Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Low Security Advisories
Loading...
Low
Ecosystems: go
Packages: github.com/crossplane/crossplane
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 9 months ago
GSA_kwCzR0hTQS02OHA0LTk1eGYtN2d4OM4AA08P
Denial of service from large imageEcosystems: go
Packages: github.com/crossplane/crossplane
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 9 months ago
Low
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 1.1
Published: 9 months ago
GSA_kwCzR0hTQS1yeHZqLTVtdjYtajVtY84AA070
Cross-site Scripting in Mingsoft MCMSEcosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 1.1
Published: 9 months ago
Low
Ecosystems: cargo
Packages: intaglio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS1nY2g1LWh3cWYtbXhocM4AA069
Unsoundness in `intern` methods on `intaglio` symbol internersEcosystems: cargo
Packages: intaglio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:chef-identity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS01amM1LW04N3gtODhmas4AA05e
Secret displayed without masking by Chef Identity PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:chef-identity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Low
Ecosystems: packagist
Packages: typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: 9 months ago
GSA_kwCzR0hTQS1qcTZnLTR2NW0td205cs4AA04k
Information Disclosure due to Out-of-scope Site ResolutionEcosystems: packagist
Packages: typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: 9 months ago
Low
Ecosystems: cargo
Packages: s2n-quic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS1yZmhnLXJqZnAtOXE4cc4AA03d
Potential denial of service after connection migrationEcosystems: cargo
Packages: s2n-quic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Low
Ecosystems: maven
Packages: com.ruoyi:ruoyi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1wNHd3LWo0cHItcXc2cc4AA01M
RuoYi vulnerable to Cross-site ScriptingEcosystems: maven
Packages: com.ruoyi:ruoyi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Low
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: 10 months ago
GSA_kwCzR0hTQS05amZ4LTg0djktMnJyMs4AA0z2
Nomad Caller ACL Token’s Secret ID is Exposed to SentinelEcosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: 10 months ago
Low
Ecosystems: pypi
Packages: keylime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS1nNHdnLWNmcGYtOTY4Oc4AA0zn
keylime fails to flag device as untrusted when signature does not validateEcosystems: pypi
Packages: keylime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dimensionsscm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS04aGM2LXc0NG0td2Z4Zs4AA0zl
Potential leak of credentials in Micro Focus Dimensions CM Jenkins PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:dimensionsscm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Low
Ecosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS0zcncyLXdmYzgtd21qNc4AA0xu
Fides Webserver Vulnerable to SVG Bomb File UploadsEcosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Low
Ecosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1nOTVjLTJqZ20taHFjNs4AA0xt
Fides Webserver Vulnerable to Zip Bomb File UploadsEcosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Low
Ecosystems: cargo
Packages: topgrade
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1mMnd4LXhqZncteGp2Ns4AA0vw
topgrade Time-of-check Time-of-use (TOCTOU) Race Condition in remove_dir_allEcosystems: cargo
Packages: topgrade
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Low
Ecosystems: npm
Packages: @vendure/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS1oOXdxLXhjcXgtbXF4bc4AA0m0
Vendure Cross Site Request Forgery vulnerability impacting all API requestsEcosystems: npm
Packages: @vendure/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Low
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-xml
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 10 months ago
GSA_kwCzR0hTQS01OHF3LXA3cW0tNXJ2aM4AA0ib
Eclipse Jetty XmlParser allows arbitrary DOCTYPE declarationsEcosystems: maven
Packages: org.eclipse.jetty:jetty-xml
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 10 months ago
Low
Ecosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS1tcnI4LXY0OXctMzMzM84AA0iP
sweetalert2 v11.6.14 and above contains potentially undesirable behaviorEcosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Low
Ecosystems: maven
Packages: org.apache.camel:camel-jira
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 10 months ago
GSA_kwCzR0hTQS02ZzJ3LTI1N3YtM2M5Zs4AA0hB
Apache Camel information exposure vulnerabilityEcosystems: maven
Packages: org.apache.camel:camel-jira
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 10 months ago
Low
Ecosystems: packagist
Packages: wintercms/winter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS13ancyLTRqN2otNmdjM84AA0fu
Winter CMS stored XSS through privileged upload of SVG fileEcosystems: packagist
Packages: wintercms/winter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Low
Ecosystems: go
Packages: github.com/tektoncd/pipeline
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 10 months ago
GSA_kwCzR0hTQS13MmgzLXZ2dnEtM201M84AA0fs
Pipelines do not validate child UIDsEcosystems: go
Packages: github.com/tektoncd/pipeline
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 10 months ago
Low
Ecosystems: maven
Packages: org.graylog2:graylog2-server
Source: GitHub Advisory Database
Blast Radius: 6.5
Published: 10 months ago
GSA_kwCzR0hTQS0ycTRwLWY2Z2YtbXFyNc4AA0Xn
Graylog server has partial path traversal vulnerability in Support Bundle featureEcosystems: maven
Packages: org.graylog2:graylog2-server
Source: GitHub Advisory Database
Blast Radius: 6.5
Published: 10 months ago
Low
Ecosystems: maven
Packages: org.graylog2:graylog2-server
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: 10 months ago
GSA_kwCzR0hTQS1nOTZjLXg3cmgtOTlyM84AA0Xm
Graylog vulnerable to insecure source port usage for DNS queriesEcosystems: maven
Packages: org.graylog2:graylog2-server
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: 10 months ago
Low
Ecosystems: maven
Packages: org.graylog2:graylog2-server
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: 10 months ago
GSA_kwCzR0hTQS0zZnFtLWZyaGctN2M4Nc4AA0Xl
Graylog user session is still usable after logoutEcosystems: maven
Packages: org.graylog2:graylog2-server
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: 10 months ago
Low
Ecosystems: go
Packages: code.gitea.io/gitea
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 10 months ago
GSA_kwCzR0hTQS1jZjZ2LTlqNTctdjZyNs4AA0Nx
code.gitea.io/gitea Open Redirect vulnerabilityEcosystems: go
Packages: code.gitea.io/gitea
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 10 months ago
Low
Ecosystems: go
Packages: github.com/cosmos/cosmos-sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS13NXc1LTI4ODItNDdwY84AA0KY
github.com/cosmos/cosmos-sdk's x/crisis does not charge ConstantFeeEcosystems: go
Packages: github.com/cosmos/cosmos-sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Low
Ecosystems: maven
Packages: org.keycloak:keycloak-server-spi-private, org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: 10 months ago
GSA_kwCzR0hTQS1mNWg0LXdtcDUteGhnNs4AA0KF
Client Spoofing within the Keycloak Device Authorisation GrantEcosystems: maven
Packages: org.keycloak:keycloak-server-spi-private, org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: 10 months ago
Low
Ecosystems: cargo
Packages: atty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS1nOTh2LWh2M2YtaGNmcs4AA0KD
atty potential unaligned readEcosystems: cargo
Packages: atty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Low
Ecosystems: go
Packages: go.temporal.io/server
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: 10 months ago
GSA_kwCzR0hTQS1nbTJnLTJ4cjktcHh4as4AA0J6
Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of ResourceEcosystems: go
Packages: go.temporal.io/server
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: 10 months ago
Low
Ecosystems: pypi
Packages: SafeURL-Python
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS0zNzN3LXJqODQtcHY2eM4AA0In
SafeURL-Python's hostname blocklist does not block FQDNsEcosystems: pypi
Packages: SafeURL-Python
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Low
Ecosystems: go
Packages: github.com/authzed/spicedb
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 10 months ago
GSA_kwCzR0hTQS1tNTRoLTV4NWYtNW02cs4AA0IM
SpiceDB's LookupResources may return partial resultsEcosystems: go
Packages: github.com/authzed/spicedb
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 10 months ago
Low
Ecosystems: rubygems
Packages: spina
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: 10 months ago
GSA_kwCzR0hTQS05N3doLTZobWotZzhqOc4AA0GL
Spina Cross-site Scripting vulnerabilityEcosystems: rubygems
Packages: spina
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: 10 months ago
Low
Ecosystems: packagist
Packages: admidio/admidio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS12bXhnLXd4NmMtNGYzcs4AA0CZ
Admidio Improper Access Control vulnerabilityEcosystems: packagist
Packages: admidio/admidio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: 11 months ago
GSA_kwCzR0hTQS0zZzdwLThxaHgtbWM4cs4AAz_2
Shescape potential environment variable exposure on Windows with CMDEcosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: 11 months ago
Low
Ecosystems: maven
Packages: com.vaadin:vaadin, com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 11 months ago
GSA_kwCzR0hTQS1jaDQ4LTlyM3EtcHY3eM4AAz_0
Vaadin vulnerable to possible information disclosure of class and method names in RPC responseEcosystems: maven
Packages: com.vaadin:vaadin, com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 11 months ago
Low
Ecosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 11 months ago
GSA_kwCzR0hTQS1qaHByLWo3Y3EtM2pwM84AAz_s
Flask-AppBuilder vulnerable to possible disclosure of sensitive information on user errorEcosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 11 months ago
Low
Ecosystems: npm
Packages: @apollo/server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS02OGpoLXJmNngtODM2Zs4AAz6F
@apollo/server vulnerable to unsafe application of Content Security Policy via reused noncesEcosystems: npm
Packages: @apollo/server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: 11 months ago
GSA_kwCzR0hTQS1yN3dyLTR3NXEtNTVtNs4AAz51
Cilium vulnerable to information leakage via incorrect ReferenceGrant handlingEcosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: 11 months ago
Low
Ecosystems: npm
Packages: fast-xml-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS1ncHY1LTd4M2ctZ2hqds4AAz4I
fast-xml-parser regex vulnerability patch could be improved from a safety perspectiveEcosystems: npm
Packages: fast-xml-parser
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: npm
Packages: @keystone-6/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS01ZnA2LTR4dzMteHFxM84AAzyU
@keystone-6/core's bundled cuid package known to be insecureEcosystems: npm
Packages: @keystone-6/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: cargo
Packages: git-url-parse
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS1xZmg5LThwNTctbWpqas4AAzx5
git-url-parse crate vulnerable to Regular Expression Denial of ServiceEcosystems: cargo
Packages: git-url-parse
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: maven
Packages: com.ruoyi:ruoyi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS1nM2hoLXE1NWYtOWczd84AAzvf
RuoYi Uncontrolled Resource Consumption vulnerabilityEcosystems: maven
Packages: com.ruoyi:ruoyi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Low
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 5.0
Published: 11 months ago
GSA_kwCzR0hTQS05OHB4LTY0ODYtajdxY84AAzr1
Synapse has URL deny list bypass via oEmbed and image URLs when generating previewsEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 5.0
Published: 11 months ago
Low
Ecosystems: cargo
Packages: buffered-reader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS0yOW1mLTYyeHgtMjhqcc4AAzpN
buffered-reader vulnerable to out-of-bounds array access leading to panicEcosystems: cargo
Packages: buffered-reader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: cargo
Packages: sequoia-openpgp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS0yNW14LThmM3YtOHdoN84AAzpM
sequoia-openpgp vulnerable to out-of-bounds array access leading to panicEcosystems: cargo
Packages: sequoia-openpgp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: go
Packages: github.com/cheqd/cheqd-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS03Yzk0LWd2dmotcjNtZ84AAzot
cheqd-node affected by Inter-blockchain Communication (IBC) protocol "Huckleberry" vulnerabilityEcosystems: go
Packages: github.com/cheqd/cheqd-node
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: pypi
Packages: cryptography
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS01Y3BxLTh3ajctaGYyds4AAzmB
Vulnerable OpenSSL included in cryptography wheelsEcosystems: pypi
Packages: cryptography
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: go
Packages: github.com/cosmos/cosmos-sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS1xZmM1LTZyM2otamoyMs4AAzmA
Go package github.com/cosmos/cosmos-sdk module x/crisis does NOT cause chain haltEcosystems: go
Packages: github.com/cosmos/cosmos-sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Low
Ecosystems: go
Packages: github.com/lima-vm/lima
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: 11 months ago
GSA_kwCzR0hTQS1mN3F3LWpqOWMtcnBxOc4AAzkQ
In Lima, a malicious disk image could read a single file on the host filesystem as a qcow2/vmdk backing fileEcosystems: go
Packages: github.com/lima-vm/lima
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: 11 months ago
Low
Ecosystems: pypi
Packages: mindspore
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 11 months ago
GSA_kwCzR0hTQS14NjdnLTQ3cDMtcmM3Zs4AAzg9
MindSpore vulnerable to memory corruptionEcosystems: pypi
Packages: mindspore
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 11 months ago
Low
Ecosystems: packagist
Packages: craftcms/cms
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: 11 months ago
GSA_kwCzR0hTQS0zd3hnLXc5NmotOGhxOc4AAzex
CraftCMS stored XSS in Quick Post widget error messageEcosystems: packagist
Packages: craftcms/cms
Source: GitHub Advisory Database
Blast Radius: 12.7
Published: 11 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 12 months ago
GSA_kwCzR0hTQS12eG1tLWN3aDItcTc2Ms4AAzbG
Vyper's nonpayable default functions are sometimes payableEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 12 months ago
Low
Ecosystems: pypi
Packages: starlette
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 12 months ago
GSA_kwCzR0hTQS12NWd3LW13N2YtODRweM4AAzXu
Starlette has Path Traversal vulnerability in StaticFilesEcosystems: pypi
Packages: starlette
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 12 months ago
Low
Ecosystems: maven
Packages: io.jenkins.plugins:cavisson-ns-nd-integration
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 months ago
GSA_kwCzR0hTQS1ncXhyLWh2cnctNmhmaM4AAzWv
Jenkins NS-ND Integration Performance Publisher Plugin displays credentials without maskingEcosystems: maven
Packages: io.jenkins.plugins:cavisson-ns-nd-integration
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 months ago
Low
Ecosystems: go
Packages: github.com/etcd-io/etcd
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 12 months ago
GSA_kwCzR0hTQS0zcDRnLXJjdzUtODI5OM4AAzUC
etcd Key name can be accessed via LeaseTimeToLive APIEcosystems: go
Packages: github.com/etcd-io/etcd
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 12 months ago
Low
Ecosystems: swift
Packages: github.com/vapor/postgres-nio
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: 12 months ago
GSA_kwCzR0hTQS05Y2ZoLXZ4OTMtODR2ds4AAzRE
PostgresNIO processes unencrypted bytes from man-in-the-middleEcosystems: swift
Packages: github.com/vapor/postgres-nio
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: 12 months ago
Low
Ecosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
GSA_kwCzR0hTQS1xbXF3LXI0eDYtM3cycc4AAzLF
Answer Missing Authorization vulnerabilityEcosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
Low
Ecosystems: go
Packages: github.com/mutagen-io/mutagen, github.com/mutagen-io/mutagen-compose
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 1 year ago
GSA_kwCzR0hTQS1qbXAyLXdjNHAtd2ZoMs4AAzGL
Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpointsEcosystems: go
Packages: github.com/mutagen-io/mutagen, github.com/mutagen-io/mutagen-compose
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 1 year ago
Low
Ecosystems: go
Packages: github.com/mutagen-io/mutagen
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 1 year ago
GSA_kwCzR0hTQS1md2o0LTcyZm0tYzkzZ84AAzGI
Under-validated ComSpec and cmd.exe resolution in Mutagen projectsEcosystems: go
Packages: github.com/mutagen-io/mutagen
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 1 year ago
Low
Ecosystems: npm
Packages: @aedart/support
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS13d3hoLTc0ZngtMzNjNs4AAzCl
Possible prototype pollution in metadata record, when using meta decoratorEcosystems: npm
Packages: @aedart/support
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: rubygems
Packages: audited
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 1 year ago
GSA_kwCzR0hTQS1oanAzLTVnMnEtN2p3d84AAzCk
Race Condition leading to logging errorsEcosystems: rubygems
Packages: audited
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 1 year ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: about 1 year ago
GSA_kwCzR0hTQS1mZ3hqLWc3eDMtODVjcc4AAzA6
Stored cross site scripting in RSS displayerEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: about 1 year ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
GSA_kwCzR0hTQS00NzRmLW1janYtcGdybc4AAzA4
Concrete CMS (previously concrete5) is vulnerable to stored XSS in uploaded file and folder namesEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
Low
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 1 year ago
GSA_kwCzR0hTQS1jaDg5LTVnNDUtcXdjN84AAy_z
Undefined Behavior in Rust runtime functionsEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 1 year ago
Low
Ecosystems: go
Packages: github.com/ory/oathkeeper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS13OW1yLTI4bXctajhoZ84AAy-4
Hop-by-hop abuse to malform header mutatorEcosystems: go
Packages: github.com/ory/oathkeeper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: rubygems
Packages: kitchen-terraform
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: about 1 year ago
GSA_kwCzR0hTQS02NWcyLXg1M3EtY21mNs4AAy9A
Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-TerraformEcosystems: rubygems
Packages: kitchen-terraform
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: kiwitcms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS03eDZxLTN2M20tY3dqZ84AAy8N
kiwi TCMS has possibility for user to update email address to unverified oneEcosystems: pypi
Packages: kiwitcms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: npm
Packages: eslint-detailed-reporter
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: about 1 year ago
GSA_kwCzR0hTQS00eHI0LTg5bTUtNDZjN84AAy4z
eslint-detailed-reporter vulnerable to cross-site scriptingEcosystems: npm
Packages: eslint-detailed-reporter
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: about 1 year ago
Low
Ecosystems: packagist
Packages: azuracast/azuracast
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1xNTVjLWhtcGYtNmgyZ84AAy4x
AzuraCast/AzuraCast vulnerable to cross-site scriptingEcosystems: packagist
Packages: azuracast/azuracast
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 1 year ago
GSA_kwCzR0hTQS1wMjZnLTk3bTQtNnE3Y84AAy3M
Eclipse Jetty's cookie parsing of quoted values can exfiltrate values from other cookiesEcosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS12dnA3LXI0MjItcng4M84AAyu5
Unauthenticated user can have information about hidden users on subwikis through uorgsuggest.vmEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:wso2id-oauth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1xOWhtLWhyODktaGdtN84AAyuh
Jenkins WSO2 Oauth Plugin does not mask the WSO2 Oauth client secret on the global configuration formEcosystems: maven
Packages: org.jenkins-ci.plugins:wso2id-oauth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:wso2id-oauth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1nNDcyLWY4Y20tOHg1Zs4AAyuN
Jenkins WSO2 Oauth Plugin stores WSO2 Oauth client secret unencrypted in global config.xml file on Jenkins controllerEcosystems: maven
Packages: org.jenkins-ci.plugins:wso2id-oauth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: rubygems
Packages: govuk_tech_docs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS14Mnh3LWh3OGctNjc3M84AAyrS
govuk_tech_docs vulnerable to unescaped HTML on search results pageEcosystems: rubygems
Packages: govuk_tech_docs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: configobj
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: about 1 year ago
GSA_kwCzR0hTQS1jMzN3LTI0cDktOG0yNM4AAygl
configobj ReDoS exploitable by developer using values in a server-side configuration fileEcosystems: pypi
Packages: configobj
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: about 1 year ago
Low
Ecosystems: go
Packages: github.com/opencontainers/runc
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: about 1 year ago
GSA_kwCzR0hTQS1tOGNnLXhjMnAtcjNmY84AAydr
rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runcEcosystems: go
Packages: github.com/opencontainers/runc
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: redis
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: about 1 year ago
GSA_kwCzR0hTQS0yNHd2LW12NW0teHY0aM4AAyUq
redis-py Race Condition vulnerabilityEcosystems: pypi
Packages: redis
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: about 1 year ago
GSA_kwCzR0hTQS13cDcyLTdoajktNTI2Nc4AAyUI
Remote file existence check vulnerability in `mlflow server` and `mlflow ui` CLIsEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: about 1 year ago
Low
Ecosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1oMndnLTgzZmMteHZtOc4AAyMw
Answer vulnerable to Business Logic ErrorsEcosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1jNnFnLWNqajgtNDdxcM4AAyIq
Possible Denial of Service Vulnerability in Rack's header parsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel, ezsystems/ezplatform-kernel
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: about 1 year ago
GSA_kwCzR0hTQS02Nm00LWdjOGgtaHBqeM4AAyDt
Timing attack in eZ Platform IbexaEcosystems: packagist
Packages: ezsystems/ezpublish-kernel, ezsystems/ezplatform-kernel
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1ycmdwLWMydzgtNnZnNs4AAyCG
Information disclosure through error stack traces related to agentsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS01ODRtLTdyNG0tOGo2ds4AAyCI
Incorrect Authorization in Jenkins CoreEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 1 year ago
GSA_kwCzR0hTQS14bTY3LTU4N3EtcjJ2d84AAyAX
wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 1 year ago
Low
Ecosystems: actions
Packages: Azure/setup-kubectl
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wNzU2LXJmeGgteDYzaM4AAx-a
Azure/setup-kubectl: Escalation of privilege vulnerability for v3 and lowerEcosystems: actions
Packages: Azure/setup-kubectl
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: about 1 year ago
GSA_kwCzR0hTQS01Z3A1LXZ4ajYtNDI1N84AAx9T
OpenStack Glance Inclusion of Functionality from Untrusted Control Sphere vulnerabilityEcosystems: pypi
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: saleor
Source: GitHub Advisory Database
Blast Radius: 1.1
Published: about 1 year ago
GSA_kwCzR0hTQS0zaHZqLTNjZzktdjI0Ms4AAx6e
Saleor Unauthenticated Information Disclosure Vulnerability via Python ExceptionsEcosystems: pypi
Packages: saleor
Source: GitHub Advisory Database
Blast Radius: 1.1
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: lemur
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS01ZnF2LW1wajgtaDdnbc4AAx5N
Lemur subject to insecure random generationEcosystems: pypi
Packages: lemur
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: npm
Packages: @zowe/imperative
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 1 year ago
GSA_kwCzR0hTQS02cThtLTQycXEtNjRyN84AAx4s
Imperative CLI vulnerable to Command InjectionEcosystems: npm
Packages: @zowe/imperative
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 1 year ago
Low
Ecosystems: maven
Packages: io.quarkus.resteasy.reactive:resteasy-reactive-common
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 1 year ago
GSA_kwCzR0hTQS1qNzVyLXZmNjQtNnJyaM4AAxzY
RestEasy Reactive implementation of Quarkus allows Creation of Temporary File With Insecure PermissionsEcosystems: maven
Packages: io.quarkus.resteasy.reactive:resteasy-reactive-common
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 1 year ago
Low
Ecosystems: cargo
Packages: remove_dir_all
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1tYzhoLThxOTgtZzVocs4AAxzW
Race Condition Enabling Link Following and Time-of-check Time-of-use (TOCTOU) Race Condition in remove_dir_allEcosystems: cargo
Packages: remove_dir_all
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:synopsys-coverity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1weDZ2LTZqaGYtajQ2cs4AAxqD
CSRF vulnerability in Synopsys Jenkins Coverity PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:synopsys-coverity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: Werkzeug
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: about 1 year ago
GSA_kwCzR0hTQS1weDhoLTZxeHYtbTIycc4AAxpo
Incorrect parsing of nameless cookies leads to __Host- cookies bypassEcosystems: pypi
Packages: Werkzeug
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: about 1 year ago
Low
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wMmdtLWZmcjMtdzJ4d84AAxfS
Nervos CKB vulnerable to low-resource flood DDoS attacks through network messageEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1mamo0LTJxNzMtanZnY84AAxfR
Nervos CKB calculation of program load cycles may be missed when executing in resume modeEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: go
Packages: go.etcd.io/etcd
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wNGc0LXdncmgtcXJnMs4AAxeb
Panic due to malformed WALs in go.etcd.io/etcdEcosystems: go
Packages: go.etcd.io/etcd
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: about 1 year ago
Low
Ecosystems: cargo
Packages: tokio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS00cTgzLTdjcTQtcDZ3Z84AAxat
`tokio::io::ReadHalf<T>::unsplit` is UnsoundEcosystems: cargo
Packages: tokio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: over 1 year ago
GSA_kwCzR0hTQS01OXFnLTkzamctMjM2Zs4AAxG7
Shopware has Insufficient Session Expiration in AdministrationEcosystems: packagist
Packages: shopware/core, shopware/platform
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: over 1 year ago
Low
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: over 1 year ago
GSA_kwCzR0hTQS03Y3A3LWpmcDYtamg0Zs4AAxFz
Shopware's log module vulnerable to Improper Output NeutralizationEcosystems: packagist
Packages: shopware/core, shopware/platform
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: over 1 year ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS05M3BtLTVwNWYtM2doeM4AAxD0
Denial of Service Vulnerability in Rack Content-Disposition parsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wODR2LTQ1eGotd3dxas4AAxDz
ReDoS based DoS vulnerability in Action DispatchEcosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qNmdjLTc5Mm0tcWdtMs4AAxDy
ReDoS based DoS vulnerability in Active Support's underscoreEcosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Statistics
Advisories: 18,369
Packages: 8,294
Repositories: 438
Ecosystems: 12
Packages: 8,294
Repositories: 438
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
109
tensorflow-cpu
93
tensorflow-gpu
93
moodle/moodle
17
concrete5/concrete5
13
shopware/platform
12
typo3/cms
11
shopware/core
10
github.com/mattermost/mattermost/server/v8
10
phpmyadmin/phpmyadmin
10
org.jenkins-ci.main:jenkins-core
9
org.apache.tomcat:tomcat
9
matrix-synapse
7
vyper
7
Umbraco.CMS
6
puppet
6
helm.sh/helm/v3
5
october/backend
5
k8s.io/kubernetes
5
baserproject/basercms
5
ansible
5
wasmtime
5
sweetalert2
5
undici
5
rack
5
helm.sh/helm
4
com.vaadin:flow-server
4
github.com/cilium/cilium
4
org.keycloak:keycloak-services
4
actionpack
4
electron
4
magento/community-edition
4
typo3/cms-core
4
simplesamlphp/simplesamlphp
4
github.com/mattermost/mattermost-server/v6
4
shopware/shopware
4
@openzeppelin/contracts-upgradeable
3
org.apache.hive:hive-exec
3
org.apache.hive:hive-service
3
org.graylog2:graylog2-server
3
passenger
3
httplib2
3
bin-links
3
org.apache.hive:hive
3
wagtail
3
nautobot
3
plone
3
ckb
3
symfony/symfony
3
github.com/cosmos/cosmos-sdk
3
go.etcd.io/etcd
3
github.com/mattermost/mattermost-server
3
ethyca-fides
3
cryptography
3
node-forge
3
com.vaadin:vaadin-bom
3
org.jenkins-ci.plugins:ec2
2
pip
2
gilacms/gila
2
github.com/sigstore/cosign
2
typo3/cms-frontend
2
com.inedo.proget:inedo-proget
2
craftcms/cms
2
org.apache.activemq:activemq-parent
2
ceph-deploy
2
@apollo/server
2
salt
2
tools.devnull:build-notifications
2
@openzeppelin/contracts
2
github.com/opencontainers/runc
2
Django
2
silverstripe/framework
2
github.com/answerdev/answer
2
org.jenkins-ci.plugins:azure-ad
2
moin
2
org.jenkins-ci.plugins:bigpanda-jenkins
2
node-ipc
2
next-auth
2
github.com/authzed/spicedb
2
winter/wn-backend-module
2
braces
2
Flask-Security-Too
2
Pillow
2
tuf
2
django
2
org.eclipse.jetty:jetty-server
2
grumpydictator/firefly-iii
2
aiohttp
2
github.com/ntbosscher/gobase
2
typo3/cms-install
2
github.com/mutagen-io/mutagen
2
parse-server
2
org.jenkins-ci.plugins:wso2id-oauth
2
symfony/security-http
2
org.xwiki.platform:xwiki-platform-oldcore
2
go.etcd.io/etcd/client/v3
2
october/cms
2
activesupport
2
Flask-AppBuilder
2
org.jenkins-ci.plugins:repository-connector
2
s2n-quic
2
langchain
2
cargo
2
com.ruoyi:ruoyi
2
github.com/cometbft/cometbft
2
sylius/sylius
2
org.bouncycastle:bcprov-jdk14
2
org.jenkins-ci.plugins:mercurial
2
Zope
2
microweber/microweber
2
github.com/hashicorp/nomad
2
org.jenkins-ci.plugins:artifactory
2
OctoPrint
2
vantage6
2
ezsystems/ezplatform-kernel
2
ezsystems/ezpublish-kernel
2
flarum/core
2
github.com/mattermost/mattermost-plugin-jira
2
org.scala-sbt:io_2.12
1
org.scala-sbt:io_2.13
1
hyper
1
org.scala-sbt:io_3
1
org.jenkins-ci.plugins:snsnotify
1
io.swagger:swagger-codegen
1
org.xwiki.platform:xwiki-platform-security-authentication-script
1
io.quarkus.resteasy.reactive:resteasy-reactive-common
1
es5-ext
1
com.github.tomakehurst:wiremock-jre8
1
com.github.tomakehurst:wiremock-jre8-standalone
1
wiremock
1
github.com/nats-io/nats-server/v2
1
github.com/oauth2-proxy/oauth2-proxy/v7
1
github.com/oauth2-proxy/oauth2-proxy
1
org.wiremock:wiremock
1
horizon
1
org.wiremock:wiremock-standalone
1
@diez/generation
1
org.jenkins-ci.plugins:openshift-deployer
1
org.keycloak:keycloak-core
1
rabbit_common
1
@liquity/contracts
1
github.com/Masterminds/goutils
1
org.scala-sbt:sbt
1
io.jenkins.plugins:tuleap-oauth
1
net.sf.mpxj:mpxj
1
net.sf.mpxj
1
net.sf.mpxj-for-csharp
1
net.sf.mpxj-for-vb
1
mpxj
1
keylime
1
zerocopy
1
francoisjacquet/rosariosis
1
RPLY
1
seneca
1
hooka-tools
1
github.com/canonical/lxd
1
njwt
1
ascii-art
1
merge-objects
1
bigint-money
1
put
1
org.springframework.batch:spring-batch-core
1
org.jenkins-ci.plugins:ghprb
1
com.xuxueli:xxl-job-core
1
virtualenv
1
com.typesafe.play:play
1
ember-source
1
@aedart/support
1
streamlit
1
org.jenkins-ci.plugins:reverse-proxy-auth-plugin
1
flarum/framework
1
Werkzeug
1
django-basic-auth-ip-whitelist
1
qutebrowser
1
automad/automad
1
mindspore
1
go.elastic.co/apm
1
kafo
1
firebase-tools
1
plone.restapi
1
datasette-graphql
1
org.keycloak:keycloak-server-spi-private
1
spina
1
admidio/admidio
1
phpmyfaq/phpmyfaq
1
solidus_backend
1
debug
1
org.keycloak:keycloak-parent
1
org.xmlunit:xmlunit-core
1
github.com/consensys/gnark-crypto
1
github.com/tendermint/tendermint
1
github.com/aws/aws-sdk-go
1
github.com/goharbor/harbor
1
croogo/croogo
1
@floffah/build
1
ajenti
1
apostrophe
1
org.eclipse.jetty:jetty-openid
1
type-graphql
1
org.bouncycastle:bcprov-jdk18on
1
Filter by Repository
https://github.com/tensorflow/tensorflow
109
https://github.com/moodle/moodle
17
https://github.com/concretecms/concretecms
13
https://github.com/shopware/platform
12
https://github.com/etcd-io/etcd
8
https://github.com/umbraco/Umbraco-CMS
7
https://github.com/matrix-org/synapse
7
https://github.com/phpmyadmin/phpmyadmin
7
https://github.com/eclipse/jetty.project
7
https://github.com/vyperlang/vyper
7
https://github.com/octobercms/october
7
https://github.com/rails/rails
6
https://github.com/helm/helm
5
https://github.com/nodejs/undici
5
https://github.com/kubernetes/kubernetes
5
https://github.com/keycloak/keycloak
5
https://github.com/bytecodealliance/wasmtime
5
https://github.com/baserproject/basercms
5
https://github.com/ansible/ansible
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/xwiki/xwiki-platform
5
https://github.com/puppetlabs/puppet
5
https://github.com/rack/rack
5
https://github.com/jenkinsci/jenkins
5
https://github.com/cilium/cilium
4
https://github.com/electron/electron
4
https://github.com/simplesamlphp/simplesamlphp
4
https://github.com/TYPO3/typo3
4
https://github.com/apache/tomcat
4
https://github.com/wintercms/winter
4
https://github.com/mattermost/mattermost
4
https://github.com/vaadin/platform
4
https://github.com/shopware/shopware
4
https://github.com/nautobot/nautobot
3
https://github.com/Graylog2/graylog2-server
3
https://github.com/vaadin/flow
3
https://github.com/CVEProject/cvelist
3
https://github.com/pyca/cryptography
3
https://github.com/httplib2/httplib2
3
https://github.com/ethyca/fides
3
https://github.com/django/django
3
https://github.com/phusion/passenger
3
https://github.com/cosmos/cosmos-sdk
3
https://github.com/vantage6/vantage6
3
https://github.com/wagtail/wagtail
3
https://github.com/digitalbazaar/forge
3
https://github.com/symfony/symfony
3
https://github.com/nervosnetwork/ckb
3
https://github.com/mattermost/mattermost-plugin-jira
2
https://github.com/zopefoundation/Zope
2
https://github.com/craftcms/cms
2
https://github.com/ezsystems/ezplatform-kernel
2
https://github.com/jenkinsci/ec2-plugin
2
https://github.com/hashicorp/nomad
2
https://github.com/Flask-Middleware/flask-security
2
https://github.com/saltstack/salt
2
https://github.com/nextauthjs/next-auth
2
https://github.com/apollographql/apollo-server
2
https://github.com/apache/activemq
2
https://gitlab.com/sequoia-pgp/sequoia
2
https://github.com/rust-lang/cargo
2
https://github.com/flarum/framework
2
https://github.com/opencontainers/runc
2
https://github.com/opencontainers/distribution-spec
2
https://github.com/ntbosscher/gobase
2
https://github.com/ceph/ceph-deploy
2
https://github.com/RIAEvangelist/node-ipc
2
https://github.com/cometbft/cometbft
2
https://github.com/openstack/keystone
2
https://github.com/Sylius/Sylius
2
https://github.com/TYPO3/TYPO3.CMS
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/GilaCMS/gila
2
https://github.com/quarkusio/quarkus
2
https://github.com/mutagen-io/mutagen
2
https://github.com/answerdev/answer
2
https://github.com/aio-libs/aiohttp
2
https://github.com/authzed/spicedb
2
https://github.com/dpgaspar/Flask-AppBuilder
2
https://github.com/parse-community/parse-server
2
https://github.com/aws/s2n-quic
2
https://github.com/octoprint/octoprint
2
https://github.com/sigstore/cosign
2
https://github.com/microweber/microweber
2
https://github.com/theupdateframework/python-tuf
2
https://github.com/pypa/pip
2
https://github.com/micromatch/braces
2
https://github.com/firefly-iii/firefly-iii
2
https://github.com/Consensys/gnark-crypto
1
https://github.com/rrrodzilla/rusty_paseto
1
https://github.com/httpie/httpie
1
https://github.com/waysact/webpack-subresource-integrity
1
https://github.com/keystonejs/keystone
1
https://github.com/contao/contao
1
https://github.com/statamic/cms
1
https://github.com/aws/aws-encryption-sdk-cli
1
https://github.com/plone/Products.CMFPlone
1
https://github.com/jenkinsci/mercurial-plugin
1
https://github.com/canonical/lxd
1
https://github.com/fluent/fluentd
1
https://github.com/aws/aws-sdk-go
1
https://github.com/google/zerocopy
1
https://github.com/ezsystems/ezpublish-kernel
1
https://github.com/tinymce/tinymce
1
https://github.com/NVIDIA/NeMo
1
https://github.com/vapor/postgres-nio
1
https://github.com/jquery-validation/jquery-validation
1
https://github.com/personnummer/java
1
https://github.com/gsemac/Gsemac.Common
1
https://github.com/parallaxsecond/parsec
1
https://github.com/karmada-io/karmada
1
https://github.com/python-pillow/Pillow
1
https://github.com/bcgit/bc-java
1
https://github.com/tokio-rs/tokio
1
https://github.com/senchalabs/connect
1
https://github.com/personnummer/js
1
https://github.com/erelsgl/limdu
1
https://github.com/sbt/sbt
1
https://github.com/personnummer/rust
1
https://github.com/jenkinsci/snsnotify-plugin
1
https://github.com/jenkinsci/credentials-binding-plugin
1
https://github.com/apache/storm
1
https://github.com/personnummer/python
1
https://github.com/authelia/authelia
1
https://github.com/rest-client/rest-client
1
https://github.com/IlicMiljan/Secure-Props
1
https://github.com/jenkinsci/backlog-plugin
1
https://github.com/PHPMailer/PHPMailer
1
https://github.com/personnummer/csharp
1
https://github.com/silverstripe/silverstripe-framework
1
https://github.com/openjdk/jfx
1
https://github.com/livehelperchat/livehelperchat
1
https://github.com/CosmWasm/cosmwasm
1
https://github.com/cjvnjde/google-translate-api-browser
1
https://github.com/actions/toolkit
1
https://github.com/zowe/imperative
1
https://github.com/ESAPI/esapi-java-legacy
1
https://github.com/jenkinsci/digitalocean-plugin
1
https://github.com/theupdateframework/go-tuf
1
https://github.com/croogo/croogo
1
https://github.com/moov-io/customers
1
https://github.com/ain/smartbanner.js
1
https://github.com/derbyjs/derby
1
https://github.com/puma/puma
1
https://github.com/endojs/endo
1
https://github.com/moq/moq
1
https://github.com/rails/globalid
1
https://github.com/medikoo/es5-ext
1
https://github.com/wiremock/wiremock
1
https://github.com/jenkinsci/email-ext-plugin
1
https://github.com/python-imaging/Pillow
1
https://github.com/jenkinsci/qmetry-for-jira-test-management-plugin
1
https://github.com/Azure/setup-kubectl
1
https://github.com/swagger-api/swagger-codegen
1
https://github.com/knative-extensions/eventing-github
1
https://github.com/dojo/dijit
1
https://github.com/jcubic/jquery.terminal
1
https://github.com/joeferner/redis-commander
1
https://github.com/fastify/fastify-http-proxy
1
https://github.com/brefphp/bref
1
https://github.com/electron-userland/electron-packager
1
https://github.com/ktorio/ktor
1
https://github.com/PrestaShop/productcomments
1
https://github.com/mlflow/mlflow
1
https://github.com/kopia/kopia
1
https://github.com/floriangaerber/Magnesium-PHP
1
https://github.com/lexik/LexikJWTAuthenticationBundle
1
https://github.com/kitabisa/teler
1
https://github.com/firebase/firebase-tools
1
https://github.com/jeremylong/DependencyCheck
1
https://github.com/tauri-apps/tauri
1
https://github.com/node-red/node-red
1
https://github.com/ubernostrum/django-registration
1
https://github.com/oauth2-proxy/oauth2-proxy
1
https://github.com/octokit/octokit.rb
1
https://github.com/jenkinsci/inedo-buildmaster-plugin
1
https://github.com/onionshare/onionshare
1
https://github.com/sparklemotion/sqlite3-ruby
1
https://github.com/memorysafety/sudo-rs
1
https://github.com/ericcornelissen/shescape
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/aws/aws-dynamodb-encryption-java
1
https://github.com/tailscale/tailscale
1
https://github.com/Nebulosus/shamir
1
https://github.com/RhinoSecurityLabs/CVEs
1
https://github.com/jenkinsci/support-core-plugin
1
https://github.com/ajenti/ajenti
1
https://github.com/xuxueli/xxl-job
1
https://github.com/yourls/yourls
1
https://github.com/bbatsov/rubocop
1
https://github.com/dan1hc/fgr
1
https://github.com/slsa-framework/slsa-verifier
1
https://github.com/jenkinsci/github-plugin
1
https://github.com/newcontext-oss/kitchen-terraform
1
https://github.com/kiwitcms/Kiwi
1
https://github.com/horazont/xmpp-http-upload
1
https://github.com/jenkinsci/git-client-plugin
1
https://github.com/personnummer/go
1
https://github.com/amundsen-io/amundsenfrontendlibrary
1