Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 52.7
Published: over 2 years ago
GSA_kwCzR0hTQS1mN3ZoLXF3cDMteDM3bc0kWQ
Deserialization of Untrusted Data in Apache Log4jEcosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 52.7
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ssh, org.jvnet.hudson.plugins:ssh
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS01Z21mLThnaDItaGhmcM4AAR2I
Jenkins SSH Plugin user passwords for encrypted SSH keys stored in plaintextEcosystems: maven
Packages: org.jenkins-ci.plugins:ssh, org.jvnet.hudson.plugins:ssh
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS14dnhxLWhxNDgteHBobc3maQ
Sandbox bypass in Script Security PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: packagist
Packages: cockpit-hq/cockpit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS14Y3EzLTdwZjMtNWp2Y84AA1Ei
Cockpit PHP Remote File Inclusion vulnerabilityEcosystems: packagist
Packages: cockpit-hq/cockpit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:matrix-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1xeGY4LTg4MzctaHE3d833bQ
Script security sandbox bypass in Matrix Project PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:matrix-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:job-import-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS04ODJyLXI4ZnctcDUzOM4AAQ7m
XXE vulnerability in Jenkins Job Import PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:job-import-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.codehaus.groovy:groovy
Source: GitHub Advisory Database
Blast Radius: 40.6
Published: about 2 years ago
GSA_kwCzR0hTQS1xZzI1LWhnanYtY2c5cc4AAQar
Improper Neutralization of Special Elements in Output Used by a Downstream Component in Apache GroovyEcosystems: maven
Packages: org.codehaus.groovy:groovy
Source: GitHub Advisory Database
Blast Radius: 40.6
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: dns-sync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjdzgtcjl4bS0zMmM2
Command Injection in dns-syncEcosystems: npm
Packages: dns-sync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Critical
Ecosystems: maven
Packages: com.gitblit:gitblit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1maDU1LXZ3amMtNjljN84AAgdA
Unescaped control characters in GitblitEcosystems: maven
Packages: com.gitblit:gitblit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 10 months ago
GSA_kwCzR0hTQS1nd3FxLTZ2cTctNWo4Ns4AA1D8
langchain Code Injection vulnerabilityEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 10 months ago
Critical
Ecosystems: nuget
Packages: IpMatcher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1xajkzLTM3ZjUtbXIyOc4AAX6N
Improper Input Validation in IpMatcherEcosystems: nuget
Packages: IpMatcher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: go
Packages: mosn.io/mosn
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 1 year ago
GSA_kwCzR0hTQS01dng5LWo1Y3ctNDd2cc4AAxtv
Privilege escalation in MOSNEcosystems: go
Packages: mosn.io/mosn
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.springframework.amqp:spring-amqp
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 2 years ago
GSA_kwCzR0hTQS1ocnAzLThwNXctMjdnds4AAQeT
Improper Input Validation in Spring AMQPEcosystems: maven
Packages: org.springframework.amqp:spring-amqp
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.python:jython, org.python:jython-standalone
Source: GitHub Advisory Database
Blast Radius: 31.8
Published: about 2 years ago
GSA_kwCzR0hTQS02cjdyLWpqOGgtcHE2ds4AAQZS
Deserialization of Untrusted Data in JythonEcosystems: maven
Packages: org.python:jython, org.python:jython-standalone
Source: GitHub Advisory Database
Blast Radius: 31.8
Published: about 2 years ago
Critical
Ecosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Blast Radius: 43.5
Published: 9 months ago
GSA_kwCzR0hTQS1wcjc2LTVjbTUtdzljas4AA1Py
GitPython vulnerable to remote code execution due to insufficient sanitization of input argumentsEcosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Blast Radius: 43.5
Published: 9 months ago
Critical
Ecosystems: packagist
Packages: neorazorx/facturascripts
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS04d3AyLXZ4cGcteGN2cM1BJg
Cross site scripting in facturascriptsEcosystems: packagist
Packages: neorazorx/facturascripts
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: reduce-css-calc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ2NjItajk2Zy1tdjQ2
Arbitrary Code Injection in reduce-css-calcEcosystems: npm
Packages: reduce-css-calc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Critical
Ecosystems: packagist
Packages: codeigniter4/framework
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: 12 months ago
GSA_kwCzR0hTQS1tNm04LTZncTgtYzlmas4AAzbB
Remote Code Execution Vulnerability in Validation Placeholders in CodeIgniter4Ecosystems: packagist
Packages: codeigniter4/framework
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: 12 months ago
Critical
Ecosystems: cargo
Packages: stack_dst
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThtangtaDIzaC13MnBn
Double free in stack_dstEcosystems: cargo
Packages: stack_dst
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: Simple-Wayland-HotKey-Daemon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1yM3I1LWpodzYtNDYzNM05bw
Insecure temporary file usage in SWHKDEcosystems: cargo
Packages: Simple-Wayland-HotKey-Daemon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: go
Packages: github.com/gen2brain/go-unarr
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY5ajQtY3A2My1xdjYy
Tarslip in go-unarrEcosystems: go
Packages: github.com/gen2brain/go-unarr
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: jwt-simple
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZncngtdzZyZy04ZnFm
Forgeable Public/Private Tokens in jwt-simpleEcosystems: npm
Packages: jwt-simple
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Critical
Ecosystems: packagist
Packages: impresscms/impresscms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1qYzR2LXZ2ZzYteGc3OM02eg
SQL Injection in ImpressCMSEcosystems: packagist
Packages: impresscms/impresscms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: apex-publish-static-files
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlqbTMtNTgzNS01Mzdt
Command Injection in apex-publish-static-filesEcosystems: npm
Packages: apex-publish-static-files
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: @builder.io/qwik
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: about 1 year ago
GSA_kwCzR0hTQS05d2Y5LXF2dnAtMjkyOc4AAyAc
builderio/qwik is vulnerable to code injectionEcosystems: npm
Packages: @builder.io/qwik
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1ycGhjLWg1NzItMng5Zs0yuw
Cross-site Scripting in showdoc/showdocEcosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: com.typesafe.akka:akka-actor_2.12, com.typesafe.akka:akka-actor_2.11
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1yOTUtOXJyNC02Njhm
Cryptographically Weak Pseudo-Random Number Generator (PRNG) in akka-actorEcosystems: maven
Packages: com.typesafe.akka:akka-actor_2.12, com.typesafe.akka:akka-actor_2.11
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: over 5 years ago
Critical
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: over 1 year ago
GSA_kwCzR0hTQS1namc3LXFmdnAtOWhtNM4AAv9w
SQL injection in DolibarrEcosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
GSA_kwCzR0hTQS04d3E3LWhoamotZnBxds0l6Q
RCE in Mingsoft MCMSEcosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.any23:apache-any23
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS0ycm1tLTg3djctMzRyas0wfg
Improper Restriction of XML External Entity Reference in Any23Ecosystems: maven
Packages: org.apache.any23:apache-any23
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS04MnJyLW1xNHItcDRyM80uuw
SQL injection in francoisjacquet/rosariosisEcosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qM2NxLWg2dmgtZ3g3Zs4AAqj5
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: llhttp
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1xNXZ4LTQ0djQtZ2NoNM4AAtZv
llhttp allows HTTP Request Smuggling via Improper Delimiting of Header FieldsEcosystems: npm
Packages: llhttp
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: impresscms/impresscms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS0zODlwLWZjaHItcTJtZ80r8Q
Path Traversal in ImpressCMSEcosystems: packagist
Packages: impresscms/impresscms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.directory.api:apache-ldap-api
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmdzUtdjdjdy02OWN3
Credential leak in org.apache.directory.api:apache-ldap-apiEcosystems: maven
Packages: org.apache.directory.api:apache-ldap-api
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: info.magnolia:magnolia-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1tNGhnLTVwMm0tZm01bc0rFQ
Arbitrary code execution in Magnolia CMSEcosystems: maven
Packages: info.magnolia:magnolia-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc3cDUtNTc1OS1xdjQ2
Data leak in TensorflowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: cn.hutool:hutool-json, cn.hutool:hutool-core
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 8 months ago
GSA_kwCzR0hTQS03cDhjLWNyZnItcTkzcM4AA1xg
hutool Buffer Overflow vulnerabilityEcosystems: maven
Packages: cn.hutool:hutool-json, cn.hutool:hutool-core
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 8 months ago
Critical
Ecosystems: maven
Packages: cn.hutool:hutool-json, cn.hutool:hutool-core
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 8 months ago
GSA_kwCzR0hTQS1yeGdmLXI4NDMtZzUzaM4AA1xh
hutool Buffer Overflow vulnerabilityEcosystems: maven
Packages: cn.hutool:hutool-json, cn.hutool:hutool-core
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 8 months ago
Critical
Ecosystems: npm
Packages: external-svg-loader
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: 9 months ago
GSA_kwCzR0hTQS14YzJyLWpmMngtZ2pyOM4AA1Sy
external-svg-loader Cross-site Scripting vulnerabilityEcosystems: npm
Packages: external-svg-loader
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 50.8
Published: almost 2 years ago
GSA_kwCzR0hTQS00d3JjLWY4cHEtZnBxcM4AAjLC
Pivotal Spring Framework contains unsafe Java deserialization methodsEcosystems: maven
Packages: org.springframework:spring-web
Source: GitHub Advisory Database
Blast Radius: 50.8
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.neo4j:neo4j-enterprise
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1ZjUtcmo0ci00MmY2
Incorrect access control in Neo4j Enterprise Database Server via LDAP authenticationEcosystems: maven
Packages: org.neo4j:neo4j-enterprise
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: over 5 years ago
Critical
Ecosystems: packagist
Packages: feehi/cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS02dmYyLW1mbXItcXFxd84AAz9f
Liufee CMS File Upload vulnerabilityEcosystems: packagist
Packages: feehi/cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
Ecosystems: cargo
Packages: buffoon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS12OTM4LXFjYzktcnd2OM0fpQ
Use of Uninitialized Resource in buffoon.Ecosystems: cargo
Packages: buffoon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: kohana/core, codeigniter/framework
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: about 2 years ago
GSA_kwCzR0hTQS13OXBoLXE0aDktcndxNs4AAYu2
CodeIgniter and Kohana vulnerable to PHP Object InjectionEcosystems: packagist
Packages: kohana/core, codeigniter/framework
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: about 2 years ago
Critical
Ecosystems: cargo
Packages: bronzedb-protocol
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qdjJyLWp4NnEtODlqZ80foA
Use of Uninitialized Resource in bronzedb-protocol.Ecosystems: cargo
Packages: bronzedb-protocol
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.ignite:ignite-core
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNocDQtcnY3OS02OGoz
Apache serialization mechanism does not have a list of classes allowed for serialization/deserializationEcosystems: maven
Packages: org.apache.ignite:ignite-core
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.splunk.logging:splunk-library-javalogging
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05NGc3LWhwdjgtaDlxbc0bRQ
Remote code injection in Log4jEcosystems: maven
Packages: com.splunk.logging:splunk-library-javalogging
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.craftercms:crafter-search
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS0yd3IyLThxanEtZ2g1Nc0ZDA
Exposure of Resource to Wrong Sphere in org.craftercms:crafter-searchEcosystems: maven
Packages: org.craftercms:crafter-search
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS02cjdjLTZ3OTYtOHB2d80ZPw
Remote Code Execution in AjaxNetProfessionalEcosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS13ZjVwLWY1eHItYzRqas0YRg
SQL Injection in rosariosisEcosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: flatbuffers
Source: GitHub Advisory Database
Blast Radius: 28.9
Published: almost 2 years ago
GSA_kwCzR0hTQS0zamNoLTlxZ3AtNDg0NM4AArrG
Generated code can read and write out of bounds in safe codeEcosystems: cargo
Packages: flatbuffers
Source: GitHub Advisory Database
Blast Radius: 28.9
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03Mmd4LXFxMm0tNnhyMs4AAiOT
Improper Control of Generation of Code in Jenkins Script Security PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: crypto-js
Source: GitHub Advisory Database
Blast Radius: 47.5
Published: 7 months ago
GSA_kwCzR0hTQS14d2NxLXBtOG0tYzR2Zs4AA2sP
crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standardEcosystems: npm
Packages: crypto-js
Source: GitHub Advisory Database
Blast Radius: 47.5
Published: 7 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-skin-resources
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS1td3hqLWc3ZnctN2hjOM4AAz_v
XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in restore templateEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-skin-resources
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
Ecosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS0zM3hoLXhjaDktcDZoas0XrQ
Incorrect Authorization in Apache OzoneEcosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: babel-laoder
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwNm0tanFmci0yZjd2
Malicious Package in babel-laoderEcosystems: npm
Packages: babel-laoder
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: com.starkbank:starkbank-ecdsa
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1yMjhoLXg2aHYtMmZxM80XJQ
Improper Verification of Cryptographic Signature in starkbank-ecdsaEcosystems: maven
Packages: com.starkbank:starkbank-ecdsa
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: iobroker.admin
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0eGotcTU4aC05eDU3
Arbitrary File Write in iobroker.adminEcosystems: npm
Packages: iobroker.admin
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @xmldom/xmldom, xmldom
Source: GitHub Advisory Database
Blast Radius: 55.2
Published: over 1 year ago
GSA_kwCzR0hTQS1jcmg2LWZwNjctNjg4M84AAvn0
xmldom allows multiple root nodes in a DOMEcosystems: npm
Packages: @xmldom/xmldom, xmldom
Source: GitHub Advisory Database
Blast Radius: 55.2
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
GSA_kwCzR0hTQS14OHgyLXdjMmgtd2M0OM4AAvV4
Missing rate limit on rdiffwebEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: cordova-plugin-china-picker
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg5Z20tcXhoaC1yZjc1
Malicious Package in cordova-plugin-china-pickerEcosystems: npm
Packages: cordova-plugin-china-picker
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: nuget
Packages: Halibut
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1ocGY3LTRjMmctOWNoZs0V-A
Remote Code Execution in HalibutEcosystems: nuget
Packages: Halibut
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.springframework.security:spring-security-config
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: 10 months ago
GSA_kwCzR0hTQS0zaDZmLWc1ZjMtZ2M0d84AA0zc
Access Control Bypass in Spring SecurityEcosystems: maven
Packages: org.springframework.security:spring-security-config
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: 10 months ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 9 months ago
GSA_kwCzR0hTQS1wcmdwLXc3dmYtY2g2Ms4AA1T_
LangChain vulnerable to arbitrary code executionEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: pipreqs
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: 11 months ago
GSA_kwCzR0hTQS12NGY0LTIzd2MtOTltaM4AA0KW
pipreqs vulnerable to Dependency ConfusionEcosystems: pypi
Packages: pipreqs
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: 11 months ago
Critical
Ecosystems: cargo
Packages: arr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM2eHctaGdmdi1qd203
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arrEcosystems: cargo
Packages: arr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: mozwire
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2aHctNHJ3Ny1qZnB2
Path traversal in mozwireEcosystems: cargo
Packages: mozwire
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: yottadb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk2NTgtYzI2di03cXZm
Use-after-free in yottadbEcosystems: cargo
Packages: yottadb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: about 1 year ago
GSA_kwCzR0hTQS1mcHJwLXA4NjktdzZxMs4AAyjJ
LangChain vulnerable to code injectionEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: webpack
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: about 1 year ago
GSA_kwCzR0hTQS1oYzZxLTJtcHAtcXc3as4AAyD3
Cross-realm object access in Webpack 5Ecosystems: npm
Packages: webpack
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: net.opentsdb:opentsdb
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: about 1 year ago
GSA_kwCzR0hTQS1oNDc1LTd2M2MtMjZxN84AAzEg
Command injection in OpenTSDBEcosystems: maven
Packages: net.opentsdb:opentsdb
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: com.enonic.xp:lib-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS00bTVwLTV3NXctM2pjZs4AAvTD
com.enonic.xp:lib-auth vulnerable to Session FixationEcosystems: maven
Packages: com.enonic.xp:lib-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: cargo
Packages: array-tools
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ3cDItZnczdi1tZm1j
Memory corruption in array-toolsEcosystems: cargo
Packages: array-tools
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1oaDMyLTczNDQtY2cyZs4AAgbh
Authorization bypass in Spring SecurityEcosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: ps
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmaGctOXg0NC03OGgy
ps Enables OS Command InjectionEcosystems: npm
Packages: ps
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: over 5 years ago
Critical
Ecosystems: go
Packages: tailscale.com
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: over 1 year ago
GSA_kwCzR0hTQS12cXA2LXJjM2gtODNjcM4AAv_L
Tailscale Windows daemon is vulnerable to RCE via CSRFEcosystems: go
Packages: tailscale.com
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS12cnI4LWZwN2MtN3FncM4AAyuu
org.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalationEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.jyaml:jyaml
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: almost 2 years ago
GSA_kwCzR0hTQS00cWhyLXE3d2YtOTR4cM4AAjpS
Deserialization of Untrusted Data in JYamlEcosystems: maven
Packages: org.jyaml:jyaml
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: rubyzip
Source: GitHub Advisory Database
Blast Radius: 57.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZxY3EtbXJtdy1tY21n
Rubyzip gem contains a Directory Traversal vulnerability in zip file componentEcosystems: rubygems
Packages: rubyzip
Source: GitHub Advisory Database
Blast Radius: 57.1
Published: over 5 years ago
Critical
Ecosystems: cargo
Packages: internment
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdwcHctM2g2aC12NnEy
Data race in internmentEcosystems: cargo
Packages: internment
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: cdr
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM3amotd3A3Zy03d2o0
Read of uninitialized memory in cdrEcosystems: cargo
Packages: cdr
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyNTItNGhxdy1wMjdm
Nokogiri does not forbid namespace nodes in XPointer rangesEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: over 5 years ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS04M2ZtLXc3OW0tNjRyNc4AAzCj
Remote file access vulnerability in `mlflow server` and `mlflow ui` CLIsEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: about 2 years ago
GSA_kwCzR0hTQS03NXA2LTUyZzMtcnFjOM1BLA
Keycloak vulnerable to privilege escalation on Token Exchange featureEcosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: https-proxy-agent
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThnN3AtNzRoOC1oZzQ4
Denial of Service in https-proxy-agentEcosystems: npm
Packages: https-proxy-agent
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: almost 6 years ago
Critical
Ecosystems: packagist
Packages: ezsystems/ezplatform-kernel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS04aDgzLWNoaDItZmNocM4AAv0g
eZ Platform users with the Company admin role can assign any role to any userEcosystems: packagist
Packages: ezsystems/ezplatform-kernel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.noear:solon
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: 11 months ago
GSA_kwCzR0hTQS03cThjLTQ5ZjQtNGM4cc4AAz61
Solon vulnerable to deserialization of untrusted dataEcosystems: maven
Packages: org.noear:solon
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: 11 months ago
Critical
Ecosystems: packagist
Packages: ezsystems/ezplatform-admin-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS01OGg1LWg1NTQtNDI5cc4AAv0Z
ezplatform-admin-ui vulnerable to Cross-Site Scripting (XSS)Ecosystems: packagist
Packages: ezsystems/ezplatform-admin-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: ibexa/graphql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zcDdnLXdyZ2ctd3E0Nc4AAv0Y
GraphQL queries can expose password hashesEcosystems: packagist
Packages: ibexa/graphql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/dexidp/dex
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: over 1 year ago
GSA_kwCzR0hTQS12aDdnLXAyNmMtajJjd84AAvJw
Dex vulnerable to Man-in-the-Middle allowing ID token capture via intercepted authorization codeEcosystems: go
Packages: github.com/dexidp/dex
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: pdfinfojs
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNweHAtNjk2My00NnI5
Command Injection in pdfinfojsEcosystems: npm
Packages: pdfinfojs
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: almost 6 years ago
Critical
Ecosystems: nuget
Packages: System.Text.Encodings.Web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdoaHAtOTk3dy1xcjI4
.NET Core Remote Code Execution VulnerabilityEcosystems: nuget
Packages: System.Text.Encodings.Web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVjNjYtdjI5aC14amg4
XSS Cross Site ScriptingEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
Critical
Ecosystems: pypi
Packages: scalyr-agent-2
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03Mzh4LXY0OWctcDZoeM4AAlwV
Scalyr Agent 2 Missing SSL Certificate ValidationEcosystems: pypi
Packages: scalyr-agent-2
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: nukeviet/nukeviet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMyd3ItOHd4bS04NTJj
Deserialization of Untrusted Data in NukeVietEcosystems: packagist
Packages: nukeviet/nukeviet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Critical
Ecosystems: packagist
Packages: apache-solr-for-typo3/solr
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: almost 2 years ago
GSA_kwCzR0hTQS03bTdnLWpxNG0tOTh3Nc4AAe6O
Apache Solr for TYPO3 (solr) extension is vulnerable to Insecure UnserializeEcosystems: packagist
Packages: apache-solr-for-typo3/solr
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-skin-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1oNHZwLTY5cjgtZ3ZqZ84AA0t7
org.xwiki.platform:xwiki-platform-skin-ui Eval Injection vulnerabilityEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-skin-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1jNnY1LXBmNjYteGZxOM4AA0tO
Froxlor vulnerable to Improper Encoding or Escaping of OutputEcosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
Ecosystems: npm
Packages: total4
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: almost 2 years ago
GSA_kwCzR0hTQS12Mjg3LTl3M3YteDVjNc4AAh-W
Total.js CMS RCE VulnerabilityEcosystems: npm
Packages: total4
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: almost 2 years ago
Statistics
Advisories: 18,752
Packages: 8,375
Repositories: 1,301
Ecosystems: 12
Packages: 8,375
Repositories: 1,301
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
34
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
org.jenkins-ci.main:jenkins-core
18
net.mingsoft:ms-mcms
18
salt
17
moodle/moodle
15
drupal/core
14
topthink/framework
13
com.liferay.portal:release.portal.bom
13
langchain
12
com.liferay.portal:release.dxp.bom
12
mlflow
12
org.apache.dubbo:dubbo
12
magento/core
11
org.apache.struts:struts2-core
11
apache-airflow
10
drupal/drupal
10
vm2
10
funadmin/funadmin
9
phpmyadmin/phpmyadmin
9
tensorflow
9
org.xwiki.platform:xwiki-platform-oldcore
9
froxlor/froxlor
8
paddlepaddle
8
org.jeecgframework.boot:jeecg-boot-common
8
rdiffweb
8
tensorflow-cpu
8
tensorflow-gpu
8
org.xwiki.platform:xwiki-platform-web-templates
8
shopware/platform
8
studio-42/elfinder
7
rusqlite
7
sequelize
7
ansible
7
gogs.io/gogs
7
symfony/symfony
7
org.xwiki.platform:xwiki-platform-administration-ui
7
github.com/argoproj/argo-cd
6
parse-server
6
thorsten/phpmyfaq
6
ezsystems/ezpublish-kernel
6
aaptjs
6
github.com/answerdev/answer
6
mercurial
5
centreon/centreon
5
shopware/core
5
org.jeecgframework.boot:jeecg-boot-parent
5
org.apache.shiro:shiro-core
5
org.jenkins-ci.plugins:script-security
5
org.apache.activemq:activemq-client
5
steal
5
Microsoft.ChakraCore
5
mautic/core
5
org.xwiki.commons:xwiki-commons-xml
5
nodebb
5
org.xwiki.platform:xwiki-platform-web
5
prestashop/prestashop
5
safe-eval
5
ckb
5
zendframework/zendframework
5
Pillow
5
django
5
org.apache.inlong:manager-pojo
5
realms-shim
4
calibreweb
4
github.com/grafana/grafana
4
hermes-engine
4
contao/core-bundle
4
org.apache.tomcat.embed:tomcat-embed-core
4
spree_auth_devise
4
pyload-ng
4
feehi/cms
4
librenms/librenms
4
PaddlePaddle
4
org.apache.openmeetings:openmeetings-parent
4
contao/contao
4
smallvec
4
code.gitea.io/gitea
4
org.cloudfoundry.identity:cloudfoundry-identity-server
4
Django
4
github.com/hashicorp/vault
4
nilsteampassnet/teampass
4
net.opentsdb:opentsdb
4
apache-airflow-providers-apache-hive
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
org.apache.inlong:manager-service
4
org.eclipse.jetty:jetty-server
4
org.jeecgframework.boot:jeecg-boot-base-core
4
swagger-ui
4
org.apache.kylin:kylin-server-base
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
github.com/usememos/memos
4
baserproject/basercms
4
openssl-src
4
safer-eval
4
nukeviet/nukeviet
4
org.apache.tapestry:tapestry-core
4
github.com/argoproj/argo-cd/v2
4
messagepack-rs
4
org.apache.solr:solr-parent
3
pimcore/pimcore
3
lmdb
3
org.richfaces:richfaces-core
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
org.xwiki.platform:xwiki-platform-panels-ui
3
github.com/hashicorp/nomad
3
publify_core
3
nvflare
3
org.jenkins-ci.plugins:active-directory
3
org.apache.logging.log4j:log4j-core
3
zendframework/zendframework1
3
showdoc/showdoc
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
ezsystems/ezplatform-kernel
3
org.apache.hadoop:hadoop-common
3
@openzeppelin/contracts-upgradeable
3
com.alibaba:dubbo
3
symfony/security-core
3
modoboa
3
log4j:log4j
3
org.apache.storm:storm
3
symfony/security
3
edu.stanford.nlp:stanford-corenlp
3
org.xwiki.platform:xwiki-platform-icon-ui
3
ro.pippo:pippo-core
3
com.hazelcast:hazelcast
3
org.keycloak:keycloak-core
3
org.apache.ozone:ozone-main
3
adodb/adodb-php
3
smarty/smarty
3
slpjs
3
strapi
3
dompdf/dompdf
3
browserify-shim
3
actix-web
3
mongoose
3
facade/ignition
3
org.apache.linkis:linkis
3
com.jflyfox:jflyfox_jfinal
3
codiad/codiad
3
jsrsasign
3
io.undertow:undertow-core
3
ibexa/core
3
org.apache.jmeter:ApacheJMeter
3
cobbler
3
org.springframework.security:spring-security-core
3
github.com/dexidp/dex
3
github.com/pterodactyl/wings
3
simplesamlphp/simplesamlphp
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
io.dataease:dataease-plugin-common
3
rubygems-update
3
org.apache.any23:apache-any23
3
org.apache.solr:solr-core
3
org.xwiki.platform:xwiki-platform-search-ui
3
xcb
3
phpmailer/phpmailer
3
github.com/rancher/rancher
3
craftcms/cms
3
francoisjacquet/rosariosis
3
ray
3
codeigniter4/framework
3
org.apache.dolphinscheduler:dolphinscheduler
3
nokogiri
3
typo3/cms
3
elefant/cms
3
impresscms/impresscms
3
org.apache.ignite:ignite-core
3
id-map
3
handlebars
3
tribalsystems/zenario
3
codeigniter/framework
3
feathers-sequelize
3
github.com/go-gitea/gitea
3
org.apache.inlong:manager-web
3
org.jeecgframework.boot:jeecg-boot-base
3
slp-validate
3
async-git
2
python-keystoneclient
2
org.apache.flume.flume-ng-sources:flume-jms-source
2
llama-index
2
eslint-config-eslint
2
org.apache.inlong:manager-dao
2
org.jenkins-ci.plugins:semantic-versioning-plugin
2
github.com/sap/cloud-security-client-go
2
org.apache.shiro:shiro-web
2
apache-superset
2
mathjs
2
github.com/crewjam/saml
2
alextselegidis/easyappointments
2
github.com/russellhaering/gosaml2
2
total4
2
org.apache.derby:derby
2
laravel/framework
2
org.apache.commons:commons-configuration2
2
org.xwiki.platform:xwiki-platform-attachment-ui
2
Radicale
2
com.hazelcast.jet:hazelcast-jet
2
vyper
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/saltstack/salt
14
https://github.com/apache/airflow
14
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/tensorflow/tensorflow
9
https://github.com/top-think/framework
9
https://github.com/funadmin/funadmin
9
https://github.com/django/django
9
https://github.com/langchain-ai/langchain
8
https://github.com/magento/magento2
8
https://github.com/apache/inlong
8
https://github.com/ikus060/rdiffweb
8
https://github.com/argoproj/argo-cd
7
https://github.com/gogs/gogs
7
https://github.com/go-gitea/gitea
7
https://github.com/python-pillow/Pillow
7
https://github.com/Studio-42/elFinder
7
https://github.com/apache/struts
7
https://github.com/sequelize/sequelize
7
https://github.com/rusqlite/rusqlite
7
https://github.com/ansible/ansible
7
https://github.com/answerdev/answer
6
https://github.com/symfony/symfony
6
https://github.com/shenzhim/aaptjs
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/parse-community/parse-server
6
https://github.com/shopware/platform
6
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/froxlor/froxlor
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/moodle/moodle
5
https://github.com/NodeBB/NodeBB
5
https://github.com/apache/activemq
5
https://github.com/stealjs/steal
5
https://github.com/PrestaShop/PrestaShop
5
https://github.com/dromara/hutool
5
https://github.com/nervosnetwork/ckb
5
https://github.com/keycloak/keycloak
5
https://github.com/apache/tomcat
5
https://github.com/otake84/messagepack-rs
4
https://github.com/cloudfoundry/uaa
4
https://github.com/hwchase17/langchain
4
https://github.com/janeczku/calibre-web
4
https://github.com/swagger-api/swagger-ui
4
https://github.com/liufee/cms
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/grafana/grafana
4
https://github.com/servo/rust-smallvec
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/usememos/memos
4
https://github.com/dompdf/dompdf
4
https://github.com/pippo-java/pippo
4
https://github.com/pyload/pyload
4
https://github.com/contao/contao
4
https://github.com/CVEProject/cvelist
4
https://github.com/spring-projects/spring-framework
4
https://github.com/centreon/centreon-archived
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/pimcore/pimcore
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/shopware/shopware
3
https://github.com/rancher/rancher
3
https://github.com/facebook/hermes
3
https://github.com/star7th/showdoc
3
https://github.com/pterodactyl/wings
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/facade/ignition
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/publify/publify
3
https://github.com/smarty-php/smarty
3
https://github.com/craftcms/cms
3
https://github.com/nukeviet/nukeviet
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/crewjam/saml
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/ADOdb/ADOdb
3
https://github.com/ibexa/core
3
https://github.com/rubygems/rubygems.org
3
https://github.com/andrewhickman/id-map
3
https://github.com/apache/camel
3
https://github.com/rubygems/rubygems
3
https://github.com/twisted/twisted
3
https://github.com/hazelcast/hazelcast
3
https://github.com/actix/actix-web
3
https://github.com/modoboa/modoboa
3
https://github.com/dwisiswant0/advisory
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/octobercms/october
3
https://github.com/denoland/deno
3
https://github.com/mautic/mautic
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/baserproject/basercms
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/dexidp/dex
3
https://github.com/github/securitylab
3
https://github.com/apache/shiro
3
https://github.com/neorazorx/facturascripts
3
https://github.com/kjur/jsrsasign
3
https://github.com/mbechler/marshalsec
3
https://github.com/jmrozanec/cron-utils
2
https://github.com/pytorch/serve
2
https://github.com/sjep/array
2
https://github.com/jfinal/jfinal
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/top-think/thinkphp
2
https://github.com/SAP/cloud-pysec
2
https://github.com/apache/kylin
2
https://github.com/TribalSystems/Zenario
2
https://github.com/totaljs/framework
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/ahdinosaur/set-in
2
https://github.com/kubernetes/kubernetes
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/MrSwitch/hello.js
2
https://github.com/ibexa/admin-ui
2
https://github.com/evmos/evmos
2
https://github.com/beego/beego
2
https://github.com/dominictarr/libnested
2
https://github.com/fluxcd/flux2
2
https://github.com/moby/buildkit
2
https://github.com/unshiftio/url-parse
2
https://github.com/sidorares/node-mysql2
2
https://github.com/noear/solon
2
https://github.com/h2database/h2database
2
https://github.com/firebase/php-jwt
2
https://github.com/netvl/acc_reader
2
https://github.com/rubyzip/rubyzip
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/rest-client/rest-client
2
https://github.com/hashicorp/go-getter
2
https://github.com/qcubed/qcubed
2
https://github.com/nats-io/jwt
2
https://github.com/getgrav/grav
2
https://github.com/rochacbruno/quokka
2
https://github.com/graphite-project/graphite-web
2
https://github.com/rails/rails
2
https://github.com/uasoft-indonesia/badaso
2
https://github.com/apache/flume
2
https://github.com/Froxlor/Froxlor
2
https://github.com/TogaTech/tEnvoy
2
https://github.com/PowerJob/PowerJob
2
https://github.com/Gerapy/Gerapy
2
https://github.com/rust-random/rand
2
https://github.com/hashicorp/nomad
2
https://github.com/vert-x3/vertx-web
2
https://github.com/apache/karaf
2
https://github.com/simplesamlphp/simplesamlphp
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/sparklemotion/nokogiri
2
https://gitlab.com/francoisjacquet/rosariosis
2
https://github.com/laurent22/joplin
2
https://github.com/dominictarr/event-stream
2
https://github.com/KnpLabs/snappy
2
https://github.com/apache/incubator-streampark
2
https://github.com/SAP/cloud-security-services-integration-library
2
https://github.com/skoranga/node-dns-sync
2
https://github.com/commenthol/safer-eval
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/dfinity/agent-js
2
https://github.com/jaw187/node-traceroute
2
https://github.com/WWBN/AVideo
2
https://github.com/markevans/dragonfly
2
https://github.com/nilsteampassnet/TeamPass
2
https://github.com/soketi/soketi
2
https://github.com/line/armeria
2
https://github.com/gofiber/fiber
2
https://github.com/joomla/joomla-cms
2
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
2
https://github.com/google/flatbuffers
2
https://github.com/benbusby/whoogle-search
2
https://github.com/gventuri/pandas-ai
2
https://github.com/nodejs/llhttp
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/Automattic/mongoose
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/hashicorp/vault
2
https://github.com/ionicabizau/parse-url
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/keystonejs/keystone
2