Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRncTUtY2g1Ny1jMm1n
Arbitrary Code Execution in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 52.7
Published: over 2 years ago
GSA_kwCzR0hTQS02NWZnLTg0ZjYtM2pxM80kaQ
SQL Injection in Log4j 1.2.xEcosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 52.7
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 52.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJxcmcteDIyOS0zdjhx
Deserialization of Untrusted Data in Log4jEcosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 52.7
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 52.7
Published: over 2 years ago
GSA_kwCzR0hTQS1mN3ZoLXF3cDMteDM3bc0kWQ
Deserialization of Untrusted Data in Apache Log4jEcosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 52.7
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: bundler
Source: GitHub Advisory Database
Blast Radius: 52.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1qdmdtLXBmcXYtODg3eM4AATVs
Bundler allows attacker to inject arbitrary code via secondary Gem sourceEcosystems: rubygems
Packages: bundler
Source: GitHub Advisory Database
Blast Radius: 52.5
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.postgresql:postgresql
Source: GitHub Advisory Database
Blast Radius: 52.5
Published: 2 months ago
GSA_kwCzR0hTQS0yNHJwLXEzdzYtdmM1Ns4AA5cA
org.postgresql:postgresql vulnerable to SQL Injection via line comment generationEcosystems: maven
Packages: org.postgresql:postgresql
Source: GitHub Advisory Database
Blast Radius: 52.5
Published: 2 months ago
Critical
Ecosystems: npm
Packages: nodemailer
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4d3ctajRmYy00MzVw
Command injection in nodemailerEcosystems: npm
Packages: nodemailer
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1mNXgyLXh2OTMtNHAyM84AAl0M
Access of Resource Using Incompatible Type in Facebook HermesEcosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: over 2 years ago
GSA_kwCzR0hTQS03bWhjLXByZ3YtcjNxNM0j-w
Access of Resource Using Incompatible Type in HermesEcosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: almost 2 years ago
GSA_kwCzR0hTQS0zMjdjLXF4M3YtaDY3M84AAmKw
Always-Incorrect Control Flow Implementation in Facebook HermesEcosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1tcGg4LTY3ODctcjhod84AAo3T
Use After Free in HermesEcosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: facade/ignition
Source: GitHub Advisory Database
Blast Radius: 52.2
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRxd3AtN2M2Ny1qbWNj
Unauthenticated remote code execution in IgnitionEcosystems: packagist
Packages: facade/ignition
Source: GitHub Advisory Database
Blast Radius: 52.2
Published: about 3 years ago
Critical
Ecosystems: packagist
Packages: facade/ignition
Source: GitHub Advisory Database
Blast Radius: 52.2
Published: over 2 years ago
GSA_kwCzR0hTQS12aHJwLThxeDQtdnI2Y80XYA
Incorrect Access Control in IgnitionEcosystems: packagist
Packages: facade/ignition
Source: GitHub Advisory Database
Blast Radius: 52.2
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: facade/ignition
Source: GitHub Advisory Database
Blast Radius: 52.2
Published: over 2 years ago
GSA_kwCzR0hTQS1tNXY3LXByMzItbWp4Ms0Wbw
Critical severity vulnerability in IgnitionEcosystems: packagist
Packages: facade/ignition
Source: GitHub Advisory Database
Blast Radius: 52.2
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: parse-url
Source: GitHub Advisory Database
Blast Radius: 52.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03ZjN4LXg0cHItd3Foas4AAtA8
Server-Side Request Forgery in parse-urlEcosystems: npm
Packages: parse-url
Source: GitHub Advisory Database
Blast Radius: 52.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2OWgtcTNnai1jMzJ4
SQL Injection via GeoJSON in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05anctMjM3ci1ndmZ2
SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo5eHAtOTJ2Yy01NTlq
SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI1OTgtMmY1OS1ybWhx
SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: macaddress
Source: GitHub Advisory Database
Blast Radius: 51.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBwNTctbXFtaC00NGg3
Command Injection in macaddressEcosystems: npm
Packages: macaddress
Source: GitHub Advisory Database
Blast Radius: 51.7
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 51.0
Published: about 2 years ago
GSA_kwCzR0hTQS1oOTl3LTlxNXItZ2pxOc028Q
Puma vulnerable to HTTP Request SmugglingEcosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 51.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: grunt-karma
Source: GitHub Advisory Database
Blast Radius: 51.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oY2o0LXhmNngtNjN3as4AAvUC
Grunt-karma vulnerable to prototype pollutionEcosystems: npm
Packages: grunt-karma
Source: GitHub Advisory Database
Blast Radius: 51.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1aGctM3htMy1nY2pn
Spring Framework allows applications to expose STOMP over WebSocket endpointsEcosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNybXYtMnBnNS14dnFq
Improperly Implemented Security Check for Standard in org.springframework:spring-coreEcosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: property-expr
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZmdzQtaHI2OS1nM3J2
Prototype Pollution in property-exprEcosystems: npm
Packages: property-expr
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: almost 3 years ago
Critical
Ecosystems: rubygems
Packages: bootstrap-sass
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZxcXYtdjltMi00OHAy
Bootstrap-sass contains code execution backdoorEcosystems: rubygems
Packages: bootstrap-sass
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: about 5 years ago
Critical
Ecosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 50.8
Published: almost 2 years ago
GSA_kwCzR0hTQS00d3JjLWY4cHEtZnBxcM4AAjLC
Pivotal Spring Framework contains unsafe Java deserialization methodsEcosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 50.8
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: ch.qos.logback:logback-core, ch.qos.logback:logback-classic
Source: GitHub Advisory Database
Blast Radius: 50.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZtZmctcmpqbS1yanJq
QOS.ch Logback vulnerable to Deserialization of Untrusted DataEcosystems: maven
Packages: ch.qos.logback:logback-core, ch.qos.logback:logback-classic
Source: GitHub Advisory Database
Blast Radius: 50.6
Published: almost 3 years ago
Critical
Ecosystems: maven
Packages: org.apache.httpcomponents:httpclient
Source: GitHub Advisory Database
Blast Radius: 50.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1wcXdoLTQ0amotcDVybc4AAQXh
Hostname verification in Apache HttpClient 4.3 was disabled by defaultEcosystems: maven
Packages: org.apache.httpcomponents:httpclient
Source: GitHub Advisory Database
Blast Radius: 50.5
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: scikit-learn
Source: GitHub Advisory Database
Blast Radius: 50.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1qanc1LXh4ajYtcGN2Nc4AAktO
scikit-learn Deserialization of Untrusted DataEcosystems: pypi
Packages: scikit-learn
Source: GitHub Advisory Database
Blast Radius: 50.5
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: doctrine/dbal
Source: GitHub Advisory Database
Blast Radius: 50.4
Published: over 2 years ago
GSA_kwCzR0hTQS1yN2NqLThoamcteDYyMs0XOw
DBAL 3 SQL Injection Security VulnerabilityEcosystems: packagist
Packages: doctrine/dbal
Source: GitHub Advisory Database
Blast Radius: 50.4
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: getobject
Source: GitHub Advisory Database
Blast Radius: 50.2
Published: over 2 years ago
GSA_kwCzR0hTQS05NTdqLTU5YzItajY5Ms0WaA
Prototype pollution in getobjectEcosystems: npm
Packages: getobject
Source: GitHub Advisory Database
Blast Radius: 50.2
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 50.0
Published: 23 days ago
GSA_kwCzR0hTQS1mcHc3LWoyaGctNjl2Nc4AA66u
mysql2 Remote Code Execution (RCE) via the readCodeFor functionEcosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 50.0
Published: 23 days ago
Critical
Ecosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 50.0
Published: 11 days ago
GSA_kwCzR0hTQS00cmNoLTJmaDgtOTR2d84AA7Pp
MySQL2 for Node Arbitrary Code InjectionEcosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 50.0
Published: 11 days ago
Critical
Ecosystems: pypi
Packages: pyyaml
Source: GitHub Advisory Database
Blast Radius: 49.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJwcnctaDYydi1jMnc3
PyYAML insecurely deserializes YAML strings leading to arbitrary code executionEcosystems: pypi
Packages: pyyaml
Source: GitHub Advisory Database
Blast Radius: 49.9
Published: over 5 years ago
Critical
Ecosystems: pypi
Packages: PyYAML
Source: GitHub Advisory Database
Blast Radius: 49.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThxNTktcTY4aC02aHY0
Improper Input Validation in PyYAMLEcosystems: pypi
Packages: PyYAML
Source: GitHub Advisory Database
Blast Radius: 49.9
Published: about 3 years ago
Critical
Ecosystems: pypi
Packages: pyyaml
Source: GitHub Advisory Database
Blast Radius: 49.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3NTctanA4NC1neGZ4
Improper Input Validation in PyYAMLEcosystems: pypi
Packages: pyyaml
Source: GitHub Advisory Database
Blast Radius: 49.9
Published: about 3 years ago
Critical
Ecosystems: maven
Packages: ro.pippo:pippo-fastjson, com.alibaba:fastjson
Source: GitHub Advisory Database
Blast Radius: 49.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhqcnIteHY5bS00cHc1
Improper Input Validation in alilibaba:fastjsonEcosystems: maven
Packages: ro.pippo:pippo-fastjson, com.alibaba:fastjson
Source: GitHub Advisory Database
Blast Radius: 49.7
Published: over 5 years ago
Critical
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1wNjR4LThyeHgtd2Y2cc4AAtF-
Django `Trunc()` and `Extract()` database functions vulnerable to SQL InjectionEcosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtcjQtbTJoNS0zM3F4
SQL injection in DjangoEcosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: about 4 years ago
Critical
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: about 2 years ago
GSA_kwCzR0hTQS13MjRoLXY5cWgtOGd4as07NQ
SQL Injection in DjangoEcosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: about 2 years ago
Critical
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: 12 months ago
GSA_kwCzR0hTQS1yM3hjLXByZ3ItbWc5cM4AAzG9
Django bypasses validation when using one form field to upload multiple filesEcosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: 12 months ago
Critical
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: about 2 years ago
GSA_kwCzR0hTQS0yZ3dqLTdqbXYtaDI2cs07Ng
SQL Injection in DjangoEcosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: about 2 years ago
Critical
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmcTYtaHE1ci0yN3I2
Django Potential account hijack via password reset formEcosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: over 4 years ago
Critical
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZyOTctY2o1NS05aHJx
SQL Injection in DjangoEcosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: over 4 years ago
Critical
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1tdjhnLWZoaDYtNjI2N84AAYRT
Django user with hardcoded password created when running tests on OracleEcosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhwZnAtZjU2OS1xM3Ay
SQL Injection in DjangoEcosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: just-extend
Source: GitHub Advisory Database
Blast Radius: 49.5
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3NW0tODVydy1qM3c0
Prototype Pollution in just-extendEcosystems: npm
Packages: just-extend
Source: GitHub Advisory Database
Blast Radius: 49.5
Published: about 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core, uk.co.nichesolutions.logging.log4j:log4j-core, org.xbib.elasticsearch:log4j, com.guicedee.services:log4j-core
Source: GitHub Advisory Database
Blast Radius: 49.2
Published: over 2 years ago
GSA_kwCzR0hTQS1qZmg4LWMyanAtNXYzcc0asw
Remote code injection in Log4jEcosystems: maven
Packages: org.apache.logging.log4j:log4j-core, uk.co.nichesolutions.logging.log4j:log4j-core, org.xbib.elasticsearch:log4j, com.guicedee.services:log4j-core
Source: GitHub Advisory Database
Blast Radius: 49.2
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: commons-fileupload:commons-fileupload
Source: GitHub Advisory Database
Blast Radius: 49.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd4OWotNzIyMy1yZzVt
Improper Access Control in commons-fileuploadEcosystems: maven
Packages: commons-fileupload:commons-fileupload
Source: GitHub Advisory Database
Blast Radius: 49.2
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: omniauth_amazon, coming-soon, bitcoin_vanity, capistrano-colors, doge-coin, awesome-bot, blockchain_wallet, coin_base, cron_parser, rest-client
Source: GitHub Advisory Database
Blast Radius: 49.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMzM2ctcnByNC03aHhx
rest-client Gem Contains Malicious CodeEcosystems: rubygems
Packages: omniauth_amazon, coming-soon, bitcoin_vanity, capistrano-colors, doge-coin, awesome-bot, blockchain_wallet, coin_base, cron_parser, rest-client
Source: GitHub Advisory Database
Blast Radius: 49.0
Published: over 4 years ago
Critical
Ecosystems: rubygems
Packages: rest-client
Source: GitHub Advisory Database
Blast Radius: 49.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmaGYtNjkzOS1xZzhw
rest-client Gem Vulnerable to Session FixationEcosystems: rubygems
Packages: rest-client
Source: GitHub Advisory Database
Blast Radius: 49.0
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: knex
Source: GitHub Advisory Database
Blast Radius: 48.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4djQtcXd4NS03ZjU5
SQL Injection in knexEcosystems: npm
Packages: knex
Source: GitHub Advisory Database
Blast Radius: 48.8
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: over 1 year ago
GSA_kwCzR0hTQS05dzVqLTRtd3YtMndqOM4AAxNC
Remote code execution in simple-gitEcosystems: npm
Packages: simple-git
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3ODgtcmpqMy14N3dw
Chromium Remote Code Execution in electronEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: almost 6 years ago
Critical
Ecosystems: rubygems, pypi
Packages: sha3, pysha3
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: about 1 year ago
GSA_kwCzR0hTQS02dzRtLTJ4aGctMjY1OM4AAy-v
Buffer overflow in sponge queue functionsEcosystems: rubygems, pypi
Packages: sha3, pysha3
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: torch
Source: GitHub Advisory Database
Blast Radius: 48.6
Published: over 1 year ago
GSA_kwCzR0hTQS00N2ZjLXZtd3EtMzY2ds4AAwDK
PyTorch vulnerable to arbitrary code executionEcosystems: pypi
Packages: torch
Source: GitHub Advisory Database
Blast Radius: 48.6
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/proxy-manager-bridge, symfony/dependency-injection
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnd2otcHJwcS1qcGMy
Symfony Service IDs Allow InjectionEcosystems: packagist
Packages: symfony/symfony, symfony/proxy-manager-bridge, symfony/dependency-injection
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: over 4 years ago
Critical
Ecosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: over 2 years ago
GSA_kwCzR0hTQS04dmoyLXZ4eDMtNjY3d80hfA
Arbitrary expression injection in PillowEcosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2cjgtNDY2cC03NXJo
Pillow Integer overflow in ImagingResampleHorizontalEcosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: over 2 years ago
GSA_kwCzR0hTQS03NTM0LW1tNDUtYzc0ds0WKQ
Buffer Overflow in PillowEcosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1yN3JtLThqNmgtcjkzM84AAjLe
Buffer Copy without Checking Size of Input in PillowEcosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: simple_form
Source: GitHub Advisory Database
Blast Radius: 48.3
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI3NHEtZ3hjZy03M2h4
Improper Input Validation in simple_formEcosystems: rubygems
Packages: simple_form
Source: GitHub Advisory Database
Blast Radius: 48.3
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: parse-url
Source: GitHub Advisory Database
Blast Radius: 48.3
Published: over 1 year ago
GSA_kwCzR0hTQS1qOWZxLXZ3cXYtMmZtMs4AAuza
Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-urlEcosystems: npm
Packages: parse-url
Source: GitHub Advisory Database
Blast Radius: 48.3
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 48.2
Published: over 1 year ago
GSA_kwCzR0hTQS05OTVmLTl4NXItMnJjas4AAwCZ
Heap buffer overflow in GPUEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 48.2
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core, org.apache.logging.log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 48.2
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4cGgtcTNqOC1tdjg3
Deserialization of Untrusted Data in Log4jEcosystems: maven
Packages: org.apache.logging.log4j:log4j-core, org.apache.logging.log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 48.2
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: set-getter
Source: GitHub Advisory Database
Blast Radius: 48.1
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp2MzUteHFnNy1mOTJy
set-getter Prototype Pollution VulnerabilityEcosystems: npm
Packages: set-getter
Source: GitHub Advisory Database
Blast Radius: 48.1
Published: almost 3 years ago
Critical
Ecosystems: pypi
Packages: joblib
Source: GitHub Advisory Database
Blast Radius: 47.9
Published: over 1 year ago
GSA_kwCzR0hTQS02aHJnLXFtdmMtMnhoOM4AAvFP
joblib vulnerable to arbitrary code executionEcosystems: pypi
Packages: joblib
Source: GitHub Advisory Database
Blast Radius: 47.9
Published: over 1 year ago
Critical
Ecosystems: npm, packagist
Packages: plotly.js, plotly/plotly.js
Source: GitHub Advisory Database
Blast Radius: 47.8
Published: 4 months ago
GSA_kwCzR0hTQS13amM0LTczcTYtZ3Yzbc4AA4Ki
plotly.js prototype pollution vulnerabilityEcosystems: npm, packagist
Packages: plotly.js, plotly/plotly.js
Source: GitHub Advisory Database
Blast Radius: 47.8
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: bleach
Source: GitHub Advisory Database
Blast Radius: 47.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05bXEtcDJmOS1jZnF2
Bleach URI Scheme Restriction BypassEcosystems: pypi
Packages: bleach
Source: GitHub Advisory Database
Blast Radius: 47.8
Published: over 5 years ago
Critical
Ecosystems: pypi
Packages: notebook
Source: GitHub Advisory Database
Blast Radius: 47.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3dnEtNmdqeC1qNzk3
Special Element Injection in notebookEcosystems: pypi
Packages: notebook
Source: GitHub Advisory Database
Blast Radius: 47.8
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: netmask
Source: GitHub Advisory Database
Blast Radius: 47.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRjN20td3h2bS1yN2dj
Improper parsing of octal bytes in netmaskEcosystems: npm
Packages: netmask
Source: GitHub Advisory Database
Blast Radius: 47.8
Published: about 3 years ago
Critical
Ecosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 47.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW13NnYtY3JoOC04NTMz
Integer Overflow or Wraparound in Google TensorFlowEcosystems: pypi
Packages: tensorflow
Source: GitHub Advisory Database
Blast Radius: 47.7
Published: about 5 years ago
Critical
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 47.7
Published: about 1 year ago
GSA_kwCzR0hTQS1ndzk3LWZmN2MtOXY5Ns4AAyT8
TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operationEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 47.7
Published: about 1 year ago
Critical
Ecosystems: cargo
Packages: rand_core
Source: GitHub Advisory Database
Blast Radius: 47.7
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc3ajItMzVtZi05NXA3
Incorrect check on buffer length in rand_coreEcosystems: cargo
Packages: rand_core
Source: GitHub Advisory Database
Blast Radius: 47.7
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: rand_core
Source: GitHub Advisory Database
Blast Radius: 47.7
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tYzktcHdtNy1xajV3
Unaligned memory access in rand_coreEcosystems: cargo
Packages: rand_core
Source: GitHub Advisory Database
Blast Radius: 47.7
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.codehaus.jackson:jackson-mapper-asl
Source: GitHub Advisory Database
Blast Radius: 47.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1jMjdoLW1jbXctNDhods4AAiN-
Deserialization of Untrusted Data in org.codehaus.jackson:jackson-mapper-aslEcosystems: maven
Packages: org.codehaus.jackson:jackson-mapper-asl
Source: GitHub Advisory Database
Blast Radius: 47.5
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: crypto-js
Source: GitHub Advisory Database
Blast Radius: 47.5
Published: 6 months ago
GSA_kwCzR0hTQS14d2NxLXBtOG0tYzR2Zs4AA2sP
crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standardEcosystems: npm
Packages: crypto-js
Source: GitHub Advisory Database
Blast Radius: 47.5
Published: 6 months ago
Critical
Ecosystems: cargo
Packages: smallvec
Source: GitHub Advisory Database
Blast Radius: 47.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ4cjQteDU1OC14N2h3
Double free in smallvecEcosystems: cargo
Packages: smallvec
Source: GitHub Advisory Database
Blast Radius: 47.3
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: smallvec
Source: GitHub Advisory Database
Blast Radius: 47.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY5Z3ctaGdqMy00NW03
Memory corruption in smallvecEcosystems: cargo
Packages: smallvec
Source: GitHub Advisory Database
Blast Radius: 47.3
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: smallvec
Source: GitHub Advisory Database
Blast Radius: 47.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tN3YtdnB2OC14ZmMz
Double free in smallvecEcosystems: cargo
Packages: smallvec
Source: GitHub Advisory Database
Blast Radius: 47.3
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: smallvec
Source: GitHub Advisory Database
Blast Radius: 47.3
Published: almost 2 years ago
GSA_kwCzR0hTQS00M3cyLTlqNjItaHE5Oc4AAnWf
Buffer overflow in SmallVec::insert_manyEcosystems: cargo
Packages: smallvec
Source: GitHub Advisory Database
Blast Radius: 47.3
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 47.2
Published: over 1 year ago
GSA_kwCzR0hTQS1tcmdwLW1yaGMtNWpycc4AAvGK
vm2 vulnerable to Sandbox Escape resulting in Remote Code Execution on hostEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 47.2
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: merge-options
Source: GitHub Advisory Database
Blast Radius: 47.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF3OTMtNDVyMy1wNjZw
Prototype Pollution in merge-optionsEcosystems: npm
Packages: merge-options
Source: GitHub Advisory Database
Blast Radius: 47.2
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: swiper
Source: GitHub Advisory Database
Blast Radius: 47.1
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAzaGMtZnYyai1ycDY4
Prototype Pollution in swiperEcosystems: npm
Packages: swiper
Source: GitHub Advisory Database
Blast Radius: 47.1
Published: almost 3 years ago
Critical
Ecosystems: maven
Packages: org.apache.servicemix.bundles:org.apache.servicemix.bundles.collections-generic, net.sourceforge.collections:collections-generic, org.apache.servicemix.bundles:org.apache.servicemix.bundles.commons-collections, org.apache.commons:commons-collections4, commons-collections:commons-collections
Source: GitHub Advisory Database
Blast Radius: 47.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1manE1LTVqNWYtbXZ4aM4AAQY7
Deserialization of Untrusted Data in Apache commons collectionsEcosystems: maven
Packages: org.apache.servicemix.bundles:org.apache.servicemix.bundles.collections-generic, net.sourceforge.collections:collections-generic, org.apache.servicemix.bundles:org.apache.servicemix.bundles.commons-collections, org.apache.commons:commons-collections4, commons-collections:commons-collections
Source: GitHub Advisory Database
Blast Radius: 47.0
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: base64
Source: GitHub Advisory Database
Blast Radius: 46.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg2N3gtdmc5bS02NWMz
Integer overflow in base64Ecosystems: cargo
Packages: base64
Source: GitHub Advisory Database
Blast Radius: 46.8
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: serialize-to-js
Source: GitHub Advisory Database
Blast Radius: 46.6
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tNjItd3hjOC1jZjdt
Code Execution Through IIFE in serialize-to-jsEcosystems: npm
Packages: serialize-to-js
Source: GitHub Advisory Database
Blast Radius: 46.6
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: cryptography
Source: GitHub Advisory Database
Blast Radius: 46.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJobTktcDl3NS1md203
PyCA Cryptography symmetrically encrypting large values can lead to integer overflowEcosystems: pypi
Packages: cryptography
Source: GitHub Advisory Database
Blast Radius: 46.6
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: class-validator
Source: GitHub Advisory Database
Blast Radius: 46.6
Published: over 2 years ago
GSA_kwCzR0hTQS1majU4LWgyZnItM3BwMs0WeA
SQL Injection and Cross-site Scripting in class-validatorEcosystems: npm
Packages: class-validator
Source: GitHub Advisory Database
Blast Radius: 46.6
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: global-modules-path
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 1 year ago
GSA_kwCzR0hTQS12dmozLTg1dmYtZmdtd84AAw93
global-modules-path Command Injection vulnerabilityEcosystems: npm
Packages: global-modules-path
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/cache
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc5Z3ItNThyMy1wd20z
Symfony Unsafe Cache Serialization Could Enable RCEEcosystems: packagist
Packages: symfony/symfony, symfony/cache
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: org.hsqldb:hsqldb
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 1 year ago
GSA_kwCzR0hTQS03N3h4LXJ4dmgtcTY4Ms4AAvLg
HyperSQL DataBase vulnerable to remote code execution when processing untrusted inputEcosystems: maven
Packages: org.hsqldb:hsqldb
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 1 year ago
Critical
Ecosystems: rubygems
Packages: omniauth
Source: GitHub Advisory Database
Blast Radius: 46.4
Published: over 1 year ago
GSA_kwCzR0hTQS1wbTU1LXFmeHItaDI0N84AAuFx
OmniAuth's `lib/omniauth/failure_endpoint.rb` does not escape `message_key` valueEcosystems: rubygems
Packages: omniauth
Source: GitHub Advisory Database
Blast Radius: 46.4
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: SQLAlchemy
Source: GitHub Advisory Database
Blast Radius: 46.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg4N3ctNDVycS12eGdm
SQLAlchemy vulnerable to SQL Injection via order_by parameterEcosystems: pypi
Packages: SQLAlchemy
Source: GitHub Advisory Database
Blast Radius: 46.3
Published: about 5 years ago
Critical
Ecosystems: go
Packages: github.com/apptainer/sif, github.com/satori/go.uuid
Source: GitHub Advisory Database
Blast Radius: 46.3
Published: about 1 year ago
GSA_kwCzR0hTQS0zM202LXE5djUtNjJyN84AA6Xq
Predictable SIF UUID IdentifiersEcosystems: go
Packages: github.com/apptainer/sif, github.com/satori/go.uuid
Source: GitHub Advisory Database
Blast Radius: 46.3
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
GSA_kwCzR0hTQS14ajcyLXd2ZnYtODk4Nc4AAyu7
vm2 Sandbox Escape vulnerabilityEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 12 months ago
GSA_kwCzR0hTQS13aHBqLThmM3ctNjdwNc4AAzV1
vm2 Sandbox Escape vulnerabilityEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 12 months ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 10 months ago
GSA_kwCzR0hTQS1jY2hxLWZyZ3YtcmpoNc4AA0sM
vm2 Sandbox Escape vulnerabilityEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 10 months ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
GSA_kwCzR0hTQS03anhyLWNnN2YtZ3Bnds4AAyoQ
vm2 vulnerable to sandbox escapeEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
Statistics
Advisories: 18,361
Packages: 8,293
Repositories: 1,289
Ecosystems: 12
Packages: 8,293
Repositories: 1,289
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
27
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
net.mingsoft:ms-mcms
18
org.jenkins-ci.main:jenkins-core
18
salt
16
moodle/moodle
15
com.liferay.portal:release.portal.bom
13
langchain
12
drupal/core
12
com.liferay.portal:release.dxp.bom
12
org.apache.dubbo:dubbo
12
topthink/framework
12
mlflow
12
magento/core
11
org.apache.struts:struts2-core
11
apache-airflow
10
vm2
10
tensorflow
9
org.xwiki.platform:xwiki-platform-oldcore
9
phpmyadmin/phpmyadmin
9
funadmin/funadmin
9
tensorflow-gpu
8
tensorflow-cpu
8
drupal/drupal
8
org.jeecgframework.boot:jeecg-boot-common
8
shopware/platform
8
rdiffweb
8
paddlepaddle
8
org.xwiki.platform:xwiki-platform-web-templates
8
froxlor/froxlor
7
rusqlite
7
org.xwiki.platform:xwiki-platform-administration-ui
7
ansible
7
sequelize
7
symfony/symfony
7
gogs.io/gogs
7
studio-42/elfinder
7
github.com/argoproj/argo-cd
6
thorsten/phpmyfaq
6
github.com/answerdev/answer
6
ezsystems/ezpublish-kernel
6
aaptjs
6
parse-server
6
centreon/centreon
5
org.apache.shiro:shiro-core
5
org.xwiki.platform:xwiki-platform-web
5
org.apache.tomcat.embed:tomcat-embed-core
5
nodebb
5
ckb
5
org.jeecgframework.boot:jeecg-boot-parent
5
steal
5
org.jenkins-ci.plugins:script-security
5
org.apache.activemq:activemq-client
5
org.xwiki.commons:xwiki-commons-xml
5
zendframework/zendframework
5
Microsoft.ChakraCore
5
shopware/core
5
org.apache.inlong:manager-pojo
5
mercurial
5
django
5
Pillow
5
safe-eval
5
org.cloudfoundry.identity:cloudfoundry-identity-server
4
smallvec
4
pyload-ng
4
contao/contao
4
spree_auth_devise
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
librenms/librenms
4
contao/core-bundle
4
org.apache.inlong:manager-service
4
hermes-engine
4
org.apache.tapestry:tapestry-core
4
org.eclipse.jetty:jetty-server
4
org.apache.openmeetings:openmeetings-parent
4
PaddlePaddle
4
org.apache.kylin:kylin-server-base
4
code.gitea.io/gitea
4
safer-eval
4
mautic/core
4
swagger-ui
4
calibreweb
4
realms-shim
4
nukeviet/nukeviet
4
Django
4
github.com/hashicorp/vault
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
prestashop/prestashop
4
github.com/usememos/memos
4
net.opentsdb:opentsdb
4
messagepack-rs
4
openssl-src
4
github.com/argoproj/argo-cd/v2
4
apache-airflow-providers-apache-hive
4
feehi/cms
4
baserproject/basercms
4
nilsteampassnet/teampass
4
org.jeecgframework.boot:jeecg-boot-base-core
4
rubygems-update
3
org.apache.any23:apache-any23
3
org.apache.linkis:linkis
3
github.com/hashicorp/nomad
3
nokogiri
3
@openzeppelin/contracts-upgradeable
3
github.com/dexidp/dex
3
feathers-sequelize
3
org.springframework.security:spring-security-core
3
jsrsasign
3
pimcore/pimcore
3
codeigniter4/framework
3
nvflare
3
zendframework/zendframework1
3
io.dataease:dataease-plugin-common
3
smarty/smarty
3
org.apache.ignite:ignite-core
3
cobbler
3
mongoose
3
github.com/rancher/rancher
3
com.hazelcast:hazelcast
3
edu.stanford.nlp:stanford-corenlp
3
org.jenkins-ci.plugins:active-directory
3
org.apache.logging.log4j:log4j-core
3
org.apache.hadoop:hadoop-common
3
org.apache.inlong:manager-web
3
org.apache.jmeter:ApacheJMeter
3
org.keycloak:keycloak-core
3
craftcms/cms
3
org.xwiki.platform:xwiki-platform-icon-ui
3
io.undertow:undertow-core
3
modoboa
3
ro.pippo:pippo-core
3
com.jflyfox:jflyfox_jfinal
3
showdoc/showdoc
3
symfony/security
3
symfony/security-core
3
com.alibaba:dubbo
3
github.com/pterodactyl/wings
3
publify_core
3
id-map
3
actix-web
3
log4j:log4j
3
slpjs
3
elefant/cms
3
org.apache.ozone:ozone-main
3
codiad/codiad
3
org.xwiki.platform:xwiki-platform-panels-ui
3
phpmailer/phpmailer
3
tribalsystems/zenario
3
org.apache.dolphinscheduler:dolphinscheduler
3
slp-validate
3
francoisjacquet/rosariosis
3
typo3/cms
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
ray
3
strapi
3
facade/ignition
3
ezsystems/ezplatform-kernel
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
org.xwiki.platform:xwiki-platform-search-ui
3
github.com/go-gitea/gitea
3
handlebars
3
org.apache.storm:storm
3
org.apache.solr:solr-parent
3
browserify-shim
3
impresscms/impresscms
3
org.richfaces:richfaces-core
3
dompdf/dompdf
3
ibexa/core
3
lmdb
3
org.apache.solr:solr-core
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
xcb
3
org.jeecgframework.boot:jeecg-boot-base
3
github.com/sap/cloud-security-client-go
2
org.apache.shiro:shiro-web
2
apache-superset
2
nadesiko3
2
tenvoy
2
org.apache.inlong:manager-dao
2
ghost
2
github.com/crewjam/saml
2
org.springframework.amqp:spring-amqp
2
alextselegidis/easyappointments
2
mathjs
2
org.apache.flume.flume-ng-sources:flume-jms-source
2
llama-index
2
eslint-config-eslint
2
github.com/russellhaering/gosaml2
2
locutus
2
org.apache.derby:derby
2
org.apache.commons:commons-configuration2
2
@sequelize/core
2
graphite-web
2
torchserve
2
traceroute
2
com.hazelcast.jet:hazelcast-jet
2
org.xwiki.platform:xwiki-platform-attachment-ui
2
pidusage
2
llhttp
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/saltstack/salt
14
https://github.com/apache/airflow
14
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/funadmin/funadmin
9
https://github.com/tensorflow/tensorflow
9
https://github.com/apache/inlong
8
https://github.com/top-think/framework
8
https://github.com/django/django
8
https://github.com/magento/magento2
8
https://github.com/ikus060/rdiffweb
8
https://github.com/langchain-ai/langchain
8
https://github.com/ansible/ansible
7
https://github.com/gogs/gogs
7
https://github.com/apache/struts
7
https://github.com/Studio-42/elFinder
7
https://github.com/argoproj/argo-cd
7
https://github.com/rusqlite/rusqlite
7
https://github.com/python-pillow/Pillow
7
https://github.com/sequelize/sequelize
7
https://github.com/go-gitea/gitea
7
https://github.com/parse-community/parse-server
6
https://github.com/answerdev/answer
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/shenzhim/aaptjs
6
https://github.com/shopware/platform
6
https://github.com/symfony/symfony
6
https://github.com/apache/tomcat
5
https://github.com/stealjs/steal
5
https://github.com/apache/activemq
5
https://github.com/nervosnetwork/ckb
5
https://github.com/NodeBB/NodeBB
5
https://github.com/moodle/moodle
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/froxlor/froxlor
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/keycloak/keycloak
5
https://github.com/dromara/hutool
4
https://github.com/dompdf/dompdf
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/pippo-java/pippo
4
https://github.com/janeczku/calibre-web
4
https://github.com/otake84/messagepack-rs
4
https://github.com/swagger-api/swagger-ui
4
https://github.com/contao/contao
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/PrestaShop/PrestaShop
4
https://github.com/CVEProject/cvelist
4
https://github.com/usememos/memos
4
https://github.com/liufee/cms
4
https://github.com/pyload/pyload
4
https://github.com/spring-projects/spring-framework
4
https://github.com/hwchase17/langchain
4
https://github.com/servo/rust-smallvec
4
https://github.com/cloudfoundry/uaa
4
https://github.com/neorazorx/facturascripts
3
https://github.com/github/securitylab
3
https://github.com/dexidp/dex
3
https://github.com/apache/shiro
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/baserproject/basercms
3
https://github.com/pterodactyl/wings
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/smarty-php/smarty
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/facade/ignition
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/rubygems/rubygems.org
3
https://github.com/facebook/hermes
3
https://github.com/mbechler/marshalsec
3
https://github.com/hazelcast/hazelcast
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/pimcore/pimcore
3
https://github.com/star7th/showdoc
3
https://github.com/rancher/rancher
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/publify/publify
3
https://github.com/dwisiswant0/advisory
3
https://github.com/centreon/centreon-archived
3
https://github.com/shopware/shopware
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/kjur/jsrsasign
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/apache/camel
3
https://github.com/octobercms/october
3
https://github.com/ibexa/core
3
https://github.com/denoland/deno
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/crewjam/saml
3
https://github.com/modoboa/modoboa
3
https://github.com/actix/actix-web
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/rubygems/rubygems
3
https://github.com/nukeviet/nukeviet
3
https://github.com/twisted/twisted
3
https://github.com/craftcms/cms
3
https://github.com/andrewhickman/id-map
3
https://github.com/pytorch/serve
2
https://github.com/sidorares/node-mysql2
2
https://github.com/javamelody/javamelody
2
https://github.com/Netflix/security-bulletins
2
https://github.com/neo4j-contrib/neo4j-apoc-procedures
2
https://github.com/kubernetes/kubernetes
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/nodejs/llhttp
2
https://github.com/sjep/array
2
https://github.com/apache/submarine
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/drupal/core
2
https://github.com/folio-org/mod-data-export-spring
2
https://github.com/apache/jmeter
2
https://github.com/google/flatbuffers
2
https://github.com/scalyr/scalyr-agent-2
2
https://github.com/IceWhaleTech/CasaOS
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/intelliants/subrion
2
https://github.com/benbusby/whoogle-search
2
https://github.com/laurent22/joplin
2
https://github.com/js-data/js-data
2
https://github.com/graphite-project/graphite-web
2
https://github.com/quarkusio/quarkus
2
https://github.com/gventuri/pandas-ai
2
https://github.com/dominictarr/event-stream
2
https://github.com/rochacbruno/quokka
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/KnpLabs/snappy
2
https://github.com/gnzlbg/slice_deque
2
https://github.com/ADOdb/ADOdb
2
https://github.com/keystonejs/keystone
2
https://github.com/jfinal/jfinal
2
https://github.com/TribalSystems/Zenario
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/codeigniter4/CodeIgniter4
2
https://github.com/Automattic/mongoose
2
https://github.com/rest-client/rest-client
2
https://github.com/netvl/acc_reader
2
https://github.com/michaelschwarz/Ajax.NET-Professional
2
https://github.com/h2database/h2database
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/hashicorp/vault
2
https://github.com/totaljs/framework
2
https://github.com/noear/solon
2
https://github.com/top-think/thinkphp
2
https://github.com/getgrav/grav
2
https://github.com/web2py/web2py
2
https://github.com/SAP/cloud-pysec
2
https://github.com/nats-io/jwt
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/jenkinsci/script-security-plugin
2
https://github.com/qcubed/qcubed
2
https://github.com/nystudio107/craft-seomatic
2
https://github.com/mautic/mautic
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jmrozanec/cron-utils
2
https://github.com/hashicorp/go-getter
2
https://github.com/rubyzip/rubyzip
2
https://github.com/apache/kylin
2
https://github.com/ahdinosaur/set-in
2
https://github.com/waycrate/swhkd
2
https://github.com/ionicabizau/parse-url
2
https://github.com/reem/rust-traitobject
2
https://github.com/actix/actix-net
2
https://github.com/Agoric/realms-shim
2
https://github.com/gofiber/fiber
2
https://github.com/apache/incubator-streampark
2
https://github.com/git-lfs/git-lfs
2
https://github.com/puma/puma
2
https://github.com/skoranga/node-dns-sync
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/evmos/evmos
2
https://github.com/rust-random/rand
2
https://github.com/MrSwitch/hello.js
2
https://github.com/OpenMage/magento-lts
2
https://github.com/ezsystems/ezplatform-admin-ui
2
https://github.com/xwiki/xwiki-rendering
2
https://github.com/grafana/grafana
2
https://github.com/Gerapy/Gerapy
2
https://github.com/Codiad/Codiad
2
https://github.com/moby/buildkit
2
https://github.com/soketi/soketi
2