Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: packagist
Packages: facturascripts/facturascripts
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1wM3czLTRwcG0tYzNmNs1Btg
Cross site scripting in FacturaScriptsEcosystems: packagist
Packages: facturascripts/facturascripts
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: cargo
Packages: arr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZodmotN2Y5cC13Nzg4
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arrEcosystems: cargo
Packages: arr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.hyperledger.besu:evm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS00NDU2LXczOHItbTUzeM4AAvAa
Besu VM vulnerable to gas allocation error in CALL operationsEcosystems: maven
Packages: org.hyperledger.besu:evm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.inlong:inlong
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS0yMmo0LXFjNDgtajhmOM4AAxUh
Apache InLong vulnerable to Deserialization of Untrusted Data vulnerabilityEcosystems: maven
Packages: org.apache.inlong:inlong
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS1jcDNqLTI3M3gtM2p4Y84AA329
XSS/CSRF Remote Code Execution in XWiki.ConfigurableClassEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS1xNzNmLXczaDctN3djY84AA5Cr
Nervos CKB Transaction which calls syscall load_cell_data_hash has nondeterministic resultEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
Ecosystems: packagist
Packages: alextselegidis/easyappointments
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1yNmNtLXdnNDgtcmgycs0xCw
Exposure of Private Personal Information to an Unauthorized Actor in alextselegidis/easyappointmentsEcosystems: packagist
Packages: alextselegidis/easyappointments
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:semantic-versioning-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oOHA4LTYzNzgtNjQ5cM4AAxJ1
XML external entity reference vulnerability on agents in Jenkins Semantic Versioning PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:semantic-versioning-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.pinot:pinot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xajlwLWp2bXctODJyaM4AAvB5
Apache Pinot has Groovy Function support enabled by defaultEcosystems: maven
Packages: org.apache.pinot:pinot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: ecodev/newsletter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhxbTItZ3dxZi1yNWc1
SQL injection in TYPO3 extensionEcosystems: packagist
Packages: ecodev/newsletter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: go
Packages: github.com/evmos/evmos/v11
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
GSA_kwCzR0hTQS12NnJ3LWhoZ2ctd2M0eM4AA7I5
Evmos vulnerable to DOS and transaction fee expropiation through Authz exploitEcosystems: go
Packages: github.com/evmos/evmos/v11
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Critical
Ecosystems: maven
Packages: com.enonic.xp:lib-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS00aHJwLW0zZjItNjQzas4AA4lt
Session fixation in Enonic XPEcosystems: maven
Packages: com.enonic.xp:lib-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zcHF2LTZwbTMtZzQ2as4AArjO
SQL Injection in RosarioSISEcosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: coinstirng
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZmNmctZ205Mi1yZjMy
Malicious Package in coinstirngEcosystems: npm
Packages: coinstirng
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: coinstrng
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhqNXcteGd3OS13NHJq
Malicious Package in coinstrngEcosystems: npm
Packages: coinstrng
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: commanedr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjZ3gtMjdxNS03NjM0
Malicious Package in commanedrEcosystems: npm
Packages: commanedr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: wallet-address-validtaor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBjN3EtYzgzNy0zd2px
Malicious Package in wallet-address-validtaorEcosystems: npm
Packages: wallet-address-validtaor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: go
Packages: github.com/prasmussen/glot-code-runner
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12ajk1LTJmOXEteDdoNs4AAhFI
glot-code-runner RCEEcosystems: go
Packages: github.com/prasmussen/glot-code-runner
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1jNDQyLTMyNzgtcmhyZ80Vqg
Unrestricted File Upload in ShowDoc v2.9.5Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.any23:apache-any23
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05OXB4LTc3MjQtNDg0ds0VvQ
Remote Code Execution in Any23Ecosystems: maven
Packages: org.apache.any23:apache-any23
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS14NzY0LWZmOHItOWhweM4AAy56
XWiki Platform vulnerable to code injection in display method used in user profilesEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01OHhtLW14amYtMjU0Z84AAqkM
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: nonfiction/nterchange
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jcDJwLTZ4aDQtam1jcM4AAws8
nterchange Code Injection vulnerabilityEcosystems: packagist
Packages: nonfiction/nterchange
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.codehaus.mevenide:netbeans
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03YzJtLXZ3eHctNXF3d84AArEo
Improper Certificate Validation in Apache NetbeansEcosystems: maven
Packages: org.codehaus.mevenide:netbeans
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:mstest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zcHByLTcyeDUteDY3cc4AAxKF
XML external entity vulnerability on agents in Jenkins MSTest PluginEcosystems: maven
Packages: org.jvnet.hudson.plugins:mstest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: modlibrary
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk0bTctdzg3My02d3dm
Malicious Package in modlibraryEcosystems: npm
Packages: modlibrary
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1oZzV4LTN3M3gtN2c5Ns4AAy5v
xwiki-platform-web-templates vulnerable to Eval InjectionEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.folio:mod-data-export-spring
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS05cmhxLTg2Zm0tcXhxY84AA4l0
Hard-coded credentials in org.folio:mod-data-export-springEcosystems: maven
Packages: org.folio:mod-data-export-spring
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
Ecosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS03cG1oLThxamotNHEzNs4AAx_c
SQL Injection in FunadminEcosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: magento/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zMzdjLTNyY2gtcTM1as4AAlcG
Magento php object injection vulnerabilityEcosystems: packagist
Packages: magento/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: rg.mule.modules:mule-apikit-module
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qZmZxLTUyOGotbXA2Y84AAkE8
Improper Restriction of XML External Entity Reference in Mulesoft APIkitEcosystems: maven
Packages: rg.mule.modules:mule-apikit-module
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: billz/raspap-webgui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS03YzI4LXdnN3ItcGc2Zs4AA0-u
RaspAP Command Injection vulnerabilityEcosystems: packagist
Packages: billz/raspap-webgui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.mule.runtime:mule
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jdmNmLXc3NWMtZ3c1cs4AAiY8
Mulesoft Mule Unsafe DeserializationEcosystems: maven
Packages: org.mule.runtime:mule
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-solr-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 22 days ago
GSA_kwCzR0hTQS14bTRoLTNqeHItbTNjNs4AA63r
XWiki Platform: Remote code execution through space title and Solr space facetEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-solr-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 22 days ago
Critical
Ecosystems: npm
Packages: hdkye
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThwd3gtajRyNi01djM4
Malicious Package in hdkyeEcosystems: npm
Packages: hdkye
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS01bWY4LXY0M3ctbWZ4cM4AA1aV
XWiki Platform privilege escalation (PR) from account through AWM content fieldsEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-scheduler-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 22 days ago
GSA_kwCzR0hTQS0zN200LWhxeHYtdzI2Z84AA63t
XWiki Platform CSRF remote code execution through scheduler job's document referenceEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-scheduler-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 22 days ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-logging-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS00NjU1LXdoN3YtM3ZtZ84AAyus
org.xwiki.platform:xwiki-platform-logging-ui Eval Injection vulnerabilityEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-logging-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1oZ3B3LTZwNGgtajZoNc4AA2-W
XWiki Platform vulnerable to remote code execution via the edit action because it lacks CSRF tokenEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
Ecosystems: packagist
Packages: zoujingli/thinkadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xdjVqLXJ3cTMtbTgyM84AAQF5
ThinkAdmin Administrator cookies still working after password changeEcosystems: packagist
Packages: zoujingli/thinkadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: zoujingli/thinkadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00dnAyLW1qNG0tNjltNM4AAnMZ
ThinkAdmin insecure unserialize vulnerabilityEcosystems: packagist
Packages: zoujingli/thinkadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: QuantConnect.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13dzdyLTI3OGgtNDhtaM4AAm33
QuantConnect Lean vulnerable to insecure deserializationEcosystems: nuget
Packages: QuantConnect.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: alextselegidis/easyappointments
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS0zNDdmLXJ4ZzgtcWdyds4AAx_5
Easy!Appointments uses hard-coded credentialsEcosystems: packagist
Packages: alextselegidis/easyappointments
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: com.thalesgroup.jenkins-ci.plugins:cccc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1mM2dqLWh2djQtZjU3ds4AAv5G
XML External Entity Reference in Jenkins CCCC PluginEcosystems: maven
Packages: com.thalesgroup.jenkins-ci.plugins:cccc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.ohdsi:WebAPI
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0yY2h2LTg3d2otcGp2Ms4AAh4U
OHDSI WebAPI vulnerable to SQL InjectionEcosystems: maven
Packages: org.ohdsi:WebAPI
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: nukeviet/nukeviet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0cXYtZm13Yy1xeHB4
SQL Injection in NukeVietEcosystems: packagist
Packages: nukeviet/nukeviet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1yajdwLXhqdjctNzIyOc4AA4Qj
XWiki Remote Code Execution Vulnerability via User RegistrationEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Critical
Ecosystems: nuget
Packages: Autoupdater.NET.Official
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03NXAyLWhndzQtZzdmN84AAj_X
AutoUpdater.NET allows XXEEcosystems: nuget
Packages: Autoupdater.NET.Official
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: Nancy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1teDNxLWoyZzItNXF4cc4AAbIQ
Deserialization of Untrusted Data in NancyFX NancyEcosystems: nuget
Packages: Nancy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.linkis:linkis-datasource
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1ycmhmLTMycnEtZjI4aM4AAyo_
Apache Linkis DatasourceManager module has deserialization vulnerabilityEcosystems: maven
Packages: org.apache.linkis:linkis-datasource
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: rubygems
Packages: md2pdf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk5Y2gtOG12cC1nN201
md2pdf allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filenameEcosystems: rubygems
Packages: md2pdf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
Critical
Ecosystems: go
Packages: github.com/sjqzhang/go-fastdfs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS14cTN4LWdycmotZmo2eM4AAyf6
sjqzhang go-fastdfs vulnerable to path traversalEcosystems: go
Packages: github.com/sjqzhang/go-fastdfs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS02cmZ2LWg1djgtY2o3Z84AAyfK
jeecg-boot vulnerable to improper authenticationEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: tech.powerjob:powerjob
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS05bWg5LTQ0cTMtdjc5eM4AAy5F
PowerJob vulnerable to remote code executionEcosystems: maven
Packages: tech.powerjob:powerjob
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:TestComplete
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1nNW1qLWMyNmctdm1wbc4AAxJx
XML Entity Expansion in Jenkins TestComplete support PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:TestComplete
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04eGc0LXhxMnYtdjZqN84AAqkL
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13Znc3LTY2MzIteGN2Ms4AAQzZ
Jenkins CLI Deserialization of Untrusted Data vulnerabilityEcosystems: maven
Packages: org.jenkins-ci.main:cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS0zdzVoLXg0cmgtaGMyOM0Xmg
Exposure of sensitive information in Apache OzoneEcosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS04NmZoLWo1OG0tN3BmNc0XvA
Improper Privilege Management in Apache OzoneEcosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: com.github:hyavijava
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS14aGd4LTc5NzQtYzh2Ns4AA4C7
hyavijava stack overflow vulnerabilityEcosystems: maven
Packages: com.github:hyavijava
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS03NjU0LXZmaDYtcnc2eM4AA328
Remote code execution from account through SearchAdminEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: npm
Packages: ripmed160
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdtanAtNzc2ai0yMzk0
Malicious Package in ripmed160Ecosystems: npm
Packages: ripmed160
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: go
Packages: github.com/sap/cloud-security-client-go
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS05MmNnLWdocTYtOTU4N84AA3r1
Privilege escalation in sap/cloud-security-client-goEcosystems: go
Packages: github.com/sap/cloud-security-client-go
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: maven
Packages: org.apache.streampark:streampark
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS1xZzQ0LXhxd2otd2MyOM4AA32H
Apache StreamPark: Authenticated system users could trigger remote command executionEcosystems: maven
Packages: org.apache.streampark:streampark
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: maven
Packages: org.opencastproject:opencast-ingest-service-impl
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS01OWc0LWhwZzMtM2djcM0bQw
Files Accessible to External Parties in OpencastEcosystems: maven
Packages: org.opencastproject:opencast-ingest-service-impl
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: go
Packages: github.com/sap/cloud-security-client-go
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS1tOHJ3LXJjcHEtMnZwMs4AA3uk
Improper Privilege Management in github.com/sap/cloud-security-client-goEcosystems: go
Packages: github.com/sap/cloud-security-client-go
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: maven
Packages: org.apache.shardingsphere:shardingsphere-proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS13bXhtLTZ3eGMtM3hxZs4AAwgk
Apache ShardingSphere-Proxy Incomplete Cleanup vulnerabilityEcosystems: maven
Packages: org.apache.shardingsphere:shardingsphere-proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: sailclothjs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01cGYtNTg5NC1qbXg3
Malicious Package in sailclothjsEcosystems: npm
Packages: sailclothjs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: scrytsy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ2N2ctcGp3OS00cWo5
Malicious Package in scrytsyEcosystems: npm
Packages: scrytsy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: actions
Packages: afichet/openexr-viewer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS05OWpnLXIzZjQtcnB4as4AA3ss
memory overflow vulnerability in OpenEXR-viewerEcosystems: actions
Packages: afichet/openexr-viewer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: packagist
Packages: wwbn/avideo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS13cWNjLXFmNjMtYzJ4NM4AA4Vv
WWBN AVideo Insufficient Entropy vulnerbailityEcosystems: packagist
Packages: wwbn/avideo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Critical
Ecosystems: maven
Packages: io.github.microcks:microcks
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS1ncWoyLTMyNHAtdng3M84AA3hv
Microcks contains a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/downloadEcosystems: maven
Packages: io.github.microcks:microcks
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: go
Packages: github.com/keep-network/keep-ecdsa
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1ncDZqLXZ4NTQtNXBtZs0guA
Incorrect validation of parties IDs leaks secret keys in Secret-sharing schemeEcosystems: go
Packages: github.com/keep-network/keep-ecdsa
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: onionshare-cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS03ZzQ3LXh4ZmYtOXA4Nc0WIA
Remote unauthenticated attackers able to upload files in OnionshareEcosystems: pypi
Packages: onionshare-cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS14cjZtLTJwNG0tanZxZs4AAu1d
XWiki Platform Wiki UI Main Wiki Eval Injection vulnerabilityEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:active-directory
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04d2N3LWN3MmYtaDRnMs4AAmgA
Improper Authentication (empty password) in Jenkins Active Directory PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:active-directory
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: go
Packages: github.com/clastix/capsule-proxy, github.com/projectcapsule/capsule-proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS1mcHZ3LTZtNXYtaHFmcM4AA3W4
Capsule Proxy Authentication bypass using an empty tokenEcosystems: go
Packages: github.com/clastix/capsule-proxy, github.com/projectcapsule/capsule-proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.contrib:xwiki-application-admintools
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS04anByLWZmOTItaHBmOc4AA3RO
Run Shell Command allows Cross-Site Request ForgeryEcosystems: maven
Packages: org.xwiki.contrib:xwiki-application-admintools
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: go
Packages: github.com/layer5io/meshery
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS05ampjLWdyZzUtNjdnas4AA3W2
SQL injection vulnerability in MesheryEcosystems: go
Packages: github.com/layer5io/meshery
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: actions
Packages: tj-actions/branch-names
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS04djh3LXY4eGctNzlyZs4AA3lB
tj-actions/branch-names's Improper Sanitization of Branch Name Leads to Arbitrary Code InjectionEcosystems: actions
Packages: tj-actions/branch-names
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-skin-resources
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1qOXJjLXczd3YtZnY2Ms4AA2_R
XWiki Platform vulnerable to reflected cross-site scripting through revision parameter in content menuEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-skin-resources
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-display-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1ybXh3LWM0OGgtMnZmNc4AA2-Y
XWiki Platform privilege escalation from script right to programming right through title displayerEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-display-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration, org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS02MnByLXFxZjctaGg4Oc4AA2_Q
XWiki Platform vulnerable to remote code execution through the section parameter in Administration as guestEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration, org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
Ecosystems: go
Packages: github.com/couchbase/sync_gateway
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc2MjItcjYzNi1xZnFo
SQL Injection in Couchbase Sync GatewayEcosystems: go
Packages: github.com/couchbase/sync_gateway
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: hashbrown-cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00Z2p2LTVqanAtcmNnaM4AAjQE
HashBrown CMS RCEEcosystems: npm
Packages: hashbrown-cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: wallet-address-vaildator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02cTItOXBmbS0yd3Zy
Malicious Package in wallet-address-vaildatorEcosystems: npm
Packages: wallet-address-vaildator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1naGY2LTJmNDItbWpoOc4AA2sK
XWiki users can be tricked to execute scripts as the create page action doesn't display the page's titleEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
Ecosystems: packagist
Packages: nukeviet/nukeviet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tOGp4LW14ZjktMnJwd84AApWC
NukeViet SQL Injection vulnerabilityEcosystems: packagist
Packages: nukeviet/nukeviet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: nukeviet/nukeviet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04NGdmLXJ3MjQtcGZxZ84AApV-
NukeViet SQL Injection vulnerability via topicsid parameterEcosystems: packagist
Packages: nukeviet/nukeviet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.opencrx:opencrx-client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1xNzRmLXJmMjctOGh4Y84AA2zZ
OpenCRX allows a remote attacker to execute arbitrary code via a crafted requestEcosystems: maven
Packages: org.opencrx:opencrx-client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
Ecosystems: packagist
Packages: elijaa/phpmemcacheadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS04cWZtLWg4cmgtaDNyN84AA3b4
PHPMemcachedAdmin Path Traversal vulnerabilityEcosystems: packagist
Packages: elijaa/phpmemcacheadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS02ZjlnLWN4d3ItcTVqcs4AA4qu
Arbitrary file read vulnerability through the Jenkins CLI can lead to RCEEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
Ecosystems: maven
Packages: org.apache.cocoon:cocoon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS03N2pnLWNwdzktNzN2Z84AA3bl
Apache Cocoon Improper Restriction of XML External Entity Reference vulnerabilityEcosystems: maven
Packages: org.apache.cocoon:cocoon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: npm
Packages: sonatype
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc4ZmgtcHZxMi14OGM0
Malicious npm package: sonatypeEcosystems: npm
Packages: sonatype
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS1xajg2LXA3NHItN3dwNc4AA32-
Remote code execution/programming rights with configuration section from any user accountEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Critical
Ecosystems: npm
Packages: discord_debug_log
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV4OHEtZ2o2Ny1yaGYy
Malicious Package in discord_debug_logEcosystems: npm
Packages: discord_debug_log
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-web-standard, org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1ncjgyLThmajItZ2djM84AA2sJ
XWiki Platform XSS vulnerability from account in the create page form via template providerEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-web-standard, org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0yYzc5LWgyaDUtZzNmd84AAqj1
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: @seal-security/mongoose-fixed
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1yYzR2LTk5Y3ItcGpjbc4AA2gY
Prototype Pollution in ali-security/mongooseEcosystems: npm
Packages: @seal-security/mongoose-fixed
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
Ecosystems: pypi
Packages: consoleme
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS03NHczLTJyNzctZnc1aM031A
Use of Externally-Controlled Format String in consolemeEcosystems: pypi
Packages: consoleme
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Statistics
Advisories: 18,312
Packages: 8,276
Repositories: 1,286
Ecosystems: 12
Packages: 8,276
Repositories: 1,286
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
27
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
net.mingsoft:ms-mcms
18
org.jenkins-ci.main:jenkins-core
18
salt
16
moodle/moodle
15
com.liferay.portal:release.portal.bom
13
com.liferay.portal:release.dxp.bom
12
langchain
12
org.apache.dubbo:dubbo
12
topthink/framework
12
mlflow
12
org.apache.struts:struts2-core
11
drupal/core
11
magento/core
11
apache-airflow
10
vm2
10
phpmyadmin/phpmyadmin
9
org.xwiki.platform:xwiki-platform-oldcore
9
funadmin/funadmin
9
tensorflow
9
shopware/platform
8
paddlepaddle
8
org.jeecgframework.boot:jeecg-boot-common
8
org.xwiki.platform:xwiki-platform-web-templates
8
rdiffweb
8
tensorflow-cpu
8
drupal/drupal
8
tensorflow-gpu
8
studio-42/elfinder
7
symfony/symfony
7
gogs.io/gogs
7
froxlor/froxlor
7
ansible
7
org.xwiki.platform:xwiki-platform-administration-ui
7
sequelize
7
rusqlite
7
github.com/answerdev/answer
6
parse-server
6
thorsten/phpmyfaq
6
github.com/argoproj/argo-cd
6
aaptjs
6
ezsystems/ezpublish-kernel
6
safe-eval
5
django
5
org.jeecgframework.boot:jeecg-boot-parent
5
mercurial
5
org.apache.tomcat.embed:tomcat-embed-core
5
centreon/centreon
5
org.jenkins-ci.plugins:script-security
5
steal
5
nodebb
5
Microsoft.ChakraCore
5
shopware/core
5
Pillow
5
org.xwiki.commons:xwiki-commons-xml
5
org.xwiki.platform:xwiki-platform-web
5
zendframework/zendframework
5
org.apache.activemq:activemq-client
5
org.apache.inlong:manager-pojo
5
org.apache.shiro:shiro-core
5
ckb
5
org.cloudfoundry.identity:cloudfoundry-identity-server
4
spree_auth_devise
4
net.opentsdb:opentsdb
4
apache-airflow-providers-apache-hive
4
librenms/librenms
4
nilsteampassnet/teampass
4
github.com/usememos/memos
4
pyload-ng
4
org.apache.tapestry:tapestry-core
4
org.eclipse.jetty:jetty-server
4
smallvec
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
code.gitea.io/gitea
4
github.com/hashicorp/vault
4
realms-shim
4
safer-eval
4
nukeviet/nukeviet
4
baserproject/basercms
4
org.jeecgframework.boot:jeecg-boot-base-core
4
hermes-engine
4
org.apache.kylin:kylin-server-base
4
swagger-ui
4
PaddlePaddle
4
calibreweb
4
org.apache.inlong:manager-service
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
prestashop/prestashop
4
contao/core-bundle
4
contao/contao
4
messagepack-rs
4
github.com/argoproj/argo-cd/v2
4
org.apache.openmeetings:openmeetings-parent
4
Django
4
openssl-src
4
feehi/cms
4
@openzeppelin/contracts-upgradeable
3
nvflare
3
org.jenkins-ci.plugins:active-directory
3
browserify-shim
3
mongoose
3
org.apache.hadoop:hadoop-common
3
org.keycloak:keycloak-core
3
org.apache.logging.log4j:log4j-core
3
edu.stanford.nlp:stanford-corenlp
3
mautic/core
3
org.springframework.security:spring-security-core
3
com.alibaba:dubbo
3
rubygems-update
3
com.hazelcast:hazelcast
3
org.xwiki.platform:xwiki-platform-icon-ui
3
craftcms/cms
3
showdoc/showdoc
3
symfony/security
3
org.apache.linkis:linkis
3
elefant/cms
3
ro.pippo:pippo-core
3
org.apache.inlong:manager-web
3
symfony/security-core
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
ezsystems/ezplatform-kernel
3
publify_core
3
lmdb
3
strapi
3
phpmailer/phpmailer
3
org.apache.storm:storm
3
com.jflyfox:jflyfox_jfinal
3
jsrsasign
3
ibexa/core
3
github.com/rancher/rancher
3
cobbler
3
codeigniter4/framework
3
org.xwiki.platform:xwiki-platform-panels-ui
3
slpjs
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
github.com/dexidp/dex
3
pimcore/pimcore
3
facade/ignition
3
id-map
3
dompdf/dompdf
3
typo3/cms
3
zendframework/zendframework1
3
org.apache.dolphinscheduler:dolphinscheduler
3
tribalsystems/zenario
3
log4j:log4j
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
slp-validate
3
org.xwiki.platform:xwiki-platform-search-ui
3
org.apache.ignite:ignite-core
3
org.jeecgframework.boot:jeecg-boot-base
3
modoboa
3
codiad/codiad
3
francoisjacquet/rosariosis
3
io.dataease:dataease-plugin-common
3
github.com/hashicorp/nomad
3
feathers-sequelize
3
github.com/pterodactyl/wings
3
github.com/go-gitea/gitea
3
org.apache.ozone:ozone-main
3
xcb
3
org.apache.solr:solr-parent
3
handlebars
3
org.apache.any23:apache-any23
3
ray
3
smarty/smarty
3
impresscms/impresscms
3
nokogiri
3
actix-web
3
io.undertow:undertow-core
3
org.apache.jmeter:ApacheJMeter
3
org.apache.solr:solr-core
3
org.richfaces:richfaces-core
3
github.com/apache/trafficcontrol
2
net.bull.javamelody:javamelody-core
2
zendframework/zend-db
2
nystudio107/craft-seomatic
2
pyyaml
2
pyrocms/pyrocms
2
total4
2
org.xwiki.platform:xwiki-platform-scheduler-ui
2
pandasai
2
flatmap-stream
2
com.h2database:h2
2
wwbn/avideo
2
url-parse
2
xmlhttprequest-ssl
2
puma
2
stack_dst
2
activerecord
2
electron
2
typo3/phar-stream-wrapper
2
org.apache.rocketmq:rocketmq-namesrv
2
org.apache.shiro:shiro-web
2
locutus
2
acc_reader
2
apache-superset
2
org.springframework.amqp:spring-amqp
2
github.com/crewjam/saml
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/apache/airflow
14
https://github.com/saltstack/salt
14
https://github.com/PaddlePaddle/Paddle
11
https://github.com/mlflow/mlflow
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/funadmin/funadmin
9
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/tensorflow/tensorflow
9
https://github.com/django/django
8
https://github.com/top-think/framework
8
https://github.com/apache/inlong
8
https://github.com/magento/magento2
8
https://github.com/langchain-ai/langchain
8
https://github.com/ikus060/rdiffweb
8
https://github.com/gogs/gogs
7
https://github.com/ansible/ansible
7
https://github.com/python-pillow/Pillow
7
https://github.com/apache/struts
7
https://github.com/sequelize/sequelize
7
https://github.com/go-gitea/gitea
7
https://github.com/Studio-42/elFinder
7
https://github.com/rusqlite/rusqlite
7
https://github.com/argoproj/argo-cd
7
https://github.com/shenzhim/aaptjs
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/shopware/platform
6
https://github.com/parse-community/parse-server
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/answerdev/answer
6
https://github.com/symfony/symfony
6
https://github.com/apache/tomcat
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/stealjs/steal
5
https://github.com/keycloak/keycloak
5
https://github.com/froxlor/froxlor
5
https://github.com/nervosnetwork/ckb
5
https://github.com/NodeBB/NodeBB
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/apache/activemq
5
https://github.com/moodle/moodle
5
https://github.com/pippo-java/pippo
4
https://github.com/PrestaShop/PrestaShop
4
https://github.com/swagger-api/swagger-ui
4
https://github.com/hwchase17/langchain
4
https://github.com/cloudfoundry/uaa
4
https://github.com/usememos/memos
4
https://github.com/contao/contao
4
https://github.com/dromara/hutool
4
https://github.com/liufee/cms
4
https://github.com/janeczku/calibre-web
4
https://github.com/dompdf/dompdf
4
https://github.com/otake84/messagepack-rs
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/CVEProject/cvelist
4
https://github.com/servo/rust-smallvec
4
https://github.com/spring-projects/spring-framework
4
https://github.com/pyload/pyload
4
https://github.com/dwisiswant0/advisory
3
https://github.com/kjur/jsrsasign
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/cobbler/cobbler
3
https://github.com/centreon/centreon-archived
3
https://github.com/apache/shiro
3
https://github.com/shopware/shopware
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/smarty-php/smarty
3
https://github.com/opencast/opencast
3
https://github.com/modoboa/modoboa
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/baserproject/basercms
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/simpleledger/slpjs
3
https://github.com/octobercms/october
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/ibexa/core
3
https://github.com/twisted/twisted
3
https://github.com/hazelcast/hazelcast
3
https://github.com/mbechler/marshalsec
3
https://github.com/denoland/deno
3
https://github.com/facebook/hermes
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/rubygems/rubygems.org
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/github/securitylab
3
https://github.com/rubygems/rubygems
3
https://github.com/crewjam/saml
3
https://github.com/facade/ignition
3
https://github.com/actix/actix-web
3
https://github.com/publify/publify
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/apache/camel
3
https://github.com/strapi/strapi
3
https://github.com/dexidp/dex
3
https://github.com/rancher/rancher
3
https://github.com/star7th/showdoc
3
https://github.com/andrewhickman/id-map
3
https://github.com/pterodactyl/wings
3
https://github.com/pimcore/pimcore
3
https://github.com/craftcms/cms
3
https://github.com/nukeviet/nukeviet
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/neorazorx/facturascripts
3
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/ahdinosaur/set-in
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/totaljs/framework
2
https://github.com/rest-client/rest-client
2
https://github.com/TribalSystems/Zenario
2
https://github.com/apache/kylin
2
https://github.com/hashicorp/go-getter
2
https://github.com/qcubed/qcubed
2
https://github.com/SAP/cloud-pysec
2
https://github.com/nats-io/jwt
2
https://github.com/top-think/thinkphp
2
https://github.com/getgrav/grav
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/javamelody/javamelody
2
https://github.com/ADOdb/ADOdb
2
https://github.com/rochacbruno/quokka
2
https://github.com/ionicabizau/parse-url
2
https://github.com/hashicorp/vault
2
https://github.com/noear/solon
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/netvl/acc_reader
2
https://github.com/Automattic/mongoose
2
https://github.com/jfinal/jfinal
2
https://github.com/rubyzip/rubyzip
2
https://github.com/jmrozanec/cron-utils
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/sjep/array
2
https://github.com/nodejs/llhttp
2
https://github.com/pytorch/serve
2
https://github.com/benbusby/whoogle-search
2
https://github.com/gventuri/pandas-ai
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/google/flatbuffers
2
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
2
https://github.com/dfinity/agent-js
2
https://github.com/jaw187/node-traceroute
2
https://github.com/WWBN/AVideo
2
https://github.com/gofiber/fiber
2
https://github.com/markevans/dragonfly
2
https://github.com/line/armeria
2
https://github.com/nilsteampassnet/TeamPass
2
https://github.com/graphite-project/graphite-web
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jenkinsci/script-security-plugin
2
https://github.com/mautic/mautic
2
https://github.com/web2py/web2py
2
https://github.com/kubernetes/kubernetes
2
https://github.com/js-data/js-data
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/scalyr/scalyr-agent-2
2
https://github.com/ibexa/admin-ui
2
https://github.com/Kozea/Radicale
2
https://github.com/beego/beego
2
https://github.com/MrSwitch/hello.js
2
https://github.com/evmos/evmos
2
https://github.com/moby/buildkit
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/puma/puma
2
https://github.com/unshiftio/url-parse
2
https://github.com/dominictarr/libnested
2
https://github.com/fluxcd/flux2
2
https://github.com/http4s/http4s
2
https://github.com/sidorares/node-mysql2
2
https://github.com/neo4j-contrib/neo4j-apoc-procedures
2
https://github.com/keystonejs/keystone
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/h2database/h2database
2
https://github.com/soketi/soketi
2
https://github.com/SAP/cloud-security-services-integration-library
2
https://github.com/KnpLabs/snappy
2
https://github.com/michaelschwarz/Ajax.NET-Professional
2
https://github.com/uasoft-indonesia/badaso
2
https://github.com/apache/flume
2
https://github.com/apache/dubbo
2
https://github.com/gnzlbg/slice_deque
2
https://github.com/alextselegidis/easyappointments
2
https://github.com/apache/submarine
2
https://github.com/kujirahand/nadesiko3
2
https://github.com/apache/karaf
2
https://github.com/centreon/centreon
2
https://github.com/Codiad/Codiad
2
https://github.com/folio-org/mod-data-export-spring
2
https://github.com/TogaTech/tEnvoy
2