Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
High Security Advisories
Loading...
High
Ecosystems: go
Packages: github.com/foxcpp/maddy
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 2 years ago
GSA_kwCzR0hTQS1tNm01LXBwNGctZmNjOM0WNA
S3 storage write is not aborted on errors leading to unbounded memory usageEcosystems: go
Packages: github.com/foxcpp/maddy
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 2 years ago
High
Ecosystems: npm
Packages: earlybird
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwd2YtNGZ4NS1jcnFx
Directory Traversal in earlybirdEcosystems: npm
Packages: earlybird
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 3 years ago
High
Ecosystems: maven
Packages: io.hawt:project
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 2 years ago
GSA_kwCzR0hTQS05Zzh3LXBqcHItcHJyNM4AARcn
Path Traversal in io.hawt:projectEcosystems: maven
Packages: io.hawt:project
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 2 years ago
High
Ecosystems: packagist
Packages: icecoder/icecoder
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
GSA_kwCzR0hTQS1mdmY1LXhwODMtdnJxcM4AAu_6
ICEcoder vulnerable to Path TraversalEcosystems: packagist
Packages: icecoder/icecoder
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 1 year ago
High
Ecosystems: pypi
Packages: tripleo-heat-templates
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 2 years ago
GSA_kwCzR0hTQS04OTM2LTQ0Z3ctNzY2NM4AAdXr
TripleO Heat templates might allow remote attackers to obtain sensitive information from private containersEcosystems: pypi
Packages: tripleo-heat-templates
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 2 years ago
High
Ecosystems: go
Packages: github.com/weaveworks/weave-gitops
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: over 1 year ago
GSA_kwCzR0hTQS04OXFtLXdjbXctM21nZ84AAw0u
Gitops Run insecure communicationEcosystems: go
Packages: github.com/weaveworks/weave-gitops
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/matrix-org/dendrite
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: over 1 year ago
GSA_kwCzR0hTQS1wZnc0LXhqZ20tMjY3Y84AAuzz
Dendrite signature checks not applied to some retrieved missing eventsEcosystems: go
Packages: github.com/matrix-org/dendrite
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: over 1 year ago
High
Ecosystems: npm
Packages: killing
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNxNzctOGpweC04OTJn
Command Injection in killingEcosystems: npm
Packages: killing
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: about 3 years ago
High
Ecosystems: npm
Packages: psnode
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW04Zm0tbXY1dy0zM3B2
Command Injection in psnodeEcosystems: npm
Packages: psnode
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: about 3 years ago
High
Ecosystems: npm
Packages: calipso
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp4Y2MtZzc1eC1xZ3c5
Calipso Arbitrary File Write via Archive Extraction (Zip Slip)Ecosystems: npm
Packages: calipso
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: almost 3 years ago
High
Ecosystems: maven
Packages: org.craftercms:craftercms
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: over 1 year ago
GSA_kwCzR0hTQS1qNngzLTNqcXEtbTkyMs4AAuww
CrafterCMS OS Command Injection vulnerabilityEcosystems: maven
Packages: org.craftercms:craftercms
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: over 1 year ago
High
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: 23 days ago
GSA_kwCzR0hTQS1qaDU3LWozdnEtaDQzOM4AA7PQ
LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extractionEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: 23 days ago
High
Ecosystems: go
Packages: github.com/containers/podman
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1yaDVmLTJ3NnItcTd2as4AAhfW
Podman Path Traversal Vulnerability leads to arbitrary file read/writeEcosystems: go
Packages: github.com/containers/podman
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.activemq:artemis-pom
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: about 2 years ago
GSA_kwCzR0hTQS1yOXZ2LXhqNHctZzhtOM3zOw
Apache ActiveMQ Artemis RCE Via Deserialization Gadget ChainEcosystems: maven
Packages: org.apache.activemq:artemis-pom
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyamYtbXhmbS05OGg1
SQL injection vulnerability in the policy admin tool in Apache RangerEcosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: over 5 years ago
High
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: about 2 years ago
GSA_kwCzR0hTQS1wcGZtLXJqNnAtMzhxNs0sYw
Improper Authorization in librenmsEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: about 2 years ago
High
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: 23 days ago
GSA_kwCzR0hTQS03Mm05LTdjOHgtcG1td84AA7PP
LibreNMS uses Improper Sanitization on Service template name leads to Stored XSSEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: 23 days ago
High
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: about 2 years ago
GSA_kwCzR0hTQS0zM3dmLTRjcm0tMjMyMs0sag
Improper Access Control in librenmsEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: about 2 years ago
High
Ecosystems: npm, rubygems
Packages: @turbo-boost/commands, turbo_boost-commands
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: 2 months ago
GSA_kwCzR0hTQS1tcDc2LTd3NXYtcHI3Nc4AA6CN
TurboBoost Commands vulnerable to arbitrary method invocationEcosystems: npm, rubygems
Packages: @turbo-boost/commands, turbo_boost-commands
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: 2 months ago
High
Ecosystems: cargo
Packages: bottlerocket/update-operator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xZjg3LXE0Z2ctY2c0M84AAxgj
bottlerocket dependency openssl is vulnerable to dereferenced null pointersEcosystems: cargo
Packages: bottlerocket/update-operator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:perfpublisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1xZ203LW03N2YtajhwZs4AAygA
Jenkins Performance Publisher Plugin vulnerable to XML external entity (XXE) attacksEcosystems: maven
Packages: org.jenkins-ci.plugins:perfpublisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
Ecosystems: nuget
Packages: elFinder.AspNet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqeHYtdzNxai1qOG0z
Directory Traversal in elFinder.AspNetEcosystems: nuget
Packages: elFinder.AspNet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: packagist
Packages: cockpit-hq/cockpit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS1mZjQ1LTJqcDktNjlqY84AA1Y1
Cockpit Cross-site Scripting vulnerabilityEcosystems: packagist
Packages: cockpit-hq/cockpit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
High
Ecosystems: maven
Packages: org.vivoweb:vitro-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1oZ3E5LXE4ZzItM2ptZ84AAQKq
Command Injection in VIVO VitroEcosystems: maven
Packages: org.vivoweb:vitro-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:oken-macro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1nNmgyLTR4NjQtYzU5eM4AAg9r
Improper Restriction of XML External Entity Reference Jenkins Token Macro PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:oken-macro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: pterodactyl/panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS01dmZ4LTh3Nm0taDN2NM0WHA
Pterodactyl Panel vulnerable to authentication bypass due to improper user-provided security token verificationEcosystems: packagist
Packages: pterodactyl/panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZjYzYtNjZmNS1teGpq
Out-of-bounds write in ChakraCoreEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1mbXYyLWp2M3AtNnc0N84AAQA9
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: packagist
Packages: zoujingli/thinkadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jeHY3LTZqZ2YtN2d3Zs4AAntT
ThinkAdmin Admin Panel Access using Default CredentialsEcosystems: packagist
Packages: zoujingli/thinkadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wN3FxLXJydncteDU1eM4AAxzp
Froxlor Cross-Site Request Forgery vulnerabilityEcosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1tamcyLTMyNnEtNDlmOc4AAQA2
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ssh
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03aDJqLWg1eHAtaDNnaM4AAgZC
Missing Authorization in Jenkins SSH pluginEcosystems: maven
Packages: org.jenkins-ci.plugins:ssh
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1ycGZnLXhmODgtY3E1cs4AAQE-
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS0ybW1jLTVwaGotNHdqas4AAQFB
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: pypi
Packages: onionshare-cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1jaDIyLXgydjMtdjZ2cc0kdg
OTF-001: Improper Input Sanitation: The path parameter of the requested URL is not sanitized before being passed to the QT frontendEcosystems: pypi
Packages: onionshare-cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS02dzV3LXd4OHctMmNxOc4AAwpK
usememos/memos Improper Access Control vulnerabilityEcosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: maven
Packages: com.amazonaws:codedeploy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1oNjZwLW03NjYtMzNmds4AASkc
AWS CodeDeploy Plugin stored AWS Secret Key in plain textEcosystems: maven
Packages: com.amazonaws:codedeploy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:mailer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS02ZzU3LWgzOGMtcTUyZ84AAUF0
Cross-Site Request Forgery in Jenkins Mailer PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:mailer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 14 days ago
GSA_kwCzR0hTQS03Z3J4LWY5NDUtbWo5Ns4AA7cr
Uptime Kuma vulnerable to authenticated remote code execution via malicious plugin installationEcosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 14 days ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS0yNTg5LXIyNngtbWg4cM4AAQAn
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS12OWpnLW02ZzUtaDNoaM4AAVaY
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/zhaojh329/rttys
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS01NHE0LTc0cDMtbWdjd84AAxqd
rttys SQL Injection vulnerabilityEcosystems: go
Packages: github.com/zhaojh329/rttys
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
Ecosystems: go
Packages: github.com/IBAX-io/go-ibax
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1mY2dmLWo4Y2YtaDJybc4AAvoS
IBAX go-ibax vulnerable to SQL injectionEcosystems: go
Packages: github.com/IBAX-io/go-ibax
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: go
Packages: github.com/IBAX-io/go-ibax
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1yd2NmLWdxMjItcGg4M84AAvoH
IBAX go-ibax vulnerable to SQL injectionEcosystems: go
Packages: github.com/IBAX-io/go-ibax
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:vault-scm-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qcm1mLXhocjYtMzQyOM4AAiOG
Jenkins SourceGear Vault plugin transmits credentials in plain textEcosystems: maven
Packages: org.jenkins-ci.plugins:vault-scm-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: io.jenkins.docker:docker-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tNmdmLXAyNnAtbXgyd84AAhRA
Jenkins Docker Plugin contains Cross-Site Request ForgeryEcosystems: maven
Packages: io.jenkins.docker:docker-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: io.gravitee.apim:gravitee-api-management
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS12cDYyLW05NTgtcWo4Y84AAwu3
Gravitee API Management contains Path TraversalEcosystems: maven
Packages: io.gravitee.apim:gravitee-api-management
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: packagist
Packages: impresscms/impresscms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS00cTk2LTlmNjMtcDdqas02ew
Path Traversal in ImpressCMSEcosystems: packagist
Packages: impresscms/impresscms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: maven
Packages: de.taimos:pipeline-aws
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13NTk4LTI1aG0tanF4M84AAkDH
RCE vulnerability in Jenkins Pipeline: AWS Steps PluginEcosystems: maven
Packages: de.taimos:pipeline-aws
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS02cmg1LTIzaHgtajQ1Ms3rtw
Improper Authorization in Jenkins CoreEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.jboss.eap:wildfly-undertow
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1wcmZ3LTNxeDYtZzl4cs3z6Q
Improper Limitation of a Pathname to a Restricted Directory in Jboss EAP UndertowEcosystems: maven
Packages: org.jboss.eap:wildfly-undertow
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/IBAX-io/go-ibax
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tZ3FoLTNxbTctZ3g4Ms4AAvoA
IBAX go-ibax vulnerable to SQL injectionEcosystems: go
Packages: github.com/IBAX-io/go-ibax
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1nNjd4LW1ncnYtbTNnds4AAj1j
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1mM3F3LTdwOXAtajg3Zs4AAQA6
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.wildfly.openssl:wildfly-openssl-natives-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oeGo0LTg4NWYtZ3JncM4AAmJ-
Wildfly-OpenSSL memory leak flawEcosystems: maven
Packages: org.wildfly.openssl:wildfly-openssl-natives-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: com.groupon.jenkins-ci.plugins:DotCi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xOWc0LTlmeDQtdjUzM84AAu-j
Stored XSS vulnerability in Jenkins DotCi PluginEcosystems: maven
Packages: com.groupon.jenkins-ci.plugins:DotCi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xdjZmLXJjdjYtNnEzeM4AAnOP
Improper handling of REST API XML deserialization errors in JenkinsEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4M2gtajNjeC04cWZq
Insufficient Entropy in DotNetNukeEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
High
Ecosystems: maven
Packages: org.apache.cayenne:cayenne-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS04NWh3LXc0MzYtYzcyNc4AAU6Q
XML External Entity Reference in Apache CayenneEcosystems: maven
Packages: org.apache.cayenne:cayenne-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:android-lint
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0yOHg5LWhjNHAtOXZoMs4AAl8c
Stored XSS vulnerability in android-lint PluginEcosystems: maven
Packages: org.jvnet.hudson.plugins:android-lint
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: npm
Packages: sencisho
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4NjYteDdjZi1ybWg1
Directory Traversal in sencishoEcosystems: npm
Packages: sencisho
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 6 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS0zbXY4LXgzamotM2o3bc4AAQA7
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: cargo
Packages: convec
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJweG0tdm1yNy01ZjVm
Data races in convecEcosystems: cargo
Packages: convec
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:crap4j
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS12cTVoLXFneG0tMm0zOc4AAyf-
Jenkins Crap4J Plugin vulnerable to XML external entity (XXE) attacksEcosystems: maven
Packages: org.jenkins-ci.plugins:crap4j
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:android-lint
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS0zdmN4LXc5NGgtNjh2Z84AAXTZ
XXE vulnerability in Jenkins Android Lint PluginEcosystems: maven
Packages: org.jvnet.hudson.plugins:android-lint
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS03MmdtLXBwNnEtZ3B4Nc4AAX4k
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: nuget
Packages: Snappier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS04Mzh4LXBjdngtNnA1d84AAyW0
Snappier vulnerable to buffer overrun due to improper restriction of operations within the bounds of a memory bufferEcosystems: nuget
Packages: Snappier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
Ecosystems: cargo
Packages: better-macro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc5d2YtcWNxdi1yMjJy
Remote code execution in better-macroEcosystems: cargo
Packages: better-macro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: cargo
Packages: uu_od
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5dnYtcTk4Ni12ajd4
Out of bounds read in uu_odEcosystems: cargo
Packages: uu_od
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:walti
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS03cXBtLXZtd3YtaHE3aM4AAu-m
Stored XSS vulnerability in Jenkins Walti pluginEcosystems: maven
Packages: org.jenkins-ci.plugins:walti
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS12d3FoLWNtdnAtNjY5NM3_vw
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: go
Packages: github.com/0xJacky/Nginx-UI
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1weG1yLXEyeDMtOXg5bc4AA4Y4
Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269)Ecosystems: go
Packages: github.com/0xJacky/Nginx-UI
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
Ecosystems: maven
Packages: org.jenkins.plugin.templateWorkflows:template-workflows
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS02MnYyLXh3aDMtNWd2eM4AAz2m
Jenkins Template Workflows Plugin vulnerable to Stored Cross-site ScriptingEcosystems: maven
Packages: org.jenkins.plugin.templateWorkflows:template-workflows
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:matrix-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12cjZ2LXdqZnctcnhjcs4AAlYW
Stored XSS vulnerability in Jenkins Matrix Authorization Strategy PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:matrix-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:locked-files-report
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05cmhjLXZqanAtZ2Njd84AAl8n
Stored XSS vulnerability in Locked Files Report PluginEcosystems: maven
Packages: org.jvnet.hudson.plugins:locked-files-report
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1qNjdtLXdwdjYtcHY0NM3_5Q
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wbTcyLTI3bWctZmMyOM4AAxPg
Froxlor contains Weak Password RequirementsEcosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: maven
Packages: org.restlet.jse:org.restlet.ext.jaxrs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtcDgtcXZxbS0zeHdx
Restlet Framework Ja-rs extension is vulnerable to XXE when using SimpleXMLProviderEcosystems: maven
Packages: org.restlet.jse:org.restlet.ext.jaxrs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:google-login
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS1nNTh4LTU3ZnYtODZqaM4AA1u1
Jenkins Google Login Plugin non-constant time token comparisonEcosystems: maven
Packages: org.jenkins-ci.plugins:google-login
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:coverity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05OW1xLWh3NW0tZ3dqas4AAtsN
Missing permission check in Coverity Plugin allows capturing credentialsEcosystems: maven
Packages: org.jenkins-ci.plugins:coverity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.htmlunit:htmlunit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 months ago
GSA_kwCzR0hTQS1yYzQ0LTVjbWgtODc5bc4AAzeU
Unrestricted recursion in htmlunitEcosystems: maven
Packages: org.htmlunit:htmlunit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 months ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:coverity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01eDNmLTdtNTItOWNnZs4AAtsr
Jenkins Coverity Plugin vulnerable to cross-site request forgery (CSRF)Ecosystems: maven
Packages: org.jenkins-ci.plugins:coverity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1najNxLXA4Y20tMjZybc4AAjxj
Sandbox bypass vulnerability in Script Security PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:script-security
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1wY2dwLXZmZ3EtbWY1as3_9w
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:templating-engine
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wNnFjLTM3aHEtd3FyNs4AAoNm
Remote code execution vulnerability in Jenkins Templating Engine PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:templating-engine
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: npm
Packages: @worker-tools/stripe-webhook
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRnNTMtdnA3cS1nZmp2
constructEvent does not verify headerEcosystems: npm
Packages: @worker-tools/stripe-webhook
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00cWY1LTd4YzItd3FwZ84AAjqw
DNN Path Traversal via Zip SlipEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: scottqueue
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd2dnYtdzU1OS0yaGc2
Data races in scottqueueEcosystems: cargo
Packages: scottqueue
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: nuget
Packages: elFinder.NetCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05cmpwLXI1OGotZnhncc0VkQ
Path traversal in elFinder.NetCoreEcosystems: nuget
Packages: elFinder.NetCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: packagist
Packages: pyrocms/pyrocms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12ZzJnLTY5OGgtdjl3M84AAmK5
PyroCMS Vulnerable to CSRFEcosystems: packagist
Packages: pyrocms/pyrocms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: akaunting/akaunting
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI0NnItcjJ3Zi1mcmh4
Malicious password-reset in AkauntingEcosystems: packagist
Packages: akaunting/akaunting
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: maven
Packages: org.restlet.jse:org.restlet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05MmoyLTVyN3AtNmhqd84AAcqh
Restlet is vulnerable to Arbitrary Java Code Execution via crafted XMLEcosystems: maven
Packages: org.restlet.jse:org.restlet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: npm
Packages: dectalk-tts
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS02Y2Y2LThodnItcjY4d84AA6o3
dectalk-tts Uses Unencrypted HTTP RequestEcosystems: npm
Packages: dectalk-tts
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:pipeline-maven
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jMmhnLTJqajYtaDh2aM4AAllD
CSRF vulnerability in Jenkins Pipeline Maven Integration Plugin allow capturing credentialsEcosystems: maven
Packages: org.jenkins-ci.plugins:pipeline-maven
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:japex
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS04NTM4LTI1djQtMjVwZ84AAv5K
XXE vulnerability in Jenkins JAPEX PluginEcosystems: maven
Packages: org.jvnet.hudson.plugins:japex
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: maven
Packages: org.openshift.jenkins:openshift-login
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1yd2c1LTJwdjktNjMzd84AA0qS
Jenkins OpenShift Login Plugin session fixation vulnerabilityEcosystems: maven
Packages: org.openshift.jenkins:openshift-login
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:yaml-axis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zMjRoLTJ2N2gtcTN4eM4AAkZs
RCE vulnerability in Jenkins Yaml Axis PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:yaml-axis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:slack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS01cjhxLTlmd3YtMmdwcs4AAQab
Jenkins Slack Notification Plugin CSRF vulnerability and missing permission checksEcosystems: maven
Packages: org.jenkins-ci.plugins:slack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:shelve-project-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05ZjM3LWdneG0taDZ3eM4AAmvW
CSRF vulnerability in Jenkins Shelve Project PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:shelve-project-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: userfrosting/userfrosting
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1jdjI1LTNnbWctYzZtOM0grQ
Injection in UserFrostingEcosystems: packagist
Packages: userfrosting/userfrosting
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Statistics
Advisories: 18,592
Packages: 8,342
Repositories: 2,453
Ecosystems: 12
Packages: 8,342
Repositories: 2,453
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
Microsoft.ChakraCore
234
tensorflow
107
tensorflow-cpu
95
tensorflow-gpu
93
magento/community-edition
55
org.jenkins-ci.main:jenkins-core
48
moodle/moodle
44
com.fasterxml.jackson.core:jackson-databind
43
org.apache.tomcat:tomcat
33
dolibarr/dolibarr
31
drupal/core
28
microweber/microweber
27
pimcore/pimcore
27
nokogiri
25
drupal/drupal
24
org.apache.struts:struts2-core
23
phpmyadmin/phpmyadmin
23
typo3/cms
22
opencv-python
22
opencv-contrib-python
22
com.thoughtworks.xstream:xstream
22
Pillow
21
com.jfinal:jfinal
21
ansible
20
salt
20
thorsten/phpmyfaq
19
github.com/rancher/rancher
19
django
19
org.jenkins-ci.plugins:script-security
18
typo3/cms-core
18
librenms/librenms
18
mlflow
17
openssl-src
17
Plone
17
pocketmine/pocketmine-mp
17
symfony/symfony
16
org.apache.tomcat.embed:tomcat-embed-core
16
apache-airflow
16
getgrav/grav
15
nilsteampassnet/teampass
15
parse-server
15
rdiffweb
15
Microsoft.AspNetCore.App.Runtime.win-x86
14
net.mingsoft:ms-mcms
14
vyper
14
Microsoft.AspNetCore.App.Runtime.win-x64
14
centreon/centreon
14
github.com/hashicorp/consul
14
rubygems-update
13
Microsoft.AspNetCore.App.Runtime.win-arm
13
github.com/usememos/memos
13
golang.org/x/net
13
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
12
Microsoft.AspNetCore.App.Runtime.linux-arm
12
Microsoft.AspNetCore.App.Runtime.linux-arm64
12
org.apache.openmeetings:openmeetings-parent
12
org.keycloak:keycloak-core
12
activerecord
12
Microsoft.AspNetCore.App.Runtime.win-arm64
12
Microsoft.AspNetCore.App.Runtime.osx-x64
12
Microsoft.AspNetCore.App.Runtime.linux-x64
12
electron
12
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
12
baserproject/basercms
12
github.com/nats-io/nats-server/v2
11
mautic/core
11
actionpack
11
github.com/hashicorp/vault
11
intelliants/subrion
11
org.keycloak:keycloak-parent
11
io.undertow:undertow-core
11
github.com/argoproj/argo-cd
11
org.xwiki.platform:xwiki-platform-oldcore
10
Django
10
keystone
10
cobbler
10
matrix-synapse
10
github.com/hashicorp/nomad
10
openmage/magento-lts
10
org.springframework.security:spring-security-core
10
froxlor/froxlor
10
shopware/platform
10
org.apache.nifi:nifi
10
cockpit-hq/cockpit
10
org.apache.geode:geode-core
9
craftcms/cms
9
org.apache.solr:solr-core
9
Microsoft.NetCore.App.Runtime.win-arm64
9
org.cloudfoundry.identity:cloudfoundry-identity-server
9
org.bouncycastle:bcprov-jdk14
9
Microsoft.NetCore.App.Runtime.win-arm
9
Microsoft.NetCore.App.Runtime.win-x64
9
org.apache.struts.xwork:xwork-core
9
github.com/ethereum/go-ethereum
9
Microsoft.NetCore.App.Runtime.win-x86
9
org.apache.hadoop:hadoop-main
9
ckb
9
mercurial
9
rusqlite
9
Microsoft.AspNetCore.App.Runtime.linux-musl-arm
8
shopware/core
8
Microsoft.NETCore.App.Runtime.win-x86
8
gradio
8
Microsoft.NETCore.App.Runtime.win-x64
8
org.bouncycastle:bcprov-jdk15
8
github.com/sylabs/singularity
8
Microsoft.NETCore.App.Runtime.win-arm64
8
org.keycloak:keycloak-services
8
october/system
8
smarty/smarty
7
symfony/security
7
pillow
7
cakephp/cakephp
7
phpmailer/phpmailer
7
apache-superset
7
magento/core
7
org.craftercms:crafter-studio
7
org.elasticsearch:elasticsearch
7
strapi
7
com.liferay.portal:release.portal.bom
7
DotNetNuke.Core
7
deno
7
next
7
cn.hutool:hutool-core
7
org.apache.inlong:manager-pojo
7
org.eclipse.jetty:jetty-server
7
github.com/docker/docker
7
org.jenkins-ci.plugins.workflow:workflow-cps
7
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
7
org.springframework:spring-core
7
snipe/snipe-it
7
com.xuxueli:xxl-job
7
codeigniter4/framework
7
gogs.io/gogs
7
tar
7
org.apache.commons:commons-compress
7
composer/composer
6
rack
6
symfony/security-http
6
sequelize
6
org.apache.tomcat:tomcat-coyote
6
github.com/traefik/traefik/v2
6
github.com/zitadel/zitadel
6
handlebars
6
prestashop/prestashop
6
istio.io/istio
6
@strapi/strapi
6
waitress
6
opencv-contrib-python-headless
6
org.apache.cxf:cxf
6
@openzeppelin/contracts
6
wwbn/avideo
6
de.tum.in.ase:artemis-java-test-sandbox
6
golang.org/x/crypto
6
opencv-python-headless
6
org.apache.tika:tika-core
6
Microsoft.AspNetCore.App.Runtime.osx-arm64
6
nautobot
6
kiwitcms
6
contao/contao
6
contao/core-bundle
6
laravel/framework
6
org.apache.camel:camel-core
6
github.com/grafana/grafana
6
github.com/hyperledger/fabric
6
github.com/gravitl/netmaker
6
npm
6
guzzlehttp/guzzle
6
sized-chunks
6
express-cart
6
Microsoft.NETCore.App
6
k8s.io/kubernetes
6
cryptography
6
Microsoft.AspNetCore.All
6
org.apache.tomcat:tomcat-catalina
5
github.com/cilium/cilium
5
zope
5
github.com/answerdev/answer
5
github.com/nats-io/jwt
5
@openzeppelin/contracts-upgradeable
5
github.com/IBAX-io/go-ibax
5
com.vaadin:vaadin-bom
5
github.com/go-gitea/gitea
5
Microsoft.WindowsDesktop.App.Runtime.win-x64
5
Microsoft.WindowsDesktop.App.Runtime.win-x86
5
phpbb/phpbb
5
getkirby/cms
5
matrix-js-sdk
5
twisted
5
org.xwiki.platform:xwiki-platform-web
5
forkcms/forkcms
5
aubio
5
serve
5
ua-parser-js
5
pear/archive_tar
5
CefSharp.Common
5
statamic/cms
5
passenger
5
Microsoft.AspNetCore.App
5
genix/cms
5
Filter by Repository
https://github.com/chakra-core/ChakraCore
204
https://github.com/tensorflow/tensorflow
107
https://github.com/xwiki/xwiki-platform
48
https://github.com/FasterXML/jackson-databind
44
https://github.com/jenkinsci/jenkins
36
https://github.com/apache/tomcat
34
https://github.com/python-pillow/Pillow
26
https://github.com/pimcore/pimcore
25
https://github.com/microweber/microweber
25
https://github.com/apache/airflow
25
https://github.com/moodle/moodle
24
https://github.com/django/django
24
https://github.com/keycloak/keycloak
22
https://github.com/x-stream/xstream
22
https://github.com/apache/struts
22
https://github.com/opencv/opencv
21
https://github.com/sparklemotion/nokogiri
20
https://github.com/Dolibarr/dolibarr
19
https://github.com/thorsten/phpmyfaq
18
https://github.com/dotnet/runtime
17
https://github.com/pmmp/PocketMine-MP
17
https://github.com/symfony/symfony
16
https://github.com/spring-projects/spring-framework
16
https://github.com/rancher/rancher
16
https://github.com/parse-community/parse-server
15
https://github.com/ikus060/rdiffweb
15
https://github.com/ansible/ansible
15
https://github.com/vyperlang/vyper
14
https://github.com/librenms/librenms
14
https://github.com/apache/inlong
14
https://github.com/github/advisory-database
14
https://github.com/usememos/memos
13
https://github.com/jenkinsci/script-security-plugin
13
https://github.com/getgrav/grav
13
https://github.com/rails/rails
12
https://github.com/mlflow/mlflow
12
https://github.com/hashicorp/consul
11
https://github.com/apache/nifi
11
https://github.com/electron/electron
11
https://github.com/mautic/mautic
11
https://github.com/argoproj/argo-cd
10
https://github.com/centreon/centreon
10
https://github.com/octobercms/october
10
https://github.com/OpenMage/magento-lts
10
https://github.com/go-gitea/gitea
10
https://github.com/openstack/keystone
9
https://github.com/kubernetes/kubernetes
9
https://github.com/strapi/strapi
9
https://github.com/rusqlite/rusqlite
9
https://github.com/golang/go
9
https://github.com/apache/camel
9
https://github.com/cui2shark/cms
9
https://github.com/cloudfoundry/uaa
9
https://github.com/nilsteampassnet/teampass
9
https://github.com/nervosnetwork/ckb
9
https://github.com/cockpit-hq/cockpit
8
https://github.com/shopware/platform
8
https://github.com/matrix-org/synapse
8
https://github.com/gradio-app/gradio
8
https://github.com/TYPO3/TYPO3.CMS
8
https://github.com/bcgit/bc-java
8
https://github.com/cobbler/cobbler
8
https://github.com/denoland/deno
8
https://github.com/nats-io/nats-server
8
https://github.com/DSpace/DSpace
7
https://github.com/netty/netty
7
https://github.com/apache/cxf
7
https://github.com/plone/Products.CMFPlone
7
https://github.com/rubygems/rubygems
7
https://github.com/dotnet/aspnetcore
7
https://github.com/hashicorp/vault
7
https://github.com/snipe/snipe-it
7
https://github.com/eclipse/jetty.project
7
https://github.com/spring-projects/spring-security
7
https://github.com/apache/activemq
7
https://github.com/undertow-io/undertow
7
https://github.com/PHPMailer/PHPMailer
7
https://github.com/DrunkenShells/Disclosures
6
https://github.com/nilsteampassnet/TeamPass
6
https://github.com/istio/istio
6
https://github.com/WWBN/AVideo
6
https://github.com/TYPO3/typo3
6
https://github.com/kiwitcms/Kiwi
6
https://github.com/sequelize/sequelize
6
https://github.com/guzzle/guzzle
6
https://github.com/phpmyadmin/phpmyadmin
6
https://github.com/gravitl/netmaker
6
https://github.com/intelliants/subrion
6
https://github.com/saltstack/salt
6
https://github.com/xuxueli/xxl-job
6
https://github.com/zitadel/zitadel
6
https://github.com/CVEProject/cvelist
6
https://github.com/dnnsoftware/Dnn.Platform
6
https://github.com/OPCFoundation/UA-.NETStandard
6
https://github.com/Pylons/waitress
6
https://github.com/backstage/backstage
6
https://github.com/ls1intum/Ares
6
https://github.com/npm/node-tar
6
https://github.com/PaddlePaddle/Paddle
6
https://github.com/pyca/cryptography
6
https://github.com/opencast/opencast
6
https://github.com/OpenNMS/opennms
6
https://github.com/magento/magento2
6
https://github.com/hyperledger/fabric
6
https://github.com/bodil/sized-chunks
6
https://github.com/dromara/hutool
6
https://github.com/contao/contao
6
https://github.com/nautobot/nautobot
6
https://github.com/OpenZeppelin/openzeppelin-contracts
6
https://github.com/smarty-php/smarty
6
https://github.com/froxlor/froxlor
6
https://github.com/directus/directus
5
https://github.com/cilium/cilium
5
https://github.com/PrestaShop/PrestaShop
5
https://github.com/gogs/gogs
5
https://github.com/codeigniter4/CodeIgniter4
5
https://github.com/aubio/aubio
5
https://github.com/cakephp/cakephp
5
https://github.com/drupal/core
5
https://github.com/apache/kylin
5
https://github.com/getkirby/kirby
5
https://github.com/pear/Archive_Tar
5
https://github.com/protocolbuffers/protobuf
5
https://github.com/apache/hadoop
5
https://github.com/ethereum/go-ethereum
5
https://github.com/zopefoundation/Zope
5
https://github.com/geoserver/geoserver
5
https://github.com/laravel/framework
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/docker/docker
5
https://github.com/IBAX-io/go-ibax
5
https://github.com/answerdev/answer
5
https://github.com/apache/dolphinscheduler
5
https://github.com/composer/composer
5
https://github.com/twisted/twisted
5
https://github.com/matrix-org/matrix-js-sdk
5
https://github.com/vercel/next.js
5
https://github.com/cefsharp/CefSharp
5
https://github.com/grafana/grafana
5
https://github.com/forkcms/forkcms
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/traefik/traefik
5
https://github.com/apache/xmlgraphics-batik
5
https://github.com/hpcng/singularity
5
https://github.com/jenkinsci/workflow-cps-global-lib-plugin
4
https://github.com/pimcore/admin-ui-classic-bundle
4
https://github.com/free5gc/free5gc
4
https://github.com/yiisoft/yii2
4
https://github.com/ericcornelissen/shescape
4
https://github.com/0xJacky/nginx-ui
4
https://github.com/livehelperchat/livehelperchat
4
https://github.com/scrapy/scrapy
4
https://github.com/tidwall/gjson
4
https://github.com/playframework/playframework
4
https://github.com/wixtoolset/issues
4
https://github.com/cri-o/cri-o
4
https://github.com/surrealdb/surrealdb
4
https://github.com/igniterealtime/Openfire
4
https://github.com/npm/cli
4
https://github.com/quarkusio/quarkus
4
https://github.com/ckeditor/ckeditor4
4
https://github.com/nightcloudos/new_cms
4
https://github.com/nocodb/nocodb
4
https://github.com/totaljs/framework
4
https://github.com/apple/swift-nio-http2
4
https://github.com/RaspAP/raspap-webgui
4
https://github.com/kubernetes/ingress-nginx
4
https://github.com/jettison-json/jettison
4
https://github.com/Froxlor/Froxlor
4
https://github.com/PrismJS/prism
4
https://github.com/ethyca/fides
4
https://github.com/restlet/restlet-framework-java
4
https://github.com/statamic/cms
4
https://github.com/vantage6/vantage6
4
https://github.com/containers/podman
4
https://github.com/bolt/bolt
4
https://github.com/containers/buildah
4
https://github.com/opencontainers/runc
4
https://github.com/phpseclib/phpseclib
4
https://github.com/centreon/centreon-archived
4
https://github.com/hashicorp/nomad
4
https://github.com/fiveai/Cachet
4
https://github.com/baserproject/basercms
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/cloudflare/cfrpki
4
https://github.com/apache/geode
4
https://github.com/libp2p/go-libp2p
4
https://github.com/jnqnfe/pulse-binding-rust
4
https://github.com/pgadmin-org/pgadmin4
4
https://github.com/jeecgboot/jeecg-boot
4
https://github.com/Codiad/Codiad
4
https://github.com/nextauthjs/next-auth
3
https://github.com/pf4j/pf4j
3
https://github.com/dotnet/sdk
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/ming-soft/MCMS
3
https://github.com/openfga/openfga
3
https://github.com/microsoft/msquic
3
https://github.com/edgelesssys/constellation
3