Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: npm
Packages: squel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRxaHgtZzl3cC1nOW02
Failure to sanitize quotes which can lead to sql injection in squelEcosystems: npm
Packages: squel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Critical
Ecosystems: npm
Packages: localeval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tcXYtbTQ1aC1xMmhw
Sandbox Breakout / Arbitrary Code Execution in localevalEcosystems: npm
Packages: localeval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: doctrine/orm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 days ago
GSA_kwCzR0hTQS02cTl2LTRocTYtNW02N84AA8G_
Doctrine SQL injection vulnerabilityEcosystems: packagist
Packages: doctrine/orm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 days ago
Critical
Ecosystems: npm
Packages: dns-sync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE1cHEtcGdydi1maDg5
dns-sync command injection vulnerabilityEcosystems: npm
Packages: dns-sync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: geoheat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAzMmctMjQyYy03Nmgz
Malicious Package in geoheatEcosystems: npm
Packages: geoheat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: m-backdoor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ2NTItM21ycC00NTVt
Malicious Package in m-backdoorEcosystems: npm
Packages: m-backdoor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: bestzip
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRxcWMtbXA1Zi1jY3Y0
Command Injection in bestzipEcosystems: npm
Packages: bestzip
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @soketi/soketi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS0ydzhnLW01ajgtN204N80hSQ
Zalgo-like output that crashes the serverEcosystems: npm
Packages: @soketi/soketi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: ibexa/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1ndmo4LTRjajQtaDc3Ns1RFA
Object state limitation has no effectEcosystems: packagist
Packages: ibexa/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: flood
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI1ODctN2poMi00cXIz
Server secret was included in static assets and served to clientsEcosystems: npm
Packages: flood
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: leaflet-gpx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqYzktOTMyeC1jNTlw
Malicious Package in leaflet-gpxEcosystems: npm
Packages: leaflet-gpx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: illuminate/cookie
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
GSA_kwCzR0hTQS0yZmZ2LXI0cjktcjh4cs4AA8Ie
Laravel RCE vulnerability in "cookie" session driverEcosystems: packagist
Packages: illuminate/cookie
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Critical
Ecosystems: npm
Packages: sailclothjs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01cGYtNTg5NC1qbXg3
Malicious Package in sailclothjsEcosystems: npm
Packages: sailclothjs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: cargo
Packages: rust-crypto
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qcDN3LTNxODgtMzRjZs4AArs0
Miscomputation when performing AES encryption in rust-cryptoEcosystems: cargo
Packages: rust-crypto
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: sonatype
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc4ZmgtcHZxMi14OGM0
Malicious npm package: sonatypeEcosystems: npm
Packages: sonatype
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: go
Packages: github.com/neuvector/neuvector
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS02MjJoLWgycDgtNzQzeM4AA2R2
JWT token compromise can allow malicious actions including Remote Code Execution (RCE)Ecosystems: go
Packages: github.com/neuvector/neuvector
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Critical
Ecosystems: maven
Packages: com.splunk.logging:splunk-library-javalogging
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05NGc3LWhwdjgtaDlxbc0bRQ
Remote code injection in Log4jEcosystems: maven
Packages: com.splunk.logging:splunk-library-javalogging
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: gree/jose
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
GSA_kwCzR0hTQS05Z3h2LXg3cnAtcjJoY84AA8Ib
gree/jose - "None" Algorithm treated as valid in tokensEcosystems: packagist
Packages: gree/jose
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Critical
Ecosystems: npm
Packages: js-yaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4dnctNDVycC0zbWoy
Deserialization Code Execution in js-yamlEcosystems: npm
Packages: js-yaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: veval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0cW0tMzdxci13NXdx
Sandbox Breakout / Arbitrary Code Execution in vevalEcosystems: npm
Packages: veval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: an0n-chat-lib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd4Y3Ytd3ZyNy00aDZw
Malicious npm package: an0n-chat-libEcosystems: npm
Packages: an0n-chat-lib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: rubygems
Packages: md2pdf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk5Y2gtOG12cC1nN201
md2pdf allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filenameEcosystems: rubygems
Packages: md2pdf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: lighter-vm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMzaHEtN214aC1tcXhm
Sandbox Breakout / Arbitrary Code Execution in lighter-vmEcosystems: npm
Packages: lighter-vm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: firebase/php-jwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
GSA_kwCzR0hTQS1oNTMzLTV2MjItOHZjcM4AA8IT
firebase/php-jwt: "None" Algorithm treated as valid on tokensEcosystems: packagist
Packages: firebase/php-jwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Critical
Ecosystems: rubygems
Packages: active-support
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJqNTUtcGN3NS14NGgy
active-support impersonates 'activesupport' gemEcosystems: rubygems
Packages: active-support
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: passport-cognito
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2YzUtaHdxZy0zeDVx
Improper Authorization in passport-cognitoEcosystems: npm
Packages: passport-cognito
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: jwt-simple
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZncngtdzZyZy04ZnFm
Forgeable Public/Private Tokens in jwt-simpleEcosystems: npm
Packages: jwt-simple
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qZjd4LTU3ZzgtOWhtNc4AApc9
Jeecg-Boot CMS arbitrary file upload vulnerabilityEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: nobelprizeparser
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3djQtbWdmcS01OTh2
Code injection in nobelprizeparserEcosystems: npm
Packages: nobelprizeparser
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
Critical
Ecosystems: go
Packages: github.com/russellhaering/gosaml2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU2ODQtZzQ4My0yMjQ5
Signature Validation BypassEcosystems: go
Packages: github.com/russellhaering/gosaml2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: 1337qq-js
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd3Z2gtNXE0cS02d3g1
Malicious Package in 1337qq-jsEcosystems: npm
Packages: 1337qq-js
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: scroool
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA3dzItbWM2bS1tZngy
Malicious Package in scrooolEcosystems: npm
Packages: scroool
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: go
Packages: github.com/netlify/gotrue
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzM3ctbW02aC1ydjlw
Auth bypass in SAML providerEcosystems: go
Packages: github.com/netlify/gotrue
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: react-oauth-flow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY1bTktbTI1OS03anF3
Improper Authorization in react-oauth-flowEcosystems: npm
Packages: react-oauth-flow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS01eDRmLTd4Z3EtcjQyeM1REw
Object state limitation has no effectEcosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Critical
Ecosystems: cargo
Packages: wasmi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS03NWpwLXZxOHgtaDRjcc4AA501
Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 ParametersEcosystems: cargo
Packages: wasmi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: npm
Packages: loadyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1mYzItOTNwci1qZjky
Malicious code in `loadyaml`Ecosystems: npm
Packages: loadyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: electorn
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM4aHgtMzU0Mi04Zmgz
Malicious code in `electorn`Ecosystems: npm
Packages: electorn
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: npm-git-publish
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ5bWctOTRmYy0yZng2
Command Injection in npm-git-publishEcosystems: npm
Packages: npm-git-publish
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: go
Packages: github.com/russellhaering/goxmldsig
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJyZnctaGc5bS1qNDdo
Signature Validation BypassEcosystems: go
Packages: github.com/russellhaering/goxmldsig
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS04ODQ5LWN2OWYtdmNjbc4AAy-9
Access bypass in Drupal coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: samsung-remote
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhoangtbWZyNi05cnI0
Command Injection in samsung-remoteEcosystems: npm
Packages: samsung-remote
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: swagger-injector
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY0eDgtZ3c0OS03aHY0
Path Traversal in swagger-injectorEcosystems: npm
Packages: swagger-injector
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: express-laravel-passport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2NnAtdzdxeC13djk4
Authentication Bypass in express-laravel-passportEcosystems: npm
Packages: express-laravel-passport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: dictum.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo1amMtamY4Zi04NnE3
Malicious Package in dictum.jsEcosystems: npm
Packages: dictum.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: pyramid-proportion
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2dnYtaGhxYy02aGgy
Malicious Package in pyramid-proportionEcosystems: npm
Packages: pyramid-proportion
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: tomato
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2eGMtZzJqeC1xajNw
API Admin Auth Weakness in tomatoEcosystems: npm
Packages: tomato
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: angular-location-update
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzangtNHd3aC1nY3Fq
Malicious Package in angular-location-updateEcosystems: npm
Packages: angular-location-update
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: ezsystems/ezplatform-solr-search-engine
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS03Y3JjLXIzd2ctY2ZnZs4AA26r
Json response for search reveals Solr credentialsEcosystems: packagist
Packages: ezsystems/ezplatform-solr-search-engine
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Critical
Ecosystems: maven
Packages: com.enonic.xp:lib-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS00bTVwLTV3NXctM2pjZs4AAvTD
com.enonic.xp:lib-auth vulnerable to Session FixationEcosystems: maven
Packages: com.enonic.xp:lib-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: react-server-native
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ3dnAteDVnai03NzNq
Malicious Package in react-server-nativeEcosystems: npm
Packages: react-server-native
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: kraken-api
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZnZmotcmoyNC1tajdx
Malicious Package in kraken-apiEcosystems: npm
Packages: kraken-api
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: open
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI4eGgtd3Bnci03Zm04
Command Injection in openEcosystems: npm
Packages: open
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 5 years ago
Critical
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xNGg5LTQ2eGctbTN4Oc0Vww
UUPSUpgradeable vulnerability in @openzeppelin/contracts-upgradeableEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: jekyll-for-github-projects
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo1cWctNDZwOS13MnJw
Malicious Package in jekyll-for-github-projectsEcosystems: npm
Packages: jekyll-for-github-projects
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: namshi/jose
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 10 hours ago
GSA_kwCzR0hTQS00cnI2LWdmNTktZ2d3Nc4AA8Rn
namshi/jose - Verification bypassEcosystems: packagist
Packages: namshi/jose
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 10 hours ago
Critical
Ecosystems: npm
Packages: @wturyn/swagger-injector
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR4N3ctZnJjcS12NG0z
Path Traversal in @wturyn/swagger-injectorEcosystems: npm
Packages: @wturyn/swagger-injector
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: eslint-config-eslint
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB2NTUtcjZqMy13cDk0
Malicious Package in eslint-config-eslintEcosystems: npm
Packages: eslint-config-eslint
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: simple-alipay
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN3aDItMnBwMy0yODIz
Malicious Package in simple-alipayEcosystems: npm
Packages: simple-alipay
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @fangrong/xoc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqeHAtZjM3OS02Mjg0
Malicious Package in @fangrong/xocEcosystems: npm
Packages: @fangrong/xoc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: s3asy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN3am0tMzNtdy1oMzg4
Malicious Package in s3asyEcosystems: npm
Packages: s3asy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: rc-calendar-jhorst
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRjODctZ2cycS1mYzZt
Malicious Package in rc-calendar-jhorstEcosystems: npm
Packages: rc-calendar-jhorst
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: oauth-validator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN4Y2YtNzhtci13cGc3
Malicious Package in oauth-validatorEcosystems: npm
Packages: oauth-validator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: ngx-pica
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2d2YtMnhjZi02d214
Malicious Package in ngx-picaEcosystems: npm
Packages: ngx-pica
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: react-dates-sc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU2NDUtZ2M3aC05OGg4
Malicious Package in react-dates-scEcosystems: npm
Packages: react-dates-sc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: marsdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVtcnItcmdwNi14NGdy
Command Injection in marsdbEcosystems: npm
Packages: marsdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: ibexa/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zOTRqLXgzN3ItMnEyN84AAv0c
Ibexa DXP users with the Company admin role can assign any role to any userEcosystems: packagist
Packages: ibexa/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.karaf:cave
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 days ago
GSA_kwCzR0hTQS0zMzh4LWhmeDgtdng5eM4AA78P
Apache Karaf Cave: Cave SSRF and arbitrary file accessEcosystems: maven
Packages: org.apache.karaf:cave
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 days ago
Critical
Ecosystems: npm
Packages: priest-runner
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlweDktZjdqdy1md2hq
Command Injection in priest-runnerEcosystems: npm
Packages: priest-runner
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: jasmin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTljcTQtbWhtci04NGdt
Malicious Package in jasminEcosystems: npm
Packages: jasmin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: ibexa/solr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS12NnhwLWNjdngtdzUybc4AA26q
Json response for search reveals Solr credentialsEcosystems: packagist
Packages: ibexa/solr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Critical
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWczMzYtYzd3di04aHAz
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: shopware/platform, shopware/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFnN2MtcTN2cS1yZ3hy
Leak of information via Store-API aggregations in shopware/platform and shopware/coreEcosystems: packagist
Packages: shopware/platform, shopware/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Critical
Ecosystems: go
Packages: gogs.io/gogs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05NThqLTQ0M2ctN21tN84AArT-
OS Command Injection in gogsEcosystems: go
Packages: gogs.io/gogs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: xoc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0Y3ItZ3Y4dy04MzI0
Malicious Package in xocEcosystems: npm
Packages: xoc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: pypi
Packages: waitress
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRwcHAtZ3Bjci03cWY2
HTTP Request Smuggling: Content-Length Sent Twice in WaitressEcosystems: pypi
Packages: waitress
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
Critical
Ecosystems: packagist
Packages: neos/swiftmailer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 10 hours ago
GSA_kwCzR0hTQS1ycTZxLWhqdmgtNW13aM4AA8Rv
Flow Swift Mailer package Remote code executionEcosystems: packagist
Packages: neos/swiftmailer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 10 hours ago
Critical
Ecosystems: npm
Packages: bignum
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
GSA_kwCzR0hTQS03Y2djLWZqdjQtNTJ4Ns4AAzdI
Malware in pre-build binaries of bignumEcosystems: npm
Packages: bignum
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
Critical
Ecosystems: npm
Packages: giting
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdyOXgtaHI3Ni1qcjk2
Command Injection in gitingEcosystems: npm
Packages: giting
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: reduce-css-calc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ2NjItajk2Zy1tdjQ2
Arbitrary Code Injection in reduce-css-calcEcosystems: npm
Packages: reduce-css-calc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: sapper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYzdnctNTg3Zy1yMjln
Path Traversal in sapperEcosystems: npm
Packages: sapper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: precode.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3NHItd3djMy02cWNw
Malicious Package in precode.jsEcosystems: npm
Packages: precode.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ1cDctYzk1OS1yZ2Nt
Process crashes when the cell used as DepGroup is not aliveEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: css_transform_step
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyeDktNThtNy1ncjh3
Malicious Package in css_transform_stepEcosystems: npm
Packages: css_transform_step
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @zhaoyao91/eval-in-vm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpwOTktNWg4dy1nbXhj
Sandbox Breakout / Arbitrary Code Execution in @zhaoyao91/eval-in-vmEcosystems: npm
Packages: @zhaoyao91/eval-in-vm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: coffee-project
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmdjYtcTV4di1maHB3
Malicious Package in coffee-projectEcosystems: npm
Packages: coffee-project
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3NnItaGo0NS1mdzdn
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: grunt-radic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlwNDktY3doMy00cWhm
Malicious Package in grunt-radicEcosystems: npm
Packages: grunt-radic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: f-serv
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4NXctY3hjaC13d2M5
Path Traversal in f-servEcosystems: npm
Packages: f-serv
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1qOHgtY3ByOC14Mzlo
Remote code execution in Apache TapestryEcosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: libyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03NWgtY2docS1jOGg1
Heap Based Buffer Overflow in libyamlEcosystems: npm
Packages: libyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: pypi
Packages: asterix_decoder
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02bW1mLXY1cTctdncyd84AAqut
Asterix Heap-based Buffer OverflowEcosystems: pypi
Packages: asterix_decoder
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
GSA_kwCzR0hTQS04ajdjLTY4MngtcjlmMs4AA8I2
Magento RCE,XSS and other vulnerabilitiesEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Critical
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
GSA_kwCzR0hTQS01Z21oLTg1eDgtNWN4N84AA8I0
Magento remote code execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilitiesEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Critical
Ecosystems: npm
Packages: evil-package
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2MnItamY1Ni1oNDI5
Malicious Package in evil-packageEcosystems: npm
Packages: evil-package
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoajktY2pqaC0yN3Zt
Active Record contains deserialization of arbitrary YAMLEcosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Critical
Ecosystems: packagist
Packages: shopware/platform, shopware/storefront
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS1jMmY5LTRqbW0tdjQ1bc4AA5zD
Shopware's session is persistent in Cache for 404 pagesEcosystems: packagist
Packages: shopware/platform, shopware/storefront
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: cargo
Packages: traitobject
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wcDhyLXZ2MmotOWo1ds4AAu1P
traitobject is UnmaintainedEcosystems: cargo
Packages: traitobject
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: zencashjs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmcmMtN21qMi01eGg5
Undefined Behavior in zencashjsEcosystems: npm
Packages: zencashjs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: pidusage
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhmcTktcmZwdi1qOHI4
Command Injection in pidusageEcosystems: npm
Packages: pidusage
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 1,300
Ecosystems: 12
Packages: 8,381
Repositories: 1,300
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
34
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
org.jenkins-ci.main:jenkins-core
18
net.mingsoft:ms-mcms
18
salt
17
moodle/moodle
15
drupal/core
14
topthink/framework
13
com.liferay.portal:release.portal.bom
13
com.liferay.portal:release.dxp.bom
12
org.apache.dubbo:dubbo
12
langchain
12
mlflow
12
magento/core
11
org.apache.struts:struts2-core
11
apache-airflow
10
vm2
10
drupal/drupal
10
tensorflow
9
phpmyadmin/phpmyadmin
9
org.xwiki.platform:xwiki-platform-oldcore
9
funadmin/funadmin
9
tensorflow-gpu
8
tensorflow-cpu
8
paddlepaddle
8
froxlor/froxlor
8
org.jeecgframework.boot:jeecg-boot-common
8
shopware/platform
8
rdiffweb
8
org.xwiki.platform:xwiki-platform-web-templates
8
rusqlite
7
studio-42/elfinder
7
org.xwiki.platform:xwiki-platform-administration-ui
7
sequelize
7
gogs.io/gogs
7
ansible
7
symfony/symfony
7
thorsten/phpmyfaq
6
github.com/answerdev/answer
6
github.com/argoproj/argo-cd
6
parse-server
6
aaptjs
6
ezsystems/ezpublish-kernel
6
mautic/core
5
Microsoft.ChakraCore
5
django
5
org.jenkins-ci.plugins:script-security
5
org.xwiki.platform:xwiki-platform-web
5
safe-eval
5
org.jeecgframework.boot:jeecg-boot-parent
5
org.apache.inlong:manager-pojo
5
mercurial
5
org.apache.shiro:shiro-core
5
centreon/centreon
5
zendframework/zendframework
5
org.apache.activemq:activemq-client
5
shopware/core
5
prestashop/prestashop
5
ckb
5
steal
5
org.xwiki.commons:xwiki-commons-xml
5
Pillow
5
nodebb
5
org.cloudfoundry.identity:cloudfoundry-identity-server
4
github.com/grafana/grafana
4
nukeviet/nukeviet
4
github.com/argoproj/argo-cd/v2
4
org.apache.kylin:kylin-server-base
4
openssl-src
4
org.apache.tapestry:tapestry-core
4
baserproject/basercms
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
librenms/librenms
4
pyload-ng
4
apache-airflow-providers-apache-hive
4
PaddlePaddle
4
net.opentsdb:opentsdb
4
feehi/cms
4
calibreweb
4
contao/core-bundle
4
spree_auth_devise
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
swagger-ui
4
org.apache.tomcat.embed:tomcat-embed-core
4
safer-eval
4
github.com/hashicorp/vault
4
org.eclipse.jetty:jetty-server
4
github.com/usememos/memos
4
code.gitea.io/gitea
4
org.jeecgframework.boot:jeecg-boot-base-core
4
smallvec
4
hermes-engine
4
org.apache.openmeetings:openmeetings-parent
4
messagepack-rs
4
org.apache.inlong:manager-service
4
contao/contao
4
Django
4
realms-shim
4
nilsteampassnet/teampass
4
codeigniter4/framework
3
org.apache.logging.log4j:log4j-core
3
showdoc/showdoc
3
lmdb
3
org.jenkins-ci.plugins:active-directory
3
github.com/dexidp/dex
3
org.xwiki.platform:xwiki-platform-icon-ui
3
zendframework/zendframework1
3
org.apache.storm:storm
3
github.com/rancher/rancher
3
org.xwiki.platform:xwiki-platform-search-ui
3
org.apache.dolphinscheduler:dolphinscheduler
3
typo3/cms
3
org.apache.ignite:ignite-core
3
org.apache.inlong:manager-web
3
com.hazelcast:hazelcast
3
modoboa
3
log4j:log4j
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
id-map
3
tribalsystems/zenario
3
@openzeppelin/contracts-upgradeable
3
pimcore/pimcore
3
org.xwiki.platform:xwiki-platform-panels-ui
3
nvflare
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
org.jeecgframework.boot:jeecg-boot-base
3
slp-validate
3
org.keycloak:keycloak-core
3
ro.pippo:pippo-core
3
facade/ignition
3
symfony/security
3
edu.stanford.nlp:stanford-corenlp
3
com.jflyfox:jflyfox_jfinal
3
symfony/security-core
3
com.alibaba:dubbo
3
ezsystems/ezplatform-kernel
3
org.apache.hadoop:hadoop-common
3
jsrsasign
3
codeigniter/framework
3
impresscms/impresscms
3
github.com/go-gitea/gitea
3
simplesamlphp/simplesamlphp
3
nokogiri
3
org.apache.any23:apache-any23
3
org.apache.linkis:linkis
3
craftcms/cms
3
handlebars
3
smarty/smarty
3
rubygems-update
3
io.dataease:dataease-plugin-common
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
github.com/pterodactyl/wings
3
org.apache.ozone:ozone-main
3
adodb/adodb-php
3
slpjs
3
strapi
3
cobbler
3
dompdf/dompdf
3
org.springframework.security:spring-security-core
3
browserify-shim
3
org.apache.jmeter:ApacheJMeter
3
actix-web
3
ibexa/core
3
mongoose
3
io.undertow:undertow-core
3
org.apache.solr:solr-parent
3
xcb
3
phpmailer/phpmailer
3
org.apache.solr:solr-core
3
elefant/cms
3
org.richfaces:richfaces-core
3
francoisjacquet/rosariosis
3
ray
3
github.com/hashicorp/nomad
3
publify_core
3
feathers-sequelize
3
codiad/codiad
3
alextselegidis/easyappointments
2
eslint-config-eslint
2
github.com/beego/beego
2
github.com/beego/beego/v2
2
mysql2
2
org.xwiki.platform:xwiki-platform-attachment-ui
2
org.apache.flume.flume-ng-sources:flume-jms-source
2
llama-index
2
Radicale
2
github.com/russellhaering/gosaml2
2
laravel/framework
2
org.keycloak:keycloak-services
2
com.hazelcast.jet:hazelcast-jet
2
org.apache.derby:derby
2
cn.hutool:hutool-all
2
org.apache.inlong:manager-dao
2
@keystone-6/core
2
joplin
2
ctx
2
org.xwiki.platform:xwiki-platform-administration
2
org.xwiki.platform:xwiki-platform-distribution-war
2
org.jenkins-ci.plugins:semantic-versioning-plugin
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/apache/airflow
14
https://github.com/saltstack/salt
14
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/funadmin/funadmin
9
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/tensorflow/tensorflow
9
https://github.com/django/django
9
https://github.com/top-think/framework
9
https://github.com/langchain-ai/langchain
8
https://github.com/magento/magento2
8
https://github.com/ikus060/rdiffweb
8
https://github.com/apache/inlong
8
https://github.com/argoproj/argo-cd
7
https://github.com/Studio-42/elFinder
7
https://github.com/python-pillow/Pillow
7
https://github.com/gogs/gogs
7
https://github.com/go-gitea/gitea
7
https://github.com/ansible/ansible
7
https://github.com/sequelize/sequelize
7
https://github.com/rusqlite/rusqlite
7
https://github.com/apache/struts
7
https://github.com/thorsten/phpmyfaq
6
https://github.com/shopware/platform
6
https://github.com/shenzhim/aaptjs
6
https://github.com/parse-community/parse-server
6
https://github.com/symfony/symfony
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/answerdev/answer
6
https://github.com/apache/tomcat
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/PrestaShop/PrestaShop
5
https://github.com/nervosnetwork/ckb
5
https://github.com/froxlor/froxlor
5
https://github.com/NodeBB/NodeBB
5
https://github.com/apache/activemq
5
https://github.com/dromara/hutool
5
https://github.com/keycloak/keycloak
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/moodle/moodle
5
https://github.com/stealjs/steal
5
https://github.com/swagger-api/swagger-ui
4
https://github.com/hwchase17/langchain
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/janeczku/calibre-web
4
https://github.com/otake84/messagepack-rs
4
https://github.com/cloudfoundry/uaa
4
https://github.com/pippo-java/pippo
4
https://github.com/usememos/memos
4
https://github.com/contao/contao
4
https://github.com/dompdf/dompdf
4
https://github.com/spring-projects/spring-framework
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/servo/rust-smallvec
4
https://github.com/grafana/grafana
4
https://github.com/liufee/cms
4
https://github.com/pyload/pyload
4
https://github.com/CVEProject/cvelist
4
https://github.com/centreon/centreon-archived
3
https://github.com/shopware/shopware
3
https://github.com/modoboa/modoboa
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/publify/publify
3
https://github.com/facade/ignition
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/star7th/showdoc
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/pimcore/pimcore
3
https://github.com/smarty-php/smarty
3
https://github.com/rancher/rancher
3
https://github.com/facebook/hermes
3
https://github.com/craftcms/cms
3
https://github.com/nukeviet/nukeviet
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/hazelcast/hazelcast
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/crewjam/saml
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/ibexa/core
3
https://github.com/ADOdb/ADOdb
3
https://github.com/rubygems/rubygems.org
3
https://github.com/andrewhickman/id-map
3
https://github.com/rubygems/rubygems
3
https://github.com/twisted/twisted
3
https://github.com/apache/camel
3
https://github.com/actix/actix-web
3
https://github.com/pterodactyl/wings
3
https://github.com/dwisiswant0/advisory
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/octobercms/october
3
https://github.com/denoland/deno
3
https://github.com/mautic/mautic
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/github/securitylab
3
https://github.com/baserproject/basercms
3
https://github.com/dexidp/dex
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/neorazorx/facturascripts
3
https://github.com/apache/shiro
3
https://github.com/kjur/jsrsasign
3
https://github.com/mbechler/marshalsec
3
https://github.com/jmrozanec/cron-utils
2
https://github.com/sjep/array
2
https://github.com/pytorch/serve
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/jfinal/jfinal
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/top-think/thinkphp
2
https://github.com/SAP/cloud-pysec
2
https://github.com/apache/kylin
2
https://github.com/TribalSystems/Zenario
2
https://github.com/totaljs/framework
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/ahdinosaur/set-in
2
https://github.com/kubernetes/kubernetes
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/MrSwitch/hello.js
2
https://github.com/ibexa/admin-ui
2
https://github.com/evmos/evmos
2
https://github.com/beego/beego
2
https://github.com/dominictarr/libnested
2
https://github.com/fluxcd/flux2
2
https://github.com/moby/buildkit
2
https://github.com/unshiftio/url-parse
2
https://github.com/sidorares/node-mysql2
2
https://github.com/noear/solon
2
https://github.com/h2database/h2database
2
https://github.com/firebase/php-jwt
2
https://github.com/netvl/acc_reader
2
https://github.com/rubyzip/rubyzip
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/rest-client/rest-client
2
https://github.com/hashicorp/go-getter
2
https://github.com/qcubed/qcubed
2
https://github.com/nats-io/jwt
2
https://github.com/getgrav/grav
2
https://github.com/rochacbruno/quokka
2
https://github.com/graphite-project/graphite-web
2
https://github.com/rails/rails
2
https://github.com/uasoft-indonesia/badaso
2
https://github.com/apache/flume
2
https://github.com/Froxlor/Froxlor
2
https://github.com/TogaTech/tEnvoy
2
https://github.com/PowerJob/PowerJob
2
https://github.com/Gerapy/Gerapy
2
https://github.com/rust-random/rand
2
https://github.com/hashicorp/nomad
2
https://github.com/vert-x3/vertx-web
2
https://github.com/apache/karaf
2
https://github.com/simplesamlphp/simplesamlphp
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/sparklemotion/nokogiri
2
https://github.com/laurent22/joplin
2
https://gitlab.com/francoisjacquet/rosariosis
2
https://github.com/dominictarr/event-stream
2
https://github.com/KnpLabs/snappy
2
https://github.com/apache/incubator-streampark
2
https://github.com/SAP/cloud-security-services-integration-library
2
https://github.com/skoranga/node-dns-sync
2
https://github.com/commenthol/safer-eval
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/dfinity/agent-js
2
https://github.com/jaw187/node-traceroute
2
https://github.com/WWBN/AVideo
2
https://github.com/markevans/dragonfly
2
https://github.com/soketi/soketi
2
https://github.com/nilsteampassnet/TeamPass
2
https://github.com/line/armeria
2
https://github.com/gofiber/fiber
2
https://github.com/joomla/joomla-cms
2
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
2
https://github.com/benbusby/whoogle-search
2
https://github.com/google/flatbuffers
2
https://github.com/gventuri/pandas-ai
2
https://github.com/nodejs/llhttp
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/Automattic/mongoose
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/hashicorp/vault
2
https://github.com/ionicabizau/parse-url
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/keystonejs/keystone
2