Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 10 months ago
GSA_kwCzR0hTQS1jY2hxLWZyZ3YtcmpoNc4AA0sM
vm2 Sandbox Escape vulnerabilityEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 10 months ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 12 months ago
GSA_kwCzR0hTQS13aHBqLThmM3ctNjdwNc4AAzV1
vm2 Sandbox Escape vulnerabilityEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 12 months ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 10 months ago
GSA_kwCzR0hTQS1nNjQ0LTlnZngtcTRxNM4AA0sL
vm2 Sandbox Escape vulnerabilityEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 10 months ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: over 1 year ago
GSA_kwCzR0hTQS00dzJqLTJyZzQtNW1qd84AAweA
vm2 vulnerable to Arbitrary Code ExecutionEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
GSA_kwCzR0hTQS14ajcyLXd2ZnYtODk4Nc4AAyu7
vm2 Sandbox Escape vulnerabilityEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: typeorm
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1meDR3LXY0M2otdmM0Nc4AAtGB
SQL injection in typeORMEcosystems: npm
Packages: typeorm
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: typeorm
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBmMmotOXFtcC1qcXIy
TypeORM vulnerable to MAID and Prototype PollutionEcosystems: npm
Packages: typeorm
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: almost 3 years ago
Critical
Ecosystems: maven
Packages: com.squareup.retrofit2:retrofit
Source: GitHub Advisory Database
Blast Radius: 45.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozNzktOWpyOS13NWNx
XML External Entity (XXE) vulnerability in Square RetrofitEcosystems: maven
Packages: com.squareup.retrofit2:retrofit
Source: GitHub Advisory Database
Blast Radius: 45.8
Published: over 5 years ago
Critical
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 45.8
Published: about 2 years ago
GSA_kwCzR0hTQS1oNmd3LXI1MmMtNzI0cs0oig
NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 45.8
Published: about 2 years ago
Critical
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 45.8
Published: over 2 years ago
GSA_kwCzR0hTQS01N3d4LW05ODMtMmY4OM0XCw
Incomplete validation in boosted trees codeEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 45.8
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 45.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI2angtOWc0OC0ycjVy
Arbitrary code execution due to YAML deserializationEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 45.8
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: paperclip
Source: GitHub Advisory Database
Blast Radius: 45.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVqY2YtYzVyZy1ybW04
paperclip Server-Side Request Forgery vulnerabilityEcosystems: rubygems
Packages: paperclip
Source: GitHub Advisory Database
Blast Radius: 45.7
Published: over 6 years ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: almost 2 years ago
GSA_kwCzR0hTQS13dmo1LXI3OHItaGhmcc4AAWjw
Symfony Authentication BypassEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: almost 2 years ago
GSA_kwCzR0hTQS0zNWM1LTI4cGctMnFnNM4AAWke
Symfony Authentication BypassEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1xODd2LXE4ZnctZ21qNc4AAgyh
Symfony Incorrect Access ControlEcosystems: packagist
Packages: symfony/symfony, symfony/security, symfony/security-core
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: node.extend
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI5NmMtNTdwZi05ampt
Prototype Pollution in node.extendEcosystems: npm
Packages: node.extend
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: about 5 years ago
Critical
Ecosystems: pypi
Packages: docutils
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNnNzUtNjkzOC13eDU4
python-docutils allows insecure usage of temporary filesEcosystems: pypi
Packages: docutils
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1oaDMyLTczNDQtY2cyZs4AAgbh
Authorization bypass in Spring SecurityEcosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdtdjQtNXc3Ni12cDln
Authorization Bypass in Spring SecurityEcosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: over 1 year ago
GSA_kwCzR0hTQS1tbW1oLXdjeG0tMndyNM4AAvnr
Spring Security authorization rules can be bypassed via forward or include dispatcher typesEcosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZnNDctM2MyeC1tMndy
TimelockController vulnerability in OpenZeppelin ContractsEcosystems: npm
Packages: @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: http
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZyaHgtaHF4bS04cDM2
Double free in httpEcosystems: cargo
Packages: http
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.scala-lang:scala-library
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 1 year ago
GSA_kwCzR0hTQS04cXY1LTY4ZzQtMjQ4as4AAvC6
Scala subject to file deletion, code execution due to Java deserialization chain with LazyList object deserializationEcosystems: maven
Packages: org.scala-lang:scala-library
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: about 2 years ago
GSA_kwCzR0hTQS05ajU5LTc1cWotNzk1d80yIg
Path traversal in PillowEcosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: about 2 years ago
Critical
Ecosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ3djctM3Y0NS1oZzI5
Out-of-bounds ReadEcosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: almost 3 years ago
Critical
Ecosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3Z2MtdjJ4di1ydnZo
Out-of-bounds Read in PillowEcosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: almost 3 years ago
Critical
Ecosystems: cargo
Packages: hyper
Source: GitHub Advisory Database
Blast Radius: 44.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzcXItcnEyai03NHc0
HTTP Request Smuggling in hyperEcosystems: cargo
Packages: hyper
Source: GitHub Advisory Database
Blast Radius: 44.9
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 2 years ago
GSA_kwCzR0hTQS03cmpyLTNxNTUtdnYzM80bQA
Incomplete fix for Apache Log4j vulnerabilityEcosystems: maven
Packages: org.apache.logging.log4j:log4j-core
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: sha2
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 2 years ago
GSA_kwCzR0hTQS1mYzd4LTJjbWMtOGoyZ80fkw
Incorrect hash in sha2Ecosystems: cargo
Packages: sha2
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: gevent
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: 7 months ago
GSA_kwCzR0hTQS14N20zLWpwcmctd2M1Z84AA2Bl
Gevent allows remote attacker to escalate privilegesEcosystems: pypi
Packages: gevent
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: 7 months ago
Critical
Ecosystems: rubygems
Packages: jmespath
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: almost 2 years ago
GSA_kwCzR0hTQS01YzVmLTd2ZnEtMzczMs4AArZl
JMESPath for Ruby uses unsafe JSON.load when safe JSON.parse is preferableEcosystems: rubygems
Packages: jmespath
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: symfony/var-exporter, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0cmMtcngyNS04bTg2
Improper Input Validation in SymfonyEcosystems: packagist
Packages: symfony/var-exporter, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 2 years ago
GSA_kwCzR0hTQS01dnAzLXY0aGMtZ3g3Ns0VxA
UUPSUpgradeable vulnerability in @openzeppelin/contractsEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZnZzgtNzJmMi1xbTIz
Critical severity vulnerability that affects org.eclipse.jetty:jetty-serverEcosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4OXgtOHF3OS05cHA2
Jetty vulnerable to authorization bypass due to inconsistent HTTP request handling (HTTP Request Smuggling)Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3MmctMmg4aC0zNjJx
Jetty contains an alias issue that could allow unauthenticated remote code execution due to specially crafted requestEcosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 5 years ago
Critical
Ecosystems: packagist
Packages: yiisoft/yii2
Source: GitHub Advisory Database
Blast Radius: 44.4
Published: 8 months ago
GSA_kwCzR0hTQS03Y2ZxLTcydzItMjRxNM4AA1_W
Yii2 allows attackers to execute any local .php file via a relative path in the view parameterEcosystems: packagist
Packages: yiisoft/yii2
Source: GitHub Advisory Database
Blast Radius: 44.4
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2ZmctbWp4Zy1ocXE0
Integer truncation in Shard API usageEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 3 years ago
Critical
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc1Z2gtMndyMi1wbTZn
Denial of Service in TensorflowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 3 years ago
Critical
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc3cDUtNTc1OS1xdjQ2
Data leak in TensorflowEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 3 years ago
Critical
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 1 year ago
GSA_kwCzR0hTQS05amp3LWhmNzItM214d84AAvMC
TensorFlow vulnerable to heap out of bounds read in filesystem glob matchingEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 1 year ago
Critical
Ecosystems: cargo
Packages: crossbeam-deque
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBxcXAteG1oai13Z2N3
crossbeam-deque Data Race before v0.7.4 and v0.8.1Ecosystems: cargo
Packages: crossbeam-deque
Source: GitHub Advisory Database
Blast Radius: 44.3
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: image_processing
Source: GitHub Advisory Database
Blast Radius: 44.1
Published: about 2 years ago
GSA_kwCzR0hTQS1jeGY3LXFyYzUtOTQ0Ns0viw
Remote shell execution vulnerability in image_processingEcosystems: rubygems
Packages: image_processing
Source: GitHub Advisory Database
Blast Radius: 44.1
Published: about 2 years ago
Critical
Ecosystems: go
Packages: github.com/gorilla/handlers
Source: GitHub Advisory Database
Blast Radius: 44.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qY3I2LW1tamotcGNod84AAwoZ
gorilla/handlers may allow requester to bypass expected behavior of the Same Origin PolicyEcosystems: go
Packages: github.com/gorilla/handlers
Source: GitHub Advisory Database
Blast Radius: 44.0
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: paramiko
Source: GitHub Advisory Database
Blast Radius: 44.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzMnItNjZjZy03OXB4
Paramiko not properly checking authentication before processing other requestsEcosystems: pypi
Packages: paramiko
Source: GitHub Advisory Database
Blast Radius: 44.0
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: pycrypto
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNxMjctdjd4cC1jMzU2
Buffer Overflow in pycryptoEcosystems: pypi
Packages: pycrypto
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.quartz-scheduler:quartz
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlxY2YtYzI2ci14NXJm
XML external entity injection in Terracotta Quartz SchedulerEcosystems: maven
Packages: org.quartz-scheduler:quartz
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: mockery
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: over 1 year ago
GSA_kwCzR0hTQS1nbXdwLTNwd2MtM2ozZ84AAvS-
mockery is vulnerable to prototype pollutionEcosystems: npm
Packages: mockery
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: dom4j:dom4j, org.dom4j:dom4j
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3ajMtbTNwNi1oajM4
dom4j allows External Entities by default which might enable XXE attacksEcosystems: maven
Packages: dom4j:dom4j, org.dom4j:dom4j
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: org.springframework.security:spring-security-config
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: 10 months ago
GSA_kwCzR0hTQS0zaDZmLWc1ZjMtZ2M0d84AA0zc
Access Control Bypass in Spring SecurityEcosystems: maven
Packages: org.springframework.security:spring-security-config
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: 10 months ago
Critical
Ecosystems: maven
Packages: org.liquibase:liquibase-core
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: about 2 years ago
GSA_kwCzR0hTQS1qdmZ2LWhycmMtNnE3Ms0wUg
Improper Restriction of XML External Entity Reference in LiquibaseEcosystems: maven
Packages: org.liquibase:liquibase-core
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: pidusage
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1oMnAzLWg0OGgtOWpqN84AAR2Q
PIDUsage Enables OS Command InjectionEcosystems: npm
Packages: pidusage
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: deeply
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqNHctNWZ3NC1ybTI3
Prototype Pollution in deeplyEcosystems: npm
Packages: deeply
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 4 years ago
Critical
Ecosystems: pypi
Packages: Pygments
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1mZmY4LTR3OXAtN3Y3Ns4AAbau
Command Injection in PygmentsEcosystems: pypi
Packages: Pygments
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhqeGMtdmZ3Mi1jZzk2
Use after free in opensslEcosystems: cargo
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Blast Radius: 43.5
Published: 9 months ago
GSA_kwCzR0hTQS1wcjc2LTVjbTUtdzljas4AA1Py
GitPython vulnerable to remote code execution due to insufficient sanitization of input argumentsEcosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Blast Radius: 43.5
Published: 9 months ago
Critical
Ecosystems: packagist
Packages: dompdf/dompdf
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: over 1 year ago
GSA_kwCzR0hTQS0zY3c1LTdjeHctdjVxZ84AAxTp
Dompdf vulnerable to URI validation failure on SVG parsingEcosystems: packagist
Packages: dompdf/dompdf
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: dompdf/dompdf
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: about 1 year ago
GSA_kwCzR0hTQS01NmdqLW12aDYtcnA3Nc4AAxd4
URI validation failure on SVG parsing. Bypass of CVE-2023-23924Ecosystems: packagist
Packages: dompdf/dompdf
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: about 1 year ago
Critical
Ecosystems: nuget
Packages: log4net
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJjd2otOGNodi05cHA5
XML External Entity attack in log4netEcosystems: nuget
Packages: log4net
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: express-fileupload
Source: GitHub Advisory Database
Blast Radius: 43.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl3Y2ctanJ3Zi04Z2c3
Prototype Pollution in express-fileuploadEcosystems: npm
Packages: express-fileupload
Source: GitHub Advisory Database
Blast Radius: 43.3
Published: over 3 years ago
Critical
Ecosystems: go
Packages: github.com/nats-io/nats-server/v2, github.com/nats-io/jwt
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3NXgteDUzOS1wcGY1
Incorrect handling of credential expiry by /nats-io/nats-serverEcosystems: go
Packages: github.com/nats-io/nats-server/v2, github.com/nats-io/jwt
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1NTQteDIyMi13Z2Y3
Command Injection in XstreamEcosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: almost 5 years ago
Critical
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhmMjMtOXBmNy0zODhw
Deserialization of Untrusted Data and Code Injection in xstreamEcosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: almost 5 years ago
Critical
Ecosystems: packagist
Packages: phenx/php-svg-lib
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 2 months ago
GSA_kwCzR0hTQS05N20zLTUyd3IteHZ2Ms4AA5dJ
Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCEEcosystems: packagist
Packages: phenx/php-svg-lib
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 2 months ago
Critical
Ecosystems: npm
Packages: remark-html
Source: GitHub Advisory Database
Blast Radius: 43.1
Published: over 2 years ago
GSA_kwCzR0hTQS05cTV3LTc5Y3YtOTQ3bc0Vog
Unsafe defaults in `remark-html`Ecosystems: npm
Packages: remark-html
Source: GitHub Advisory Database
Blast Radius: 43.1
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.dataformat:jackson-dataformat-xml
Source: GitHub Advisory Database
Blast Radius: 43.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtcTYtZnJ2My00NzI3
jackson-dataformat-xml vulnerable to XML external entity (XXE)Ecosystems: maven
Packages: com.fasterxml.jackson.dataformat:jackson-dataformat-xml
Source: GitHub Advisory Database
Blast Radius: 43.0
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.shiro:shiro-spring
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjajQtZ2o4bS1tMmY3
Authentication bypass in Apache ShiroEcosystems: maven
Packages: org.apache.shiro:shiro-spring
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: about 3 years ago
Critical
Ecosystems: pypi
Packages: pyarrow
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: 6 months ago
GSA_kwCzR0hTQS01d3ZwLTdmM2gtNndtbc4AA3Am
PyArrow: Arbitrary code execution when loading a malicious data fileEcosystems: pypi
Packages: pyarrow
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: 6 months ago
Critical
Ecosystems: maven
Packages: org.apache.shiro:shiro-spring-boot-starter, org.apache.shiro:shiro-spring, org.apache.shiro:shiro-web
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY5OGotN2NyYy13dnJq
Authentication bypass in Apache ShiroEcosystems: maven
Packages: org.apache.shiro:shiro-spring-boot-starter, org.apache.shiro:shiro-spring, org.apache.shiro:shiro-web
Source: GitHub Advisory Database
Blast Radius: 42.9
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgzcmgtbTd2cC0zNWYy
Operation on a Resource after Expiration or Release in Jetty ServerEcosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: over 1 year ago
GSA_kwCzR0hTQS04d201LThoOWMtNDdwY84AAtzA
Apache Hadoop argument injection vulnerabilityEcosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: about 2 years ago
GSA_kwCzR0hTQS1neDJjLWZ2aGMtcGg0as05Xg
Path traversal in HadoopEcosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1ybXBqLTdjOTYtbXJnOM4AArin
Apache Hadoop heap overflow before v2.10.2, v3.2.3, v3.3.2Ecosystems: maven
Packages: org.apache.hadoop:hadoop-common
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.derby:derby
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: 6 months ago
GSA_kwCzR0hTQS1yY2pjLWM0cGoteHhycM4AA3Qr
Apache Derby: LDAP injection vulnerability in authenticatorEcosystems: maven
Packages: org.apache.derby:derby
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: 6 months ago
Critical
Ecosystems: packagist
Packages: dompdf/dompdf
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: about 2 years ago
GSA_kwCzR0hTQS14NzUyLXFqdjQtYzRoY804Ig
Remote code injection in dompdf/dompdfEcosystems: packagist
Packages: dompdf/dompdf
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: about 2 years ago
Critical
Ecosystems: cargo
Packages: linked-hash-map
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI0M2gtZ21ybS1oNWM5
Access of Uninitialized Pointer in linked-hash-mapEcosystems: cargo
Packages: linked-hash-map
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzeDQtd3I0aC1wdzMz
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnY2gtamptci1ncDd3
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: dset
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1xNHhjLTdjdzgtY2dmas4AAnA8
dset vulnerable to prototype pollutionEcosystems: npm
Packages: dset
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-client
Source: GitHub Advisory Database
Blast Radius: 42.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1xNDZ2LWNqNXYtaHZnNs4AAYKo
Use of a Broken or Risky Cryptographic Algorithm in Apache HadoopEcosystems: maven
Packages: org.apache.hadoop:hadoop-client
Source: GitHub Advisory Database
Blast Radius: 42.4
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: firebase/php-jwt
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: about 2 years ago
GSA_kwCzR0hTQS04eGY0LXc3cXctcGpqd802tA
Firebase PHP-JWT key/algorithm type confusionEcosystems: packagist
Packages: firebase/php-jwt
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: about 2 years ago
Critical
Ecosystems: packagist
Packages: sabberworm/php-css-parser
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: about 2 years ago
GSA_kwCzR0hTQS1waHJxLXY0cTItaG1xNs02Ag
Sabberworm PHP CSS Parser Code injection vulnerability in allSelectors()Ecosystems: packagist
Packages: sabberworm/php-css-parser
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: chrome-launcher
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1ncDJqLW1nNHctMnJoNc4AAkmW
chrome-launcher subject to OS Command InjectionEcosystems: npm
Packages: chrome-launcher
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: algoliasearch-helper
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: over 2 years ago
GSA_kwCzR0hTQS12cGY1LTgyYzgtOXYzNs0XwA
Prototype Pollution in algoliasearch-helperEcosystems: npm
Packages: algoliasearch-helper
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: over 2 years ago
Critical
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 42.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJqeDItNzZyYy0ydjd2
Kubernetes Privilege EscalationEcosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 42.2
Published: almost 3 years ago
Critical
Ecosystems: rubygems
Packages: geocoder
Source: GitHub Advisory Database
Blast Radius: 42.2
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2NGotNnFwcC1jbXJy
SQL Injection in GeocoderEcosystems: rubygems
Packages: geocoder
Source: GitHub Advisory Database
Blast Radius: 42.2
Published: almost 4 years ago
Critical
Ecosystems: rubygems
Packages: git
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: about 2 years ago
GSA_kwCzR0hTQS02OXA2LXd2bXEtMjdnZ809lg
Command injection in ruby-gitEcosystems: rubygems
Packages: git
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: about 2 years ago
Critical
Ecosystems: go
Packages: github.com/emicklei/go-restful/v2, github.com/emicklei/go-restful, github.com/emicklei/go-restful/v3
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: almost 2 years ago
GSA_kwCzR0hTQS1yNDhxLTlnNXItOHEyaM4AArc1
Authorization Bypass Through User-Controlled Key in go-restfulEcosystems: go
Packages: github.com/emicklei/go-restful/v2, github.com/emicklei/go-restful, github.com/emicklei/go-restful/v3
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: com.github.pagehelper:pagehelper
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: almost 2 years ago
GSA_kwCzR0hTQS13NTU5LTYyM3AtdmZnOM3fzg
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameterEcosystems: maven
Packages: com.github.pagehelper:pagehelper
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: bson
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2cmotOHIzYy05Z3Bq
bson is vulnerable to denial of service due to incorrect regex validationEcosystems: rubygems
Packages: bson
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 6 years ago
Critical
Ecosystems: packagist
Packages: phpmailer/phpmailer
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRwYzMtOTZteC13d2M4
Remote code execution in PHPMailerEcosystems: packagist
Packages: phpmailer/phpmailer
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 4 years ago
Critical
Ecosystems: packagist
Packages: phpmailer/phpmailer
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0yOTgtZmg1Yy1qYzY2
Object injection in PHPMailer/PHPMailerEcosystems: packagist
Packages: phpmailer/phpmailer
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: almost 3 years ago
Critical
Ecosystems: packagist
Packages: phpmailer/phpmailer
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmMzctZ3h2aC0yM3Y2
Remote code execution in PHPMailerEcosystems: packagist
Packages: phpmailer/phpmailer
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15on
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0NDYtNjU2cC1mNTRn
Deserialization of Untrusted Data in Bouncy castleEcosystems: maven
Packages: org.bouncycastle:bcprov-jdk15on
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 2 years ago
GSA_kwCzR0hTQS1mNmpwLWo2dzMtdzlobc0V4A
Apache Shiro vulnerable to a specially crafted HTTP request causing an authentication bypassEcosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 1 year ago
GSA_kwCzR0hTQS00NXg5LXE2dmotY3Fncc4AAvPr
Apache Shiro Authentication Bypass vulnerabilityEcosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: almost 2 years ago
GSA_kwCzR0hTQS00Y2Y1LXhtaHAtM3hqN84AAtCe
Improper Authorization in Apache ShiroEcosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcydzktZmNqNS0zZmNn
Improper Authentication in Apache ShiroEcosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: almost 3 years ago
Critical
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI2Z3ItY3ZxMy1xeGdm
Improper Authentication in Apache ShiroEcosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: almost 3 years ago
Critical
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-jasper, org.apache.tomcat:jasper, org.apache.tomcat:tomcat-jasper
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: almost 2 years ago
GSA_kwCzR0hTQS00djNnLWc4NHctaHY3cs3oqg
Authentication Bypass Using an Alternate Path or Channel in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-jasper, org.apache.tomcat:jasper, org.apache.tomcat:tomcat-jasper
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: almost 2 years ago
Statistics
Advisories: 18,369
Packages: 8,294
Repositories: 1,289
Ecosystems: 12
Packages: 8,294
Repositories: 1,289
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
27
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
net.mingsoft:ms-mcms
18
org.jenkins-ci.main:jenkins-core
18
salt
16
moodle/moodle
15
topthink/framework
13
com.liferay.portal:release.portal.bom
13
langchain
12
drupal/core
12
com.liferay.portal:release.dxp.bom
12
org.apache.dubbo:dubbo
12
mlflow
12
magento/core
11
org.apache.struts:struts2-core
11
apache-airflow
10
vm2
10
tensorflow
9
org.xwiki.platform:xwiki-platform-oldcore
9
phpmyadmin/phpmyadmin
9
funadmin/funadmin
9
tensorflow-gpu
8
tensorflow-cpu
8
drupal/drupal
8
org.jeecgframework.boot:jeecg-boot-common
8
shopware/platform
8
rdiffweb
8
paddlepaddle
8
org.xwiki.platform:xwiki-platform-web-templates
8
ansible
7
froxlor/froxlor
7
rusqlite
7
studio-42/elfinder
7
org.xwiki.platform:xwiki-platform-administration-ui
7
sequelize
7
gogs.io/gogs
7
symfony/symfony
7
aaptjs
6
thorsten/phpmyfaq
6
parse-server
6
ezsystems/ezpublish-kernel
6
github.com/argoproj/argo-cd
6
github.com/answerdev/answer
6
org.apache.activemq:activemq-client
5
org.jeecgframework.boot:jeecg-boot-parent
5
ckb
5
nodebb
5
org.apache.tomcat.embed:tomcat-embed-core
5
org.jenkins-ci.plugins:script-security
5
steal
5
mercurial
5
centreon/centreon
5
zendframework/zendframework
5
org.xwiki.commons:xwiki-commons-xml
5
org.xwiki.platform:xwiki-platform-web
5
django
5
Microsoft.ChakraCore
5
shopware/core
5
org.apache.inlong:manager-pojo
5
safe-eval
5
Pillow
5
org.apache.shiro:shiro-core
5
org.apache.tapestry:tapestry-core
4
org.eclipse.jetty:jetty-server
4
smallvec
4
hermes-engine
4
pyload-ng
4
spree_auth_devise
4
contao/contao
4
librenms/librenms
4
PaddlePaddle
4
code.gitea.io/gitea
4
safer-eval
4
org.cloudfoundry.identity:cloudfoundry-identity-server
4
realms-shim
4
nukeviet/nukeviet
4
org.apache.openmeetings:openmeetings-parent
4
github.com/hashicorp/vault
4
baserproject/basercms
4
Django
4
calibreweb
4
mautic/core
4
swagger-ui
4
org.apache.inlong:manager-service
4
org.apache.kylin:kylin-server-base
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
github.com/usememos/memos
4
prestashop/prestashop
4
net.opentsdb:opentsdb
4
github.com/argoproj/argo-cd/v2
4
feehi/cms
4
messagepack-rs
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
apache-airflow-providers-apache-hive
4
openssl-src
4
org.jeecgframework.boot:jeecg-boot-base-core
4
nilsteampassnet/teampass
4
contao/core-bundle
4
github.com/pterodactyl/wings
3
rubygems-update
3
github.com/hashicorp/nomad
3
org.apache.any23:apache-any23
3
org.apache.ignite:ignite-core
3
org.apache.linkis:linkis
3
github.com/dexidp/dex
3
org.springframework.security:spring-security-core
3
nokogiri
3
@openzeppelin/contracts-upgradeable
3
codeigniter4/framework
3
io.dataease:dataease-plugin-common
3
feathers-sequelize
3
cobbler
3
zendframework/zendframework1
3
mongoose
3
nvflare
3
com.hazelcast:hazelcast
3
edu.stanford.nlp:stanford-corenlp
3
github.com/rancher/rancher
3
org.apache.inlong:manager-web
3
org.jenkins-ci.plugins:active-directory
3
org.apache.logging.log4j:log4j-core
3
org.apache.hadoop:hadoop-common
3
modoboa
3
org.apache.jmeter:ApacheJMeter
3
craftcms/cms
3
org.keycloak:keycloak-core
3
org.xwiki.platform:xwiki-platform-icon-ui
3
pimcore/pimcore
3
ro.pippo:pippo-core
3
io.undertow:undertow-core
3
showdoc/showdoc
3
symfony/security
3
symfony/security-core
3
com.jflyfox:jflyfox_jfinal
3
com.alibaba:dubbo
3
ezsystems/ezplatform-kernel
3
smarty/smarty
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
codiad/codiad
3
log4j:log4j
3
tribalsystems/zenario
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
org.apache.ozone:ozone-main
3
phpmailer/phpmailer
3
org.apache.dolphinscheduler:dolphinscheduler
3
org.xwiki.platform:xwiki-platform-panels-ui
3
ray
3
francoisjacquet/rosariosis
3
strapi
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
org.jeecgframework.boot:jeecg-boot-base
3
slp-validate
3
typo3/cms
3
facade/ignition
3
id-map
3
elefant/cms
3
impresscms/impresscms
3
handlebars
3
github.com/go-gitea/gitea
3
browserify-shim
3
org.xwiki.platform:xwiki-platform-search-ui
3
org.apache.storm:storm
3
dompdf/dompdf
3
org.apache.solr:solr-parent
3
org.richfaces:richfaces-core
3
ibexa/core
3
actix-web
3
lmdb
3
org.apache.solr:solr-core
3
jsrsasign
3
slpjs
3
publify_core
3
xcb
3
github.com/crewjam/saml
2
locutus
2
org.apache.shiro:shiro-web
2
tenvoy
2
org.apache.flume.flume-ng-sources:flume-jms-source
2
org.apache.derby:derby
2
org.apache.inlong:manager-dao
2
mathjs
2
github.com/sap/cloud-security-client-go
2
eslint-config-eslint
2
github.com/russellhaering/gosaml2
2
ghost
2
alextselegidis/easyappointments
2
org.springframework.amqp:spring-amqp
2
nadesiko3
2
apache-superset
2
org.apache.commons:commons-configuration2
2
llama-index
2
org.xwiki.platform:xwiki-platform-notifications-ui
2
traceroute
2
graphite-web
2
torchserve
2
com.hazelcast.jet:hazelcast-jet
2
org.xwiki.platform:xwiki-platform-attachment-ui
2
pidusage
2
org.xwiki.platform:xwiki-platform-invitation-ui
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/saltstack/salt
14
https://github.com/apache/airflow
14
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/top-think/framework
9
https://github.com/funadmin/funadmin
9
https://github.com/tensorflow/tensorflow
9
https://github.com/apache/inlong
8
https://github.com/django/django
8
https://github.com/magento/magento2
8
https://github.com/ikus060/rdiffweb
8
https://github.com/langchain-ai/langchain
8
https://github.com/ansible/ansible
7
https://github.com/gogs/gogs
7
https://github.com/apache/struts
7
https://github.com/Studio-42/elFinder
7
https://github.com/argoproj/argo-cd
7
https://github.com/rusqlite/rusqlite
7
https://github.com/python-pillow/Pillow
7
https://github.com/sequelize/sequelize
7
https://github.com/go-gitea/gitea
7
https://github.com/parse-community/parse-server
6
https://github.com/answerdev/answer
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/shenzhim/aaptjs
6
https://github.com/shopware/platform
6
https://github.com/symfony/symfony
6
https://github.com/apache/tomcat
5
https://github.com/stealjs/steal
5
https://github.com/apache/activemq
5
https://github.com/nervosnetwork/ckb
5
https://github.com/NodeBB/NodeBB
5
https://github.com/moodle/moodle
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/froxlor/froxlor
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/keycloak/keycloak
5
https://github.com/dromara/hutool
4
https://github.com/dompdf/dompdf
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/pippo-java/pippo
4
https://github.com/janeczku/calibre-web
4
https://github.com/otake84/messagepack-rs
4
https://github.com/swagger-api/swagger-ui
4
https://github.com/contao/contao
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/PrestaShop/PrestaShop
4
https://github.com/CVEProject/cvelist
4
https://github.com/usememos/memos
4
https://github.com/liufee/cms
4
https://github.com/pyload/pyload
4
https://github.com/spring-projects/spring-framework
4
https://github.com/hwchase17/langchain
4
https://github.com/servo/rust-smallvec
4
https://github.com/cloudfoundry/uaa
4
https://github.com/neorazorx/facturascripts
3
https://github.com/github/securitylab
3
https://github.com/dexidp/dex
3
https://github.com/apache/shiro
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/baserproject/basercms
3
https://github.com/pterodactyl/wings
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/smarty-php/smarty
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/facade/ignition
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/rubygems/rubygems.org
3
https://github.com/facebook/hermes
3
https://github.com/mbechler/marshalsec
3
https://github.com/hazelcast/hazelcast
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/pimcore/pimcore
3
https://github.com/star7th/showdoc
3
https://github.com/rancher/rancher
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/publify/publify
3
https://github.com/dwisiswant0/advisory
3
https://github.com/centreon/centreon-archived
3
https://github.com/shopware/shopware
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/kjur/jsrsasign
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/apache/camel
3
https://github.com/octobercms/october
3
https://github.com/ibexa/core
3
https://github.com/denoland/deno
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/crewjam/saml
3
https://github.com/modoboa/modoboa
3
https://github.com/actix/actix-web
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/rubygems/rubygems
3
https://github.com/nukeviet/nukeviet
3
https://github.com/twisted/twisted
3
https://github.com/craftcms/cms
3
https://github.com/andrewhickman/id-map
3
https://github.com/pytorch/serve
2
https://github.com/sidorares/node-mysql2
2
https://github.com/javamelody/javamelody
2
https://github.com/Netflix/security-bulletins
2
https://github.com/neo4j-contrib/neo4j-apoc-procedures
2
https://github.com/kubernetes/kubernetes
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/nodejs/llhttp
2
https://github.com/sjep/array
2
https://github.com/apache/submarine
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/drupal/core
2
https://github.com/folio-org/mod-data-export-spring
2
https://github.com/apache/jmeter
2
https://github.com/google/flatbuffers
2
https://github.com/scalyr/scalyr-agent-2
2
https://github.com/IceWhaleTech/CasaOS
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/intelliants/subrion
2
https://github.com/benbusby/whoogle-search
2
https://github.com/laurent22/joplin
2
https://github.com/js-data/js-data
2
https://github.com/graphite-project/graphite-web
2
https://github.com/quarkusio/quarkus
2
https://github.com/gventuri/pandas-ai
2
https://github.com/dominictarr/event-stream
2
https://github.com/rochacbruno/quokka
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/KnpLabs/snappy
2
https://github.com/gnzlbg/slice_deque
2
https://github.com/ADOdb/ADOdb
2
https://github.com/keystonejs/keystone
2
https://github.com/jfinal/jfinal
2
https://github.com/TribalSystems/Zenario
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/codeigniter4/CodeIgniter4
2
https://github.com/Automattic/mongoose
2
https://github.com/rest-client/rest-client
2
https://github.com/netvl/acc_reader
2
https://github.com/michaelschwarz/Ajax.NET-Professional
2
https://github.com/h2database/h2database
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/hashicorp/vault
2
https://github.com/totaljs/framework
2
https://github.com/noear/solon
2
https://github.com/top-think/thinkphp
2
https://github.com/getgrav/grav
2
https://github.com/web2py/web2py
2
https://github.com/SAP/cloud-pysec
2
https://github.com/nats-io/jwt
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/jenkinsci/script-security-plugin
2
https://github.com/qcubed/qcubed
2
https://github.com/nystudio107/craft-seomatic
2
https://github.com/mautic/mautic
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jmrozanec/cron-utils
2
https://github.com/hashicorp/go-getter
2
https://github.com/rubyzip/rubyzip
2
https://github.com/apache/kylin
2
https://github.com/ahdinosaur/set-in
2
https://github.com/waycrate/swhkd
2
https://github.com/ionicabizau/parse-url
2
https://github.com/reem/rust-traitobject
2
https://github.com/actix/actix-net
2
https://github.com/Agoric/realms-shim
2
https://github.com/gofiber/fiber
2
https://github.com/apache/incubator-streampark
2
https://github.com/git-lfs/git-lfs
2
https://github.com/puma/puma
2
https://github.com/skoranga/node-dns-sync
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/evmos/evmos
2
https://github.com/rust-random/rand
2
https://github.com/MrSwitch/hello.js
2
https://github.com/OpenMage/magento-lts
2
https://github.com/ezsystems/ezplatform-admin-ui
2
https://github.com/xwiki/xwiki-rendering
2
https://github.com/grafana/grafana
2
https://github.com/Gerapy/Gerapy
2
https://github.com/Codiad/Codiad
2
https://github.com/moby/buildkit
2
https://github.com/soketi/soketi
2