcosystems: nuget
Packages: log4net
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: over 3 years ago
Critical
Ecosystems: rubygems
Packages: ruby-saml
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: 12 months ago
GSA_kwCzR0hTQS1yMzY0LTJwajQtcGY3Zs4AAzf1
ruby-saml vulnerable to XPath injectionEcosystems: rubygems
Packages: ruby-saml
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: 12 months ago
Critical
Ecosystems: hex
Packages: ecdsa-elixir
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14eDM2LTZydjQtZ2o4cs4AAqnc
ecdsa-elixir fails to check signatures, vulnerable to message forgingEcosystems: hex
Packages: ecdsa-elixir
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: hex
Packages: alchemist.vim
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS02eDY1LXZxcDctNXI2M84AAR2T
alchemist.vim vulnerable to remote code executionEcosystems: hex
Packages: alchemist.vim
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
GSA_kwCzR0hTQS13cDRoLXB2Z3ctNTcyN80Y7Q
Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache StrutsEcosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.jmeter:ApacheJMeter
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: about 2 years ago
GSA_kwCzR0hTQS03djg1LTZodjItcndnd84AASqv
Missing certificate validation in Apache JMeterEcosystems: maven
Packages: org.apache.jmeter:ApacheJMeter
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: about 2 years ago
Critical
Ecosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1nMzc3LXg4cmctYzltZs4AAtCY
Deserialization of Untrusted Data in topthink/frameworkEcosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: net.pwall.json:jsonutil
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: 11 months ago
GSA_kwCzR0hTQS13MnJyLXd2aDktbTJtN84AAz2y
JSONUtil vulnerable to stack exhaustionEcosystems: maven
Packages: net.pwall.json:jsonutil
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: 11 months ago
Critical
Ecosystems: npm
Packages: launchpad
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdoOHgtd21xMi03bWZm
Command injection in launchpadEcosystems: npm
Packages: launchpad
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: about 3 years ago
Critical
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2aDgtdmMyOC1tMmhm
Potential to access user credentials from the log files when debug logging enabledEcosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: over 4 years ago
Critical
Ecosystems: packagist
Packages: cesnet/simplesamlphp-module-proxystatistics
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1MnEteHhqNC14MnJ4
SQL Injection in SimpleSAMLphpEcosystems: packagist
Packages: cesnet/simplesamlphp-module-proxystatistics
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1oaHBtLTVjcDItaGc0eM3mcw
Deserialization of Untrusted Data in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS13M3JjLTJ3aGctdzkzNM4AAuEF
Mingsoft MCMS SQL injection vulnerability in /mdiy/model/delete URI via models ListEcosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: over 1 year ago
GSA_kwCzR0hTQS12YzM5LXg3dzYtNnZqN84AAwG6
Apache Tapestry allows deserialization of untrusted dataEcosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.jmeter:ApacheJMeter
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdnMzctN21ydi1jZndt
Unauthenticated Remote Code Execution in Apache JMeterEcosystems: maven
Packages: org.apache.jmeter:ApacheJMeter
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: about 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: almost 2 years ago
GSA_kwCzR0hTQS02bXdoLWZ3NHAtNzVmas4AAq4m
Deserialization of Untrusted Data in Apache TapestryEcosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.tapestry:tapestry-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1NjYtMmdyZy1tandn
Serialization vulnerability in Apache TapestryEcosystems: maven
Packages: org.apache.tapestry:tapestry-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: console-io
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE1MmotNHEycS1oY2o2
Authentication Bypass in console-ioEcosystems: npm
Packages: console-io
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: hapi-auth-jwt2
Source: GitHub Advisory Database
Blast Radius: 30.1
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1nOHItOWc2ai1od3Y5
Authentication Bypass in hapi-auth-jwt2Ecosystems: npm
Packages: hapi-auth-jwt2
Source: GitHub Advisory Database
Blast Radius: 30.1
Published: about 5 years ago
Critical
Ecosystems: pypi
Packages: quokka
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN4ZzUtNmMzai12cDh4
Improper Restriction of XML External Entity Reference in QuokkaEcosystems: pypi
Packages: quokka
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: ffmpegdotjs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYzOXItY3Btai13aGNn
Command Injection in ffmpegdotjsEcosystems: npm
Packages: ffmpegdotjs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Critical
Ecosystems: packagist
Packages: nystudio107/craft-seomatic
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02cTRqLThwam0tNW1nY84AAjvL
SEOmatic for CraftCMS allows Server-Side Template InjectionEcosystems: packagist
Packages: nystudio107/craft-seomatic
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: op-browser
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNocTYtcm12Ny0zOXZo
Injection in op-browserEcosystems: npm
Packages: op-browser
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: md-to-pdf
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 2 years ago
GSA_kwCzR0hTQS14OTQ5LTdjbTYtZm02cM0avQ
Code Injection in md-to-pdf.Ecosystems: npm
Packages: md-to-pdf
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: io.quarkus:quarkus-vertx-http-deployment
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: over 1 year ago
GSA_kwCzR0hTQS1nNTZ3LWN3ZzQtaHh4Oc4AAwAq
Code injection in quarkus dev ui config editorEcosystems: maven
Packages: io.quarkus:quarkus-vertx-http-deployment
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: elefant/cms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 2 years ago
GSA_kwCzR0hTQS03N2oyLTd3aHItNnZweM4AAUzW
Elefant CMS Code Execution VulnerabilityEcosystems: packagist
Packages: elefant/cms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ssh, org.jvnet.hudson.plugins:ssh
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS01Z21mLThnaDItaGhmcM4AAR2I
Jenkins SSH Plugin user passwords for encrypted SSH keys stored in plaintextEcosystems: maven
Packages: org.jenkins-ci.plugins:ssh, org.jvnet.hudson.plugins:ssh
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.eventmesh:eventmesh-connector-rabbitmq
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1majhmLTU2d2MtcTM2cs4AA0u5
rabbitmq-connector plugin module in Apache EventMesh platforms allows attackers to send controlled messageEcosystems: maven
Packages: org.apache.eventmesh:eventmesh-connector-rabbitmq
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
Ecosystems: maven
Packages: org.springframework.ws:spring-xml, org.springframework.ws:spring-ws
Source: GitHub Advisory Database
Blast Radius: 28.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgyMjItNmZjOC1taHZm
Vulnerability that affects org.springframework.ws:spring-ws and org.springframework.ws:spring-xmlEcosystems: maven
Packages: org.springframework.ws:spring-xml, org.springframework.ws:spring-ws
Source: GitHub Advisory Database
Blast Radius: 28.9
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.liferay.portal:com.liferay.portal-kernel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13N3BtLWNjNHYtZjNnOM4AAj-r
Deserialization of Untrusted Data in Liferay PortalEcosystems: maven
Packages: com.liferay.portal:com.liferay.portal-kernel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: about 2 years ago
GSA_kwCzR0hTQS03OWd2LTVjZ3gteDZyeM0-8Q
Typo3 Authentication BypassEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: compass-compile
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxOWYteDZybS1xbXhy
Command Injection in compass-compileEcosystems: npm
Packages: compass-compile
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: web2py
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: about 2 years ago
GSA_kwCzR0hTQS1xMnJxLXFnY2YtbTIyd84AATWs
web2py remote code execution via hardcoded encryption key in session.connect functionEcosystems: pypi
Packages: web2py
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: about 2 years ago
Critical
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: over 1 year ago
GSA_kwCzR0hTQS04M2c3LThmY2gtcDM3bc4AAwDL
PaddlePaddle vulnerable to code injection via winstrEcosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: pyrocms/pyrocms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS13N3ZtLTR2M2otdmdwd84AA1Db
PyroCMS remote code execution vulnerabilityEcosystems: packagist
Packages: pyrocms/pyrocms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
Ecosystems: pypi
Packages: api-res-py
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02OTc4LTR3OTItNDI4cM4AArcs
Backdoor in api-res-pyEcosystems: pypi
Packages: api-res-py
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.dubbo:dubbo
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 2 years ago
GSA_kwCzR0hTQS1xODk3LTlqeGYtamc5cs0VtA
Security check skip in Apache DubboEcosystems: maven
Packages: org.apache.dubbo:dubbo
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 2 years ago
GSA_kwCzR0hTQS1mNHF4LWpxZnEtNzc4Nc4AASZQ
Drupal Entity access bypass for entities that do not have UUIDs or have protected revisionsEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.neo4j:neo4j
Source: GitHub Advisory Database
Blast Radius: 31.7
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBjNHctOHY1ai0yOXc5
Deserialization of Untrusted Data in Neo4jEcosystems: maven
Packages: org.neo4j:neo4j
Source: GitHub Advisory Database
Blast Radius: 31.7
Published: over 2 years ago
Critical
Ecosystems: go
Packages: github.com/hashicorp/terraform-provider-aws
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: about 2 years ago
GSA_kwCzR0hTQS1yNDhoLWpyMmotOWc3OM4AAXCV
HashiCorp Terraform Amazon Web Services (AWS) uses an insecure PRNGEcosystems: go
Packages: github.com/hashicorp/terraform-provider-aws
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.accumulo:accumulo-shell
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: 11 months ago
GSA_kwCzR0hTQS1ocDV3LXcyOW0tdmc2M84AAz97
Apache Accumulo Improper Authentication vulnerabilityEcosystems: maven
Packages: org.apache.accumulo:accumulo-shell
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: 11 months ago
Critical
Ecosystems: npm
Packages: socket.io-parser
Source: GitHub Advisory Database
Blast Radius: 59.8
Published: over 1 year ago
GSA_kwCzR0hTQS1xbTk1LXBnY2ctcXFmcc4AAvix
Insufficient validation when decoding a Socket.IO packetEcosystems: npm
Packages: socket.io-parser
Source: GitHub Advisory Database
Blast Radius: 59.8
Published: over 1 year ago
Statistics
Advisories: 18,752
Packages: 8,375
Repositories: 1,301
Ecosystems: 12
Packages: 8,375
Repositories: 1,301
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
34
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
org.jenkins-ci.main:jenkins-core
18
net.mingsoft:ms-mcms
18
salt
17
moodle/moodle
15
drupal/core
14
topthink/framework
13
com.liferay.portal:release.portal.bom
13
langchain
12
com.liferay.portal:release.dxp.bom
12
mlflow
12
org.apache.dubbo:dubbo
12
magento/core
11
org.apache.struts:struts2-core
11
apache-airflow
10
drupal/drupal
10
vm2
10
funadmin/funadmin
9
phpmyadmin/phpmyadmin
9
tensorflow
9
org.xwiki.platform:xwiki-platform-oldcore
9
froxlor/froxlor
8
paddlepaddle
8
org.jeecgframework.boot:jeecg-boot-common
8
rdiffweb
8
tensorflow-cpu
8
tensorflow-gpu
8
org.xwiki.platform:xwiki-platform-web-templates
8
shopware/platform
8
studio-42/elfinder
7
rusqlite
7
sequelize
7
ansible
7
gogs.io/gogs
7
symfony/symfony
7
org.xwiki.platform:xwiki-platform-administration-ui
7
github.com/argoproj/argo-cd
6
parse-server
6
thorsten/phpmyfaq
6
ezsystems/ezpublish-kernel
6
aaptjs
6
github.com/answerdev/answer
6
mercurial
5
centreon/centreon
5
shopware/core
5
org.jeecgframework.boot:jeecg-boot-parent
5
org.apache.shiro:shiro-core
5
org.jenkins-ci.plugins:script-security
5
org.apache.activemq:activemq-client
5
steal
5
Microsoft.ChakraCore
5
mautic/core
5
org.xwiki.commons:xwiki-commons-xml
5
nodebb
5
org.xwiki.platform:xwiki-platform-web
5
prestashop/prestashop
5
safe-eval
5
ckb
5
zendframework/zendframework
5
Pillow
5
django
5
org.apache.inlong:manager-pojo
5
realms-shim
4
calibreweb
4
github.com/grafana/grafana
4
hermes-engine
4
contao/core-bundle
4
org.apache.tomcat.embed:tomcat-embed-core
4
spree_auth_devise
4
pyload-ng
4
feehi/cms
4
librenms/librenms
4
PaddlePaddle
4
org.apache.openmeetings:openmeetings-parent
4
contao/contao
4
smallvec
4
code.gitea.io/gitea
4
org.cloudfoundry.identity:cloudfoundry-identity-server
4
Django
4
github.com/hashicorp/vault
4
nilsteampassnet/teampass
4
net.opentsdb:opentsdb
4
apache-airflow-providers-apache-hive
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
org.apache.inlong:manager-service
4
org.eclipse.jetty:jetty-server
4
org.jeecgframework.boot:jeecg-boot-base-core
4
swagger-ui
4
org.apache.kylin:kylin-server-base
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
github.com/usememos/memos
4
baserproject/basercms
4
openssl-src
4
safer-eval
4
nukeviet/nukeviet
4
org.apache.tapestry:tapestry-core
4
github.com/argoproj/argo-cd/v2
4
messagepack-rs
4
org.apache.solr:solr-parent
3
pimcore/pimcore
3
lmdb
3
org.richfaces:richfaces-core
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
org.xwiki.platform:xwiki-platform-panels-ui
3
github.com/hashicorp/nomad
3
publify_core
3
nvflare
3
org.jenkins-ci.plugins:active-directory
3
org.apache.logging.log4j:log4j-core
3
zendframework/zendframework1
3
showdoc/showdoc
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
ezsystems/ezplatform-kernel
3
org.apache.hadoop:hadoop-common
3
@openzeppelin/contracts-upgradeable
3
com.alibaba:dubbo
3
symfony/security-core
3
modoboa
3
log4j:log4j
3
org.apache.storm:storm
3
symfony/security
3
edu.stanford.nlp:stanford-corenlp
3
org.xwiki.platform:xwiki-platform-icon-ui
3
ro.pippo:pippo-core
3
com.hazelcast:hazelcast
3
org.keycloak:keycloak-core
3
org.apache.ozone:ozone-main
3
adodb/adodb-php
3
smarty/smarty
3
slpjs
3
strapi
3
dompdf/dompdf
3
browserify-shim
3
actix-web
3
mongoose
3
facade/ignition
3
org.apache.linkis:linkis
3
com.jflyfox:jflyfox_jfinal
3
codiad/codiad
3
jsrsasign
3
io.undertow:undertow-core
3
ibexa/core
3
org.apache.jmeter:ApacheJMeter
3
cobbler
3
org.springframework.security:spring-security-core
3
github.com/dexidp/dex
3
github.com/pterodactyl/wings
3
simplesamlphp/simplesamlphp
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
io.dataease:dataease-plugin-common
3
rubygems-update
3
org.apache.any23:apache-any23
3
org.apache.solr:solr-core
3
org.xwiki.platform:xwiki-platform-search-ui
3
xcb
3
phpmailer/phpmailer
3
github.com/rancher/rancher
3
craftcms/cms
3
francoisjacquet/rosariosis
3
ray
3
codeigniter4/framework
3
org.apache.dolphinscheduler:dolphinscheduler
3
nokogiri
3
typo3/cms
3
elefant/cms
3
impresscms/impresscms
3
org.apache.ignite:ignite-core
3
id-map
3
handlebars
3
tribalsystems/zenario
3
codeigniter/framework
3
feathers-sequelize
3
github.com/go-gitea/gitea
3
org.apache.inlong:manager-web
3
org.jeecgframework.boot:jeecg-boot-base
3
slp-validate
3
async-git
2
python-keystoneclient
2
org.apache.flume.flume-ng-sources:flume-jms-source
2
llama-index
2
eslint-config-eslint
2
org.apache.inlong:manager-dao
2
org.jenkins-ci.plugins:semantic-versioning-plugin
2
github.com/sap/cloud-security-client-go
2
org.apache.shiro:shiro-web
2
apache-superset
2
mathjs
2
github.com/crewjam/saml
2
alextselegidis/easyappointments
2
github.com/russellhaering/gosaml2
2
total4
2
org.apache.derby:derby
2
laravel/framework
2
org.apache.commons:commons-configuration2
2
org.xwiki.platform:xwiki-platform-attachment-ui
2
Radicale
2
com.hazelcast.jet:hazelcast-jet
2
vyper
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/saltstack/salt
14
https://github.com/apache/airflow
14
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/tensorflow/tensorflow
9
https://github.com/top-think/framework
9
https://github.com/funadmin/funadmin
9
https://github.com/django/django
9
https://github.com/langchain-ai/langchain
8
https://github.com/magento/magento2
8
https://github.com/apache/inlong
8
https://github.com/ikus060/rdiffweb
8
https://github.com/argoproj/argo-cd
7
https://github.com/gogs/gogs
7
https://github.com/go-gitea/gitea
7
https://github.com/python-pillow/Pillow
7
https://github.com/Studio-42/elFinder
7
https://github.com/apache/struts
7
https://github.com/sequelize/sequelize
7
https://github.com/rusqlite/rusqlite
7
https://github.com/ansible/ansible
7
https://github.com/answerdev/answer
6
https://github.com/symfony/symfony
6
https://github.com/shenzhim/aaptjs
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/parse-community/parse-server
6
https://github.com/shopware/platform
6
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/froxlor/froxlor
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/moodle/moodle
5
https://github.com/NodeBB/NodeBB
5
https://github.com/apache/activemq
5
https://github.com/stealjs/steal
5
https://github.com/PrestaShop/PrestaShop
5
https://github.com/dromara/hutool
5
https://github.com/nervosnetwork/ckb
5
https://github.com/keycloak/keycloak
5
https://github.com/apache/tomcat
5
https://github.com/otake84/messagepack-rs
4
https://github.com/cloudfoundry/uaa
4
https://github.com/hwchase17/langchain
4
https://github.com/janeczku/calibre-web
4
https://github.com/swagger-api/swagger-ui
4
https://github.com/liufee/cms
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/grafana/grafana
4
https://github.com/servo/rust-smallvec
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/usememos/memos
4
https://github.com/dompdf/dompdf
4
https://github.com/pippo-java/pippo
4
https://github.com/pyload/pyload
4
https://github.com/contao/contao
4
https://github.com/CVEProject/cvelist
4
https://github.com/spring-projects/spring-framework
4
https://github.com/centreon/centreon-archived
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/pimcore/pimcore
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/shopware/shopware
3
https://github.com/rancher/rancher
3
https://github.com/facebook/hermes
3
https://github.com/star7th/showdoc
3
https://github.com/pterodactyl/wings
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/facade/ignition
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/publify/publify
3
https://github.com/smarty-php/smarty
3
https://github.com/craftcms/cms
3
https://github.com/nukeviet/nukeviet
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/crewjam/saml
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/ADOdb/ADOdb
3
https://github.com/ibexa/core
3
https://github.com/rubygems/rubygems.org
3
https://github.com/andrewhickman/id-map
3
https://github.com/apache/camel
3
https://github.com/rubygems/rubygems
3
https://github.com/twisted/twisted
3
https://github.com/hazelcast/hazelcast
3
https://github.com/actix/actix-web
3
https://github.com/modoboa/modoboa
3
https://github.com/dwisiswant0/advisory
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/octobercms/october
3
https://github.com/denoland/deno
3
https://github.com/mautic/mautic
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/baserproject/basercms
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/dexidp/dex
3
https://github.com/github/securitylab
3
https://github.com/apache/shiro
3
https://github.com/neorazorx/facturascripts
3
https://github.com/kjur/jsrsasign
3
https://github.com/mbechler/marshalsec
3
https://github.com/jmrozanec/cron-utils
2
https://github.com/pytorch/serve
2
https://github.com/sjep/array
2
https://github.com/jfinal/jfinal
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/top-think/thinkphp
2
https://github.com/SAP/cloud-pysec
2
https://github.com/apache/kylin
2
https://github.com/TribalSystems/Zenario
2
https://github.com/totaljs/framework
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/ahdinosaur/set-in
2
https://github.com/kubernetes/kubernetes
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/MrSwitch/hello.js
2
https://github.com/ibexa/admin-ui
2
https://github.com/evmos/evmos
2
https://github.com/beego/beego
2
https://github.com/dominictarr/libnested
2
https://github.com/fluxcd/flux2
2
https://github.com/moby/buildkit
2
https://github.com/unshiftio/url-parse
2
https://github.com/sidorares/node-mysql2
2
https://github.com/noear/solon
2
https://github.com/h2database/h2database
2
https://github.com/firebase/php-jwt
2
https://github.com/netvl/acc_reader
2
https://github.com/rubyzip/rubyzip
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/rest-client/rest-client
2
https://github.com/hashicorp/go-getter
2
https://github.com/qcubed/qcubed
2
https://github.com/nats-io/jwt
2
https://github.com/getgrav/grav
2
https://github.com/rochacbruno/quokka
2
https://github.com/graphite-project/graphite-web
2
https://github.com/rails/rails
2
https://github.com/uasoft-indonesia/badaso
2
https://github.com/apache/flume
2
https://github.com/Froxlor/Froxlor
2
https://github.com/TogaTech/tEnvoy
2
https://github.com/PowerJob/PowerJob
2
https://github.com/Gerapy/Gerapy
2
https://github.com/rust-random/rand
2
https://github.com/hashicorp/nomad
2
https://github.com/vert-x3/vertx-web
2
https://github.com/apache/karaf
2
https://github.com/simplesamlphp/simplesamlphp
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/sparklemotion/nokogiri
2
https://gitlab.com/francoisjacquet/rosariosis
2
https://github.com/laurent22/joplin
2
https://github.com/dominictarr/event-stream
2
https://github.com/KnpLabs/snappy
2
https://github.com/apache/incubator-streampark
2
https://github.com/SAP/cloud-security-services-integration-library
2
https://github.com/skoranga/node-dns-sync
2
https://github.com/commenthol/safer-eval
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/dfinity/agent-js
2
https://github.com/jaw187/node-traceroute
2
https://github.com/WWBN/AVideo
2
https://github.com/markevans/dragonfly
2
https://github.com/nilsteampassnet/TeamPass
2
https://github.com/soketi/soketi
2
https://github.com/line/armeria
2
https://github.com/gofiber/fiber
2
https://github.com/joomla/joomla-cms
2
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
2
https://github.com/google/flatbuffers
2
https://github.com/benbusby/whoogle-search
2
https://github.com/gventuri/pandas-ai
2
https://github.com/nodejs/llhttp
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/Automattic/mongoose
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/hashicorp/vault
2
https://github.com/ionicabizau/parse-url
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/keystonejs/keystone
2