Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

High Security Advisories

Loading...
High
GSA_kwCzR0hTQS1qN3EyLWM2cjQteDJqd84AAlxw
Stored XSS vulnerability in Jenkins Git Parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.tools:git-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13bXEzLTI0am0tbTh4aM33LA
Jenkins Assembla Auth Plugin stores credentials in plain text
Ecosystems: maven
Packages: org.jenkins-ci.plugins:assembla-auth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS0zOXIzLWg4cTYtMnBocc4AAs8l
Reflected Cross site scripting in Jenkins Embeddable Build Status Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:embeddable-build-status
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS14NjQ2LW03eDItZ2NwN83mbw
Path Traversal in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1qNGZxLTNmbTctd2g1ds4AAjQs
Magento arbitrary PHP code execution via the productData parameter
Ecosystems: packagist
Packages: magento/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jZzZxLWdwMjMtdnd4OM38aw
Jenkins Crowd 2 Integration Plugin stored credentials in plain text
Ecosystems: maven
Packages: org.jenkins-ci.plugins:crowd2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS00eDVyLTZ2MjYtN2o0ds4AAv_S
Creation of new database tables through login form on PostgreSQL
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1oY3hmLXJxNzItaDRycs4AAhUU
Cross-Site Request Forgery in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzNTMtaGM0My05NXZj
Script injection without script or programming rights through Gadget titles
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1xZjM4LWYyZnItcTR4Oc3mcA
Improper Input Validation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS13ODZqLTk5d2ctcjI5Zs4AAWPG
Jenkins TraceTronic ECU-TEST Plugin Man in the middle vulnerability
Ecosystems: maven
Packages: de.tracetronic.jenkins.plugins:ecutest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1wY2hwLWM1dzgtNDdnY81A1Q
Hash collision attack vulnerability in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS12bWhoLXhoM2ctajk5Ms4AArNI
Cross-site Scripting in the Flamingo theme manager
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ydjlqLWM4NjYtZ3A1aM4AA4Sp
Microsoft.IdentityModel.Protocols.SignedHttpRequest remote code execution vulnerability
Ecosystems: nuget
Packages: Microsoft.IdentityModel.Protocols.SignedHttpRequest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
GSA_kwCzR0hTQS12aDM4LWdoeDYtdm12Z83X8Q
Code Injection in Masuit.Tools.Core
Ecosystems: nuget
Packages: Masuit.Tools.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1qeGc5LTJjaDctZjU1Ms4AAttV
Feehi CMS arbitrary code execution via crafted PHP file
Ecosystems: packagist
Packages: feehi/cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1mdnhmLXI5ZnctNDlwY84AArtW
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1naGp3LWZjZjYtcnByOc4AA1vF
Job Configuration History Plugin's path traversal allows exploiting XXE vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:jobConfigHistory
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
GSA_kwCzR0hTQS1yNWhnLTM0OXEtbWcycc4AA3_u
Buildkite Elastic CI for AWS time-of-check-time-of-use race condition vulnerability
Ecosystems: go
Packages: github.com/buildkite/elastic-ci-stack-for-aws/v6
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczNzgtNjI2OC00Mjc4
High severity vulnerability that affects DotNetZip
Ecosystems: nuget
Packages: DotNetZip
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
High
GSA_kwCzR0hTQS14aDM1LXc3d2ctOTV2M84AA4Qi
XWiki has no right protection on rollback action
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform, org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmM2MtZmZmcC0zNHFo
conference-scheduler-cli Arbitrary Code Execution
Ecosystems: pypi
Packages: conference-scheduler-cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
High
GSA_kwCzR0hTQS1naG0yLXJxOHEtd3JoY84AA4Jn
Potential Actions command injection in output filenames (GHSL-2023-275)
Ecosystems: actions
Packages: tj-actions/verify-changed-files
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
GSA_kwCzR0hTQS03bWd4LWd2anctbTN3M84AA474
CrateDB authentication bypass vulnerability
Ecosystems: maven
Packages: io.crate:crate
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
GSA_kwCzR0hTQS1xZzY2LXh2N3YtbTgzNM4AAl8l
Stored XSS vulnerability in computer-queue-plugin Plugin
Ecosystems: maven
Packages: jenkins.ci.plugins.computerqueue:computer-queue-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS00cHgyLWdxaHYtbXJjN84AAX8u
Password change doesn't result in Karaf clearing cache
Ecosystems: maven
Packages: org.opendaylight.integration:distribution-karaf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jcWhyLXE4MzUtNjJnbc4AAs8f
Cross-site Scripting in Jenkins Sauce OnDemand Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:sauce-ondemand
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS12cGZqLTVnZzUtZnZmbc4AAjxu
XXE vulnerability in Jenkins Cobertura Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cobertura
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03NDZ4LXh4cngtMjNqcM33Xw
Jenkins Kmap Plugin stores credentials in plain text
Ecosystems: maven
Packages: org.jenkins-ci.plugins:kmap-jenkins
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS04N2ZnLTl4NXctajNybc4AA371
MainWP Dashboard SQL Command Injection vulnerability
Ecosystems: packagist
Packages: mainwp/mainwp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
GSA_kwCzR0hTQS1oNzZwLW1jNjgtanYzcM4AAyCk
Denial of service in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS05d2dnLW05OXEtaGhmY84AA36z
Expired tokens can be renewed without validating the account password
Ecosystems: pypi
Packages: emailproxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
GSA_kwCzR0hTQS1wNWY4LXFmMjQtMjRjas4AA36y
Velocity execution without script right through tree macro
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-index-tree-macro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
GSA_kwCzR0hTQS0ydzJtLWNjZjgtNTdjcc4AAvdL
XXE vulnerability in Jenkins REPO Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:repo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS02cjkyLWNneGMtcjVmZ80kJw
Denial of service in CBOR library
Ecosystems: nuget
Packages: PeterO.Cbor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1ocjV3LWN3d3EtMnY0bc4AA6as
ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass
Ecosystems: go
Packages: github.com/zitadel/zitadel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS00YzMyLXc2YzctNzd4NM4AAzpH
SQL injection when using MySQL/PostgreSQL data checking
Ecosystems: go
Packages: github.com/megaease/easeprobe
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
GSA_kwCzR0hTQS1qeDdxLXh4bXctNDR2Zs4AAz3G
.NET Elevation of Privilege Vulnerability
Ecosystems: nuget
Packages: Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
GSA_kwCzR0hTQS05OHA2LTY0MjgtNzd2N84AAiYW
Jenkins NeoLoad Plugin stores credentials in cleartext
Ecosystems: maven
Packages: org.jenkins-ci.plugins:neoload-jenkins-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0zOGpyLTI5Zmgtdzl2bc4AA6RX
ansys-geometry-core OS Command Injection vulnerability
Ecosystems: pypi
Packages: ansys-geometry-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS1yNXgzLTI0NDYtaHJwN84AAXbh
Race Condition in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1tY21yLTQ5eDMtNGpxbc4AAvq_
ckb type_id script resume may randomly fail
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS14cDQ0LTh2d3IteHdtds4AAq6T
Jenkins Aqua Security Scanner Plugin showed plain text password in configuration form
Ecosystems: maven
Packages: org.jenkins-ci.plugins:aqua-security-scanner
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ncWd2LTd3cGotdm02cc4AA3u2
Cross Site Request Forgery in Silverpeas
Ecosystems: maven
Packages: org.silverpeas.core:silverpeas-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
GSA_kwCzR0hTQS04Zzd2LXZqcmMteDRnNc4AA6JF
GeoServer log file path traversal vulnerability
Ecosystems: maven
Packages: org.geoserver:gs-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV4ZzMtajJqNi1yY3g0
Relative Path Traversal in git-delta
Ecosystems: cargo
Packages: git-delta
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1yNjRyLTVoNDMtMjZxds4AA42n
Any authenticated user may obtain private message details from other users on the same instance
Ecosystems: cargo
Packages: lemmy_server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
GSA_kwCzR0hTQS12NjI3LTY5djIteHgzN84AA5xb
`GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user
Ecosystems: go
Packages: github.com/stacklok/minder
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS1odm1jLTdnMngtcjNwOc4AAllE
Jenkins Cross-Site Scripting vulnerability in help icons
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yYzRwLXAzajktNjU3N84AA5ds
pypqc private key retrieval vulnerability
Ecosystems: pypi
Packages: pypqc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNnZzktZjN2aC04NjZm
Improper Certificate Validation in Graylog
Ecosystems: maven
Packages: org.graylog:graylog-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS13Z3BwLWc2djktN2h4cM4AAwPj
Jenkins Plot Plugin XML External Entity Reference vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:plot
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1mMjNoLTUyaGotOTlwNs4AA39b
Apache IoTDB: Unsafe deserialize map in Sync Tool
Ecosystems: maven
Packages: org.apache.iotdb:iotdb-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
GSA_kwCzR0hTQS0yN3BnLTRjajYtODk5NM4AAypj
yuan1994 tpAdmin Unrestricted Upload of File with Dangerous Type vulnerability
Ecosystems: packagist
Packages: yuan1994/tpadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBweGMtcG14OS1xanY5
Out-of-bounds write
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN3cDktOTU2Zi12Y3do
Out-of-bounds write
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
GSA_kwCzR0hTQS05ZjVnLXJnY3ItOGdyd84AA3aj
Jenkins MATLAB Plugin cross-site request forgery vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:matlab
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVycTgtM3d2Zi13cmZn
Out-of-bounds write
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
GSA_kwCzR0hTQS00Mm1tLXg4MjgtNTZjN84AAnqE
CSRF vulnerability in Jenkins Configuration Slicing Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:configurationslicing
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jdjR4LTlmMzQtOHJwOc4AA3ae
Jenkins MATLAB Plugin missing permission checks
Ecosystems: maven
Packages: org.jenkins-ci.plugins:matlab
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
GSA_kwCzR0hTQS1yOG0yLTR4MzctNjU5Ms4AAuzv
.NET Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpqZ3ctamYzMy03Zmc5
Directory Traversal in mfrs
Ecosystems: npm
Packages: mfrs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
High
GSA_kwCzR0hTQS0yd21qLTQ2cmotcW0yd84AA3az
ZITADEL Account Takeover via Malicious Host Header Injection
Ecosystems: go
Packages: github.com/zitadel/zitadel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
GSA_kwCzR0hTQS1tMjJtLWg0cmYtcHdxM80mrA
Path Traversal in SharpZipLib
Ecosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS14Y3ZyLXF2OGgtbTd4d83t4g
.NET Core Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.NETCore.Jit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1nNXZmLTM4Y3AtNHB4Oc4AAlS9
.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS00Z2gyLW04OGgtOGNqOM4AA1uz
Disabled permissions can be granted by Jenkins SSH2 Easy Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ssh2easy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
GSA_kwCzR0hTQS12cnBnLWM3YzQtOG1weM4AA1us
SSRF vulnerability in Jenkins Bitbucket Push and Pull Request Plugin allows capturing credentials
Ecosystems: maven
Packages: io.jenkins.plugins:bitbucket-push-and-pull-request
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
GSA_kwCzR0hTQS0yYzd2LXFjanAtNG1nMs4AAwWz
.NET Remote Code Execution Vulnerability
Ecosystems: nuget
Packages: Microsoft.WindowsDesktop.App.Runtime.win-x64, Microsoft.WindowsDesktop.App.Runtime.win-x86, Microsoft.WindowsDesktop.App.Runtime.win-arm64
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1oajdwLWg3NGotNmd4as4AA1ur
Non-constant time nonce comparison in Jenkins Microsoft Entra ID (previously Azure AD) Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:azure-ad
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
GSA_kwCzR0hTQS1ycjNwLTVmY2YtdjVtM84AAz2X
SSL/TLS certificate validation disabled by default in Jenkins Checkmarx Plugin
Ecosystems: maven
Packages: com.checkmarx.jenkins:checkmarx
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
GSA_kwCzR0hTQS1xMjdoLWh3MnYteDVqbc4AA3Ov
Free5gc allows a local attacker to cause a denial of service via the free5gc-compose component
Ecosystems: go
Packages: github.com/free5gc/free5gc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
GSA_kwCzR0hTQS00ODVwLW1yajUtOHcyds4AAvgP
.NET Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1xY2pxLTdmN3YtcHZjOM4AA47s
Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF
Ecosystems: go
Packages: github.com/0xJacky/Nginx-UI
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
GSA_kwCzR0hTQS01M2pwLWdtd2MtandmNs4AATfu
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS13anhjLXBqeDktNHd2bc4AA5Cp
Nervos CKB Panic on malformed input
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
GSA_kwCzR0hTQS14Nmp4LWN4ZzMtbWdnaM33pw
Jenkins Pipeline Declarative Plugin sandbox bypass vulnerability
Ecosystems: maven
Packages: org.jenkinsci.plugins:pipeline-model-definition
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1nbWhqLXhqZmgtY2Y2bc4AAvAc
Caddy-SSH vulnerable to Authorization Bypass due to incorrect usage of PAM library
Ecosystems: go
Packages: github.com/mohammed90/caddy-ssh
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1jdmg4LTlqNHgtNXY0as38cQ
Jenkins Artifactory Plugin stored old directly entered credentials unencrypted on disk
Ecosystems: maven
Packages: org.jenkins-ci.plugins:artifactory
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1mcWcyLWM5N3ItcnFjas4AASyM
Exposure of Sensitive Information in Jenkins Kubernetes Plugin
Ecosystems: maven
Packages: org.csanchez.jenkins.plugins:kubernetes
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1ncmY4LTk0cTUtNHBoeM4AASky
CSRF vulnerability and missing permission checks in Openstack Cloud Plugin allowed capturing credentials
Ecosystems: maven
Packages: org.jenkins-ci.plugins:openstack-cloud
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRyNjQtd2Y3Ni1jNTNw
In blynk-server a Directory Traversal exists
Ecosystems: maven
Packages: com.github.blynkkk:blynk-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
High
GSA_kwCzR0hTQS1ocnIzLTdyNXYtdnh4Nc4AAWOD
Jenkins Inedo BuildMaster Plugin globally and unconditionally disabled SSL/TLS certificate validation
Ecosystems: maven
Packages: com.inedo.buildmaster:inedo-buildmaster
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS0yNjR3LXhycjctNnFxZ84AAkDO
RCE vulnerability in Jenkins OpenShift Pipeline Plugin
Ecosystems: maven
Packages: com.openshift.jenkins:openshift-pipeline
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ocW1wLXZ4ajctNXdwcc4AAtEY
Cross-site Scripting in Jenkins Validating Email Parameter Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:validating-email-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS05aDZoLTlnNzgtODZmN84AAwpm
Yapscan's report receiver server vulnerable to path traversal and log injection
Ecosystems: go
Packages: github.com/fkie-cad/yapscan
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1oNWhtLTczaGctZnJybc4AAWOf
Jenkins Inedo ProGet Plugin globally and unconditionally disabled SSL/TLS certificate validation
Ecosystems: maven
Packages: com.inedo.proget:inedo-proget
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1wZndwLXE5ODQtdzd3aM0sRA
Jenkins Pipeline: Deprecated Groovy Libraries Plugin Protection Mechanism Failure
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS01MjkzLTNmZ3AtY3IzeM37rA
Missing permission checks in Jenkins Periodic Backup Plugin allow every user to change settings
Ecosystems: maven
Packages: org.jenkins-ci.plugins:periodicbackup
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS02cTc4LTZ4dnItMjZmZ833sw
Jenkins Groovy Plugin sandbox bypass vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:script-security, org.jenkins-ci.plugins:pipeline-model-definition, org.jenkins-ci.plugins.workflow:workflow-cps-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1taHdxLTRtaDctZnY3Y84AAR1s
Arbitrary code execution due to incomplete sandbox protection in Jenkins Pipeline
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1ncXg4LWh4bXYtYzR2NM4AAw1E
KubePi may allow unauthorized access to system API
Ecosystems: go
Packages: github.com/KubeOperator/kubepi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1oNjQ4LWdqMzQtNXg0cs4AAqqG
Agent-to-controller security bypass in Jenkins Squash TM Publisher (Squash4Jenkins) Plugin allows writing arbitrary files
Ecosystems: maven
Packages: org.jenkins-ci.plugins:squashtm-publisher-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1tajV2LWdnamMtNDhwNc4AAqqP
XXE vulnerability in Jenkins OWASP Dependency-Check Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dependency-check-jenkins-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS14ZndqLTJmMzQtMzJmNc33ng
Jenkins Groovy Plugin sandbox bypass vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:groovy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS03Zjg0LXA2cjUtanI2cc4AAs8h
Cross-site Scripting vulnerability in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qaGZ2LTg5MzYtZzY1Ms4AAs86
Cross-site Scripting in Jenkins Hidden Parameter Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:hidden-parameter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wdjM4LW1xcHAtdjcyaM4AAs83
Cross-site Scripting in Jenkins NS-ND Integration Performance Publisher Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:cavisson-ns-nd-integration
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS00MnI2LXA0cHgtcXZ2Ns4AAzyY
tgstation-server cached user logins in legacy server
Ecosystems: nuget
Packages: TGServiceInterface
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
GSA_kwCzR0hTQS12OThyLWdqZ2MtbTlwZs06pA
Stored Cross-site Scripting vulnerability in Jenkins Promoted Builds Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:promoted-builds
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Statistics
Advisories: 18,471
Packages: 8,321
Repositories: 2,449
Ecosystems: 12
Filter by Severity
Moderate 7,980 High 6,390 Critical 2,818 Low 992
Filter by Ecosystem
maven 1,876 npm 1,408 pypi 1,192 packagist 1,025 nuget 786 go 690 cargo 324 rubygems 284 swift 16 hex 9 actions 8 pub 4
Filter by Package
Microsoft.ChakraCore 234 tensorflow 107 tensorflow-cpu 95 tensorflow-gpu 93 magento/community-edition 55 org.jenkins-ci.main:jenkins-core 48 moodle/moodle 44 com.fasterxml.jackson.core:jackson-databind 43 org.apache.tomcat:tomcat 33 dolibarr/dolibarr 31 drupal/core 28 microweber/microweber 27 pimcore/pimcore 27 nokogiri 25 drupal/drupal 24 org.apache.struts:struts2-core 23 phpmyadmin/phpmyadmin 23 opencv-python 22 com.thoughtworks.xstream:xstream 22 opencv-contrib-python 22 typo3/cms 22 Pillow 21 com.jfinal:jfinal 21 salt 20 ansible 20 django 19 thorsten/phpmyfaq 19 github.com/rancher/rancher 19 typo3/cms-core 18 org.jenkins-ci.plugins:script-security 18 librenms/librenms 18 mlflow 17 Plone 17 openssl-src 17 pocketmine/pocketmine-mp 17 apache-airflow 16 symfony/symfony 16 org.apache.tomcat.embed:tomcat-embed-core 16 rdiffweb 15 nilsteampassnet/teampass 15 parse-server 15 getgrav/grav 15 Microsoft.AspNetCore.App.Runtime.win-x64 14 Microsoft.AspNetCore.App.Runtime.win-x86 14 github.com/hashicorp/consul 14 vyper 14 centreon/centreon 14 net.mingsoft:ms-mcms 14 Microsoft.AspNetCore.App.Runtime.win-arm 13 github.com/usememos/memos 13 rubygems-update 13 golang.org/x/net 13 activerecord 12 baserproject/basercms 12 electron 12 org.keycloak:keycloak-core 12 Microsoft.AspNetCore.App.Runtime.linux-arm 12 org.apache.openmeetings:openmeetings-parent 12 Microsoft.AspNetCore.App.Runtime.linux-arm64 12 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 12 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 12 Microsoft.AspNetCore.App.Runtime.linux-x64 12 Microsoft.AspNetCore.App.Runtime.win-arm64 12 Microsoft.AspNetCore.App.Runtime.osx-x64 12 github.com/hashicorp/vault 11 actionpack 11 github.com/nats-io/nats-server/v2 11 io.undertow:undertow-core 11 mautic/core 11 intelliants/subrion 11 org.keycloak:keycloak-parent 11 github.com/argoproj/argo-cd 11 shopware/platform 10 Django 10 cobbler 10 github.com/hashicorp/nomad 10 org.springframework.security:spring-security-core 10 matrix-synapse 10 org.apache.nifi:nifi 10 froxlor/froxlor 10 cockpit-hq/cockpit 10 org.xwiki.platform:xwiki-platform-oldcore 10 openmage/magento-lts 10 org.cloudfoundry.identity:cloudfoundry-identity-server 9 org.bouncycastle:bcprov-jdk14 9 mercurial 9 org.apache.hadoop:hadoop-main 9 keystone 9 org.apache.geode:geode-core 9 org.apache.solr:solr-core 9 rusqlite 9 craftcms/cms 9 org.apache.struts.xwork:xwork-core 9 ckb 9 github.com/ethereum/go-ethereum 9 Microsoft.NetCore.App.Runtime.win-arm 9 Microsoft.NetCore.App.Runtime.win-arm64 9 Microsoft.NetCore.App.Runtime.win-x64 9 Microsoft.NetCore.App.Runtime.win-x86 9 Microsoft.NETCore.App.Runtime.win-arm64 8 Microsoft.NETCore.App.Runtime.win-x86 8 gradio 8 october/system 8 Microsoft.NETCore.App.Runtime.win-x64 8 org.keycloak:keycloak-services 8 org.bouncycastle:bcprov-jdk15 8 Microsoft.AspNetCore.App.Runtime.linux-musl-arm 8 github.com/sylabs/singularity 8 shopware/core 8 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 7 smarty/smarty 7 snipe/snipe-it 7 apache-superset 7 org.apache.commons:commons-compress 7 cakephp/cakephp 7 deno 7 DotNetNuke.Core 7 org.jenkins-ci.plugins.workflow:workflow-cps 7 org.craftercms:crafter-studio 7 next 7 org.apache.inlong:manager-pojo 7 cn.hutool:hutool-core 7 org.eclipse.jetty:jetty-server 7 tar 7 magento/core 7 org.elasticsearch:elasticsearch 7 strapi 7 com.xuxueli:xxl-job 7 codeigniter4/framework 7 github.com/docker/docker 7 pillow 7 phpmailer/phpmailer 7 symfony/security 7 gogs.io/gogs 7 com.liferay.portal:release.portal.bom 7 org.springframework:spring-core 7 sequelize 6 github.com/traefik/traefik/v2 6 golang.org/x/crypto 6 npm 6 github.com/zitadel/zitadel 6 istio.io/istio 6 github.com/hyperledger/fabric 6 sized-chunks 6 cryptography 6 laravel/framework 6 org.apache.cxf:cxf 6 @strapi/strapi 6 symfony/security-http 6 org.apache.tomcat:tomcat-coyote 6 prestashop/prestashop 6 composer/composer 6 guzzlehttp/guzzle 6 contao/contao 6 contao/core-bundle 6 rack 6 Microsoft.AspNetCore.All 6 org.apache.camel:camel-core 6 Microsoft.AspNetCore.App.Runtime.osx-arm64 6 opencv-python-headless 6 opencv-contrib-python-headless 6 github.com/gravitl/netmaker 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.apache.tika:tika-core 6 waitress 6 express-cart 6 k8s.io/kubernetes 6 kiwitcms 6 wwbn/avideo 6 @openzeppelin/contracts 6 nautobot 6 handlebars 6 Microsoft.NETCore.App 6 github.com/go-gitea/gitea 5 genix/cms 5 plone 5 ua-parser-js 5 github.com/answerdev/answer 5 github.com/opencontainers/runc 5 CefSharp.Common 5 getkirby/cms 5 Microsoft.AspNetCore.App 5 org.apache.xmlgraphics:batik 5 zope 5 pear/archive_tar 5 Microsoft.WindowsDesktop.App.Runtime.win-x86 5 Microsoft.WindowsDesktop.App.Runtime.win-x64 5 forkcms/forkcms 5 github.com/IBAX-io/go-ibax 5 github.com/nats-io/jwt 5 passenger 5 com.vaadin:vaadin-bom 5 statamic/cms 5 code.gitea.io/gitea 5 @openzeppelin/contracts-upgradeable 5 serve 5 aubio 5 org.apache.dolphinscheduler:dolphinscheduler 5 github.com/cilium/cilium 5 OPCFoundation.NetStandard.Opc.Ua.Core 5
Filter by Repository
https://github.com/chakra-core/ChakraCore 204 https://github.com/tensorflow/tensorflow 107 https://github.com/xwiki/xwiki-platform 48 https://github.com/FasterXML/jackson-databind 44 https://github.com/jenkinsci/jenkins 36 https://github.com/apache/tomcat 34 https://github.com/python-pillow/Pillow 26 https://github.com/microweber/microweber 25 https://github.com/apache/airflow 25 https://github.com/pimcore/pimcore 25 https://github.com/django/django 24 https://github.com/moodle/moodle 24 https://github.com/x-stream/xstream 22 https://github.com/keycloak/keycloak 22 https://github.com/apache/struts 22 https://github.com/opencv/opencv 21 https://github.com/sparklemotion/nokogiri 20 https://github.com/Dolibarr/dolibarr 19 https://github.com/thorsten/phpmyfaq 18 https://github.com/dotnet/runtime 17 https://github.com/pmmp/PocketMine-MP 17 https://github.com/rancher/rancher 16 https://github.com/symfony/symfony 16 https://github.com/spring-projects/spring-framework 16 https://github.com/parse-community/parse-server 15 https://github.com/ikus060/rdiffweb 15 https://github.com/ansible/ansible 15 https://github.com/vyperlang/vyper 14 https://github.com/apache/inlong 14 https://github.com/librenms/librenms 14 https://github.com/github/advisory-database 14 https://github.com/getgrav/grav 13 https://github.com/usememos/memos 13 https://github.com/jenkinsci/script-security-plugin 13 https://github.com/mlflow/mlflow 12 https://github.com/rails/rails 12 https://github.com/hashicorp/consul 11 https://github.com/apache/nifi 11 https://github.com/electron/electron 11 https://github.com/mautic/mautic 11 https://github.com/OpenMage/magento-lts 10 https://github.com/centreon/centreon 10 https://github.com/argoproj/argo-cd 10 https://github.com/go-gitea/gitea 10 https://github.com/octobercms/october 10 https://github.com/cui2shark/cms 9 https://github.com/apache/camel 9 https://github.com/nilsteampassnet/teampass 9 https://github.com/strapi/strapi 9 https://github.com/golang/go 9 https://github.com/rusqlite/rusqlite 9 https://github.com/cloudfoundry/uaa 9 https://github.com/kubernetes/kubernetes 9 https://github.com/nervosnetwork/ckb 9 https://github.com/denoland/deno 8 https://github.com/matrix-org/synapse 8 https://github.com/gradio-app/gradio 8 https://github.com/TYPO3/TYPO3.CMS 8 https://github.com/nats-io/nats-server 8 https://github.com/bcgit/bc-java 8 https://github.com/openstack/keystone 8 https://github.com/cobbler/cobbler 8 https://github.com/cockpit-hq/cockpit 8 https://github.com/shopware/platform 8 https://github.com/undertow-io/undertow 7 https://github.com/apache/cxf 7 https://github.com/apache/activemq 7 https://github.com/eclipse/jetty.project 7 https://github.com/spring-projects/spring-security 7 https://github.com/rubygems/rubygems 7 https://github.com/DSpace/DSpace 7 https://github.com/snipe/snipe-it 7 https://github.com/PHPMailer/PHPMailer 7 https://github.com/dotnet/aspnetcore 7 https://github.com/netty/netty 7 https://github.com/plone/Products.CMFPlone 7 https://github.com/hashicorp/vault 7 https://github.com/OpenZeppelin/openzeppelin-contracts 6 https://github.com/pyca/cryptography 6 https://github.com/smarty-php/smarty 6 https://github.com/nilsteampassnet/TeamPass 6 https://github.com/magento/magento2 6 https://github.com/Pylons/waitress 6 https://github.com/ls1intum/Ares 6 https://github.com/zitadel/zitadel 6 https://github.com/hyperledger/fabric 6 https://github.com/PaddlePaddle/Paddle 6 https://github.com/DrunkenShells/Disclosures 6 https://github.com/nautobot/nautobot 6 https://github.com/xuxueli/xxl-job 6 https://github.com/CVEProject/cvelist 6 https://github.com/saltstack/salt 6 https://github.com/istio/istio 6 https://github.com/guzzle/guzzle 6 https://github.com/gravitl/netmaker 6 https://github.com/WWBN/AVideo 6 https://github.com/dnnsoftware/Dnn.Platform 6 https://github.com/OpenNMS/opennms 6 https://github.com/dromara/hutool 6 https://github.com/intelliants/subrion 6 https://github.com/npm/node-tar 6 https://github.com/phpmyadmin/phpmyadmin 6 https://github.com/TYPO3/typo3 6 https://github.com/froxlor/froxlor 6 https://github.com/bodil/sized-chunks 6 https://github.com/contao/contao 6 https://github.com/kiwitcms/Kiwi 6 https://github.com/opencast/opencast 6 https://github.com/sequelize/sequelize 6 https://github.com/backstage/backstage 6 https://github.com/OPCFoundation/UA-.NETStandard 6 https://github.com/faisalman/ua-parser-js 5 https://github.com/twisted/twisted 5 https://github.com/laravel/framework 5 https://github.com/cefsharp/CefSharp 5 https://github.com/BlackFan/client-side-prototype-pollution 5 https://github.com/forkcms/forkcms 5 https://github.com/vercel/next.js 5 https://github.com/protocolbuffers/protobuf 5 https://github.com/ethereum/go-ethereum 5 https://github.com/composer/composer 5 https://github.com/PrestaShop/PrestaShop 5 https://github.com/aubio/aubio 5 https://github.com/docker/docker 5 https://github.com/drupal/core 5 https://github.com/apache/hadoop 5 https://github.com/gogs/gogs 5 https://github.com/zopefoundation/Zope 5 https://github.com/pear/Archive_Tar 5 https://github.com/cakephp/cakephp 5 https://github.com/traefik/traefik 5 https://github.com/answerdev/answer 5 https://github.com/apache/dolphinscheduler 5 https://github.com/IBAX-io/go-ibax 5 https://github.com/geoserver/geoserver 5 https://github.com/hpcng/singularity 5 https://github.com/getkirby/kirby 5 https://github.com/apache/xmlgraphics-batik 5 https://github.com/apache/kylin 5 https://github.com/codeigniter4/CodeIgniter4 5 https://github.com/directus/directus 5 https://github.com/cilium/cilium 5 https://github.com/matrix-org/matrix-js-sdk 5 https://github.com/restlet/restlet-framework-java 4 https://github.com/vantage6/vantage6 4 https://github.com/statamic/cms 4 https://github.com/centreon/centreon-archived 4 https://github.com/quarkusio/quarkus 4 https://github.com/apache/geode 4 https://github.com/jnqnfe/pulse-binding-rust 4 https://github.com/containers/podman 4 https://github.com/fiveai/Cachet 4 https://github.com/totaljs/framework 4 https://github.com/apple/swift-nio-http2 4 https://github.com/nocodb/nocodb 4 https://github.com/RaspAP/raspap-webgui 4 https://github.com/wixtoolset/issues 4 https://github.com/hashicorp/nomad 4 https://github.com/phpseclib/phpseclib 4 https://github.com/tidwall/gjson 4 https://github.com/cri-o/cri-o 4 https://github.com/nightcloudos/new_cms 4 https://github.com/kubernetes/ingress-nginx 4 https://github.com/free5gc/free5gc 4 https://github.com/ckeditor/ckeditor4 4 https://github.com/livehelperchat/livehelperchat 4 https://github.com/jettison-json/jettison 4 https://github.com/cloudflare/cfrpki 4 https://github.com/baserproject/basercms 4 https://github.com/jhipster/generator-jhipster 4 https://github.com/surrealdb/surrealdb 4 https://github.com/yiisoft/yii2 4 https://github.com/libp2p/go-libp2p 4 https://github.com/scrapy/scrapy 4 https://github.com/0xJacky/nginx-ui 4 https://github.com/playframework/playframework 4 https://github.com/igniterealtime/Openfire 4 https://github.com/PrismJS/prism 4 https://github.com/pgadmin-org/pgadmin4 4 https://github.com/ericcornelissen/shescape 4 https://github.com/jenkinsci/workflow-cps-global-lib-plugin 4 https://github.com/containers/buildah 4 https://github.com/Froxlor/Froxlor 4 https://github.com/pimcore/admin-ui-classic-bundle 4 https://github.com/Codiad/Codiad 4 https://github.com/opencontainers/runc 4 https://github.com/jeecgboot/jeecg-boot 4 https://github.com/npm/cli 4 https://github.com/bolt/bolt 4 https://github.com/ethyca/fides 4 https://github.com/Studio-42/elFinder 3 https://github.com/inventree/InvenTree 3 https://github.com/jenkinsci/gitlab-plugin 3 https://github.com/GoogleChrome/rendertron 3 https://github.com/hazelcast/hazelcast 3 https://github.com/pf4j/pf4j 3 https://github.com/li-yu320/cms 3 https://github.com/hashicorp/go-getter 3 https://github.com/rgrove/sanitize 3