Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: maven
Packages: org.apache.httpcomponents:httpclient
Source: GitHub Advisory Database
Blast Radius: 50.5
Published: about 2 years ago
GSA_kwCzR0hTQS1wcXdoLTQ0amotcDVybc4AAQXh
Hostname verification in Apache HttpClient 4.3 was disabled by defaultEcosystems: maven
Packages: org.apache.httpcomponents:httpclient
Source: GitHub Advisory Database
Blast Radius: 50.5
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: set-object-value
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRqajQtbTUycC04cngz
Prototype pollution in set-object-valueEcosystems: npm
Packages: set-object-value
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 3 years ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: about 1 year ago
GSA_kwCzR0hTQS1qY2htLWZtNHEtYzJmcM4AAzHG
Apache Airflow vulnerable to Privilege Context Switching ErrorEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: bufver-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNyNHgtdzJ2Ny00bW1m
Malicious Package in bufver-xorEcosystems: npm
Packages: bufver-xor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: pypi
Packages: lxdui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wNHhoLTQ4NjktOHZyZ84AApw_
AdaptiveScale LXDUI Hardcoded JWT Secret KeyEcosystems: pypi
Packages: lxdui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: com.bstek.ureport:ureport2-core
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: over 2 years ago
GSA_kwCzR0hTQS03MjlmLXd2ajMtYzRwas0Vzw
Remote code execution in UReportEcosystems: maven
Packages: com.bstek.ureport:ureport2-core
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: deap
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: about 2 years ago
GSA_kwCzR0hTQS14ZzQ3LXI2N3Atdmh2Nc4AAWdB
Improper Input Validation in DeapEcosystems: npm
Packages: deap
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: about 2 years ago
Critical
Ecosystems: cargo
Packages: sodiumoxide
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdydmMtNzJ3Ny14cG1q
Incorrect Comparison in sodiumoxideEcosystems: cargo
Packages: sodiumoxide
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: rimrafall
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThocTItZmNxbS0zOWhx
Malicious Package in rimrafallEcosystems: npm
Packages: rimrafall
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 2 years ago
GSA_kwCzR0hTQS1mOGZ2LWY3ODYtOTkzM80skg
Magento improper input validation vulnerabilityEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: fs-path
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThtcmYtNjRmdy0yeDc1
Command injection in fs-pathEcosystems: npm
Packages: fs-path
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: about 3 years ago
Critical
Ecosystems: npm
Packages: blamer
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: almost 2 years ago
GSA_kwCzR0hTQS04Y3hwLWNqbTgtZmozNs4AAj0O
Improper Neutralization of Special Elements used in an OS Command in BlamerEcosystems: npm
Packages: blamer
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-module-system, org.jeecgframework.boot:jeecg-boot-base-core
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: over 1 year ago
GSA_kwCzR0hTQS02dzg5LWM2NXctangyY84AAxE2
Jeecg-boot is vulnerable to SQL injectionEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-module-system, org.jeecgframework.boot:jeecg-boot-base-core
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.xmlrpc:xmlrpc
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 2 years ago
GSA_kwCzR0hTQS00Z3FwLTI5NnItajVtcc4AAUrW
Apache XML-RPC vulnerable to Deserialization of Untrusted DataEcosystems: maven
Packages: org.apache.xmlrpc:xmlrpc
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: obsidian
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: almost 2 years ago
GSA_kwCzR0hTQS00NW14LWc4NW0td3dtM84AApcx
Obsidian does not require user confirmation for non-http/https URLs.Ecosystems: npm
Packages: obsidian
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: colour-string
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThtbWYtcXA3ai0ydzI0
Malicious Package in colour-stringEcosystems: npm
Packages: colour-string
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: saync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBtOXYtMzI1Zi01Zzc0
Malicious Package in sayncEcosystems: npm
Packages: saync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: font-converter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1nMmMzLXZ3ZmYtbTN4cs4AAuhr
Font-Converter Vulnerable to Arbitrary Command InjectionEcosystems: npm
Packages: font-converter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: deep-set
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: almost 2 years ago
GSA_kwCzR0hTQS13Z3htLXJnNTMtaDJjNs4AAnAt
Prototype pollution vulnerability in 'deep-set'Ecosystems: npm
Packages: deep-set
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS14NzR4LXFmNWotMzVqaM33fg
Sandbox bypass vulnerability in Jenkins Pipeline: Groovy PluginEcosystems: maven
Packages: org.jenkins-ci.plugins.workflow:workflow-cps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: boogeyman
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTloYzItdzlnZy1xNmp3
Malicious Package in boogeymanEcosystems: npm
Packages: boogeyman
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: find-exec
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 9 months ago
GSA_kwCzR0hTQS05NXJwLTZncXAtNjYyMs4AA1lI
Command Injection Vulnerability in find-execEcosystems: npm
Packages: find-exec
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 9 months ago
Critical
Ecosystems: rubygems
Packages: ftpd
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: over 2 years ago
GSA_kwCzR0hTQS03dnhyLTZjeGctajN4OM0WRw
OS Command Injection in ftpdEcosystems: rubygems
Packages: ftpd
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: regenrator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01cDQtN3dmOS02dzk5
Malicious Package in regenratorEcosystems: npm
Packages: regenrator
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1qZjg2LTk0MzQtZjhjMs4AAi3L
Keycloak Authentication ErrorEcosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: git-big-picture
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14MzhqLTRycjUtaHFyas4AAnOo
git-big-picture Code ExecutionEcosystems: pypi
Packages: git-big-picture
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 2 years ago
Critical
Ecosystems: rubygems
Packages: flash_tool
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS02MzI1LTZnMzItN3AzNc4AAxNI
flash_tool Gem for Ruby File Download Handling Arbitrary Command ExecutionEcosystems: rubygems
Packages: flash_tool
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: knplabs/knp-snappy
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 8 months ago
GSA_kwCzR0hTQS05MnJ2LTRqMmgtOG1qas4AA1xE
Snappy PHAR deserialization vulnerabilityEcosystems: packagist
Packages: knplabs/knp-snappy
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 8 months ago
Critical
Ecosystems: npm
Packages: deep-defaults
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1oNnhnLXJnMzMtOW1mNM4AAolT
deep-defaults vulnerable to prototype pollutionEcosystems: npm
Packages: deep-defaults
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: 6 months ago
GSA_kwCzR0hTQS1mNDc1LXg4M20tcng1bc4AA3Ax
Label Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session TokensEcosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: 6 months ago
Critical
Ecosystems: packagist
Packages: drupal/core, drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: over 2 years ago
GSA_kwCzR0hTQS04Y3c1LXJ2OTgtNWM0Ns0g-A
Arbitrary PHP code execution in DrupalEcosystems: packagist
Packages: drupal/core, drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: gh-pages
Source: GitHub Advisory Database
Blast Radius: 53.7
Published: over 1 year ago
GSA_kwCzR0hTQS04bW1tLTl2MnEteDNmOc4AAvPk
tschaub gh-pages vulnerable to prototype pollutionEcosystems: npm
Packages: gh-pages
Source: GitHub Advisory Database
Blast Radius: 53.7
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: promise-probe
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12bXFxLTdxdngtNjhxeM4AAjn8
promise-probe OS command injection vulnerabilityEcosystems: npm
Packages: promise-probe
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: about 2 years ago
GSA_kwCzR0hTQS01ODh3LXc2bXYtM2N3Nc3sUg
Ansible Insertion of Sensitive Information into Log File vulnerabilityEcosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.openrefine:database
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS1wM3I1LXgzaHItZ3BnNc4AA10e
OpenRefine Remote Code execution in project import with mysql jdbc url attackEcosystems: maven
Packages: org.openrefine:database
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Critical
Ecosystems: maven
Packages: org.drools:drools-core
Source: GitHub Advisory Database
Blast Radius: 33.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1yYzU3LTlyM3gtOThjcc4AArse
XML External Entity Reference in droolsEcosystems: maven
Packages: org.drools:drools-core
Source: GitHub Advisory Database
Blast Radius: 33.3
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: joplin
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: over 2 years ago
GSA_kwCzR0hTQS04NDc4LTUzcHYtanh2bc0pvQ
Joplin Vulnerable to Code InjectionEcosystems: npm
Packages: joplin
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: xcb
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMyODgtY3dndy1jaDg2
Unchecked Return Value in xcbEcosystems: cargo
Packages: xcb
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: mogobd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjaGctZzk0ci02NHFn
Malicious Package in mogobdEcosystems: npm
Packages: mogobd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: cargo
Packages: xcb
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1wNnItZmd3Mi1yeGZ4
Arbitrary return types in xcbEcosystems: cargo
Packages: xcb
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4YzItbWozOS1xNTk5
Strapi allows unauthenticated attacker to reset admin password without valid reset tokenEcosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 4 years ago
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 2 years ago
GSA_kwCzR0hTQS05YzI0LWczMmctMzVyas4AAWPD
Drupal PECL YAML parser unsafe object handlingEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 2 years ago
Critical
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
GSA_kwCzR0hTQS1tOHI5LXF4eDgtbXJ4cM4AAwnn
rdiffweb Improper Access Control vulnerabilityEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:bitbucket-oauth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS14OXE0LXF3ZmgtOWdqcc4AAxJ-
Session fixation vulnerability in Jenkins Bitbucket OAuth PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:bitbucket-oauth
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: cargo
Packages: http
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZyaHgtaHF4bS04cDM2
Double free in httpEcosystems: cargo
Packages: http
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: vagrant.js
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS01NGp3LWpxcjktNmNqOc4AAxM2
Command injection in vagrant.jsEcosystems: npm
Packages: vagrant.js
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: create-choo-electron
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qOHdyLWZ3ZjItdnZyOc4AAxM9
Command Injection in create-choo-electronEcosystems: npm
Packages: create-choo-electron
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: cargo
Packages: xcb
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4cGctM2h4NC1mbTly
Out of bounds read in xcbEcosystems: cargo
Packages: xcb
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: json-serializer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd4ZnEteGg2di00bXJt
Malicious Package in json-serializerEcosystems: npm
Packages: json-serializer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: com.h2database:h2
Source: GitHub Advisory Database
Blast Radius: 53.2
Published: over 2 years ago
GSA_kwCzR0hTQS1oMzc2LWoyNjItdmhxNs0g_w
RCE in H2 ConsoleEcosystems: maven
Packages: com.h2database:h2
Source: GitHub Advisory Database
Blast Radius: 53.2
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 8 months ago
GSA_kwCzR0hTQS1yd2h4LTZoeDctcHFjOM4AA2As
SQL injection in jeecgbootEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: gevent
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: 8 months ago
GSA_kwCzR0hTQS14N20zLWpwcmctd2M1Z84AA2Bl
Gevent allows remote attacker to escalate privilegesEcosystems: pypi
Packages: gevent
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: 8 months ago
Critical
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 2 years ago
GSA_kwCzR0hTQS02amhtLTR2bXgtbXI3Ns0mbA
SQL injection in MoodleEcosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: just-safe-set
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYyNnctZ2N4aC12NHI3
Prototype polluation in just-safe-setEcosystems: npm
Packages: just-safe-set
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-base-core, org.jeecgframework.boot:jeecg-boot-base
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: about 2 years ago
GSA_kwCzR0hTQS1mOXBnLWc5eHctcjVnMs0siw
SQL Injection in Jeecg-bootEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-base-core, org.jeecgframework.boot:jeecg-boot-base
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: over 2 years ago
GSA_kwCzR0hTQS03bWhjLXByZ3YtcjNxNM0j-w
Access of Resource Using Incompatible Type in HermesEcosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: formio
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: almost 2 years ago
GSA_kwCzR0hTQS01MnZqLW1yMmotZjhqaM4AArVX
Server-Side Template Injection in formioEcosystems: npm
Packages: formio
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 50.0
Published: 25 days ago
GSA_kwCzR0hTQS00cmNoLTJmaDgtOTR2d84AA7Pp
MySQL2 for Node Arbitrary Code InjectionEcosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 50.0
Published: 25 days ago
Critical
Ecosystems: pypi
Packages: swift
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: about 2 years ago
GSA_kwCzR0hTQS12N21oLTNqZ2YtcjI2Y84AAaDG
OpenStack Object Storage (swift) Code Injection vulnerabilityEcosystems: pypi
Packages: swift
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: about 2 years ago
Critical
Ecosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS1yNmdwLXJmZjItcDNoZs4AA7Ca
llama-index-core Command Injection vulnerabilityEcosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
Ecosystems: npm
Packages: simple-plist
Source: GitHub Advisory Database
Blast Radius: 54.0
Published: about 2 years ago
GSA_kwCzR0hTQS1nZmY3LWc1cjgtbWc4bc01GA
Prototype Pollution in simple-plistEcosystems: npm
Packages: simple-plist
Source: GitHub Advisory Database
Blast Radius: 54.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: org.richfaces:richfaces-core
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: about 2 years ago
GSA_kwCzR0hTQS00ajM4LXdqaGYtODg0cs384Q
Arbitrary code execution in RichfacesEcosystems: maven
Packages: org.richfaces:richfaces-core
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: com.jflyfox:jflyfox_jfinal
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS13djM5LWYzdngtM3Y2cc4AAuZ-
SQL injection in jflyfox jfinalEcosystems: maven
Packages: com.jflyfox:jflyfox_jfinal
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: elefant/cms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 2 years ago
GSA_kwCzR0hTQS14MncyLXFndjYtOHhybc39cw
Elefant CMS PHP Code Execution VulnerabilityEcosystems: packagist
Packages: elefant/cms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 2 years ago
Critical
Ecosystems: pypi
Packages: llama-index
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: 4 months ago
GSA_kwCzR0hTQS0yanh3LTRobTQtNnc4N84AA4mj
SQL injection in llama-indexEcosystems: pypi
Packages: llama-index
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: 4 months ago
Critical
Ecosystems: pypi
Packages: lmdb
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1wZjNwLXY5eHAtbXJ2Zs4AAq3o
py-lmdb Invalid write operationEcosystems: pypi
Packages: lmdb
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.springframework.cloud:spring-cloud-function-context
Source: GitHub Advisory Database
Blast Radius: 22.3
Published: about 2 years ago
GSA_kwCzR0hTQS02djczLWZnZjYtdzVqN8032w
Spring Cloud Function Code Injection with a specially crafted SpEL as a routing expressionEcosystems: maven
Packages: org.springframework.cloud:spring-cloud-function-context
Source: GitHub Advisory Database
Blast Radius: 22.3
Published: about 2 years ago
Critical
Ecosystems: packagist
Packages: zendframework/zendframework, zendframework/zend-db, zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: 24 days ago
GSA_kwCzR0hTQS1xaDl3LXI3ZzUtcTkzOc4AA7QZ
Zend Framework SQL injection vulnerabilityEcosystems: packagist
Packages: zendframework/zendframework, zendframework/zend-db, zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: 24 days ago
Critical
Ecosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 2 years ago
GSA_kwCzR0hTQS1mNmpwLWo2dzMtdzlobc0V4A
Apache Shiro vulnerable to a specially crafted HTTP request causing an authentication bypassEcosystems: maven
Packages: org.apache.shiro:shiro-core
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 2 years ago
GSA_kwCzR0hTQS03Zmg5LTkzM2ctODg1cM4AAUGf
Drupal Core Remote Code Execution VulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 2 years ago
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 24 days ago
GSA_kwCzR0hTQS0yOTd4LWo5cG0teGpnZ84AA7QY
Drupal Core Remote Code Execution VulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 24 days ago
Critical
Ecosystems: npm
Packages: @keystone-6/core
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 1 year ago
GSA_kwCzR0hTQS0yNW14LTJteG0tNjM0M84AAvsH
@keystone-6/core's NODE_ENV defaults to development with esbuildEcosystems: npm
Packages: @keystone-6/core
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 2 years ago
GSA_kwCzR0hTQS1mNHF4LWpxZnEtNzc4Nc4AASZQ
Drupal Entity access bypass for entities that do not have UUIDs or have protected revisionsEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 2 years ago
Critical
Ecosystems: maven
Packages: com.xuxueli:xxl-job-core
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: over 1 year ago
GSA_kwCzR0hTQS1tNTRmLXJwNnItcnJybc4AAvG6
XXL-JOB contains a Command execution vulnerability in background tasksEcosystems: maven
Packages: com.xuxueli:xxl-job-core
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: over 1 year ago
Critical
Ecosystems: cargo
Packages: actix-web
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: over 2 years ago
GSA_kwCzR0hTQS03eDM2LWg2Mnctdnc2Nc0frA
Out-of-bounds Write in actix-webEcosystems: cargo
Packages: actix-web
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.dubbo:dubbo-parent
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
GSA_kwCzR0hTQS1mcHJyLXJybTgtNDUzNM4AAwuU
Apache Dubbo vulnerable to remote code execution via Telnet HandlerEcosystems: maven
Packages: org.apache.dubbo:dubbo-parent
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 2 years ago
GSA_kwCzR0hTQS13eHFwLWp3YzktZzM5eM4AAoYB
Drupal Core Access bypass vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: flumedb
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
GSA_kwCzR0hTQS1wNDZjLXc5bTMtN3FyMs0fqg
Use of Uninitialized Resource in flumedb.Ecosystems: cargo
Packages: flumedb
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: koa-body-parse
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdxZ3EtbWZ2ai02cXhw
Malicious Package in koa-body-parseEcosystems: npm
Packages: koa-body-parse
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 2 years ago
GSA_kwCzR0hTQS0zZnB2LTU0ZmYtd3Fmas3jyQ
Deserialization of Untrusted Data in topthink/frameworkEcosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 2 years ago
Critical
Ecosystems: cargo
Packages: molecule
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 2 years ago
GSA_kwCzR0hTQS02cDNjLXY4dmMtYzI0NM0fkg
The `total_size` function for partial read the length of any `FixVec` is incorrect in molecule.Ecosystems: cargo
Packages: molecule
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: monorepo-build
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01dnJjLTdqZnItNDY0Ms4AAtxv
monorepo-build Command Injection vulnerabilityEcosystems: npm
Packages: monorepo-build
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: sha2
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 2 years ago
GSA_kwCzR0hTQS1mYzd4LTJjbWMtOGoyZ80fkw
Incorrect hash in sha2Ecosystems: cargo
Packages: sha2
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: payload
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 2 years ago
GSA_kwCzR0hTQS13OHhoLTkzcWgtMzV2d8068Q
Unrestricted Upload of File with Dangerous Type in PayloadEcosystems: npm
Packages: payload
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: about 2 years ago
Critical
Ecosystems: cargo
Packages: mopa
Source: GitHub Advisory Database
Blast Radius: 27.3
Published: over 2 years ago
GSA_kwCzR0hTQS0yZ3hqLXFycDItNTNqds0flA
Incorrect reliance on Trait memory layout in mopaEcosystems: cargo
Packages: mopa
Source: GitHub Advisory Database
Blast Radius: 27.3
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: ali-contributors
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThtNXYtZjJ3cC13cXI5
Malicious Package in ali-contributorsEcosystems: npm
Packages: ali-contributors
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 10 months ago
GSA_kwCzR0hTQS13cDZjLTI5cjMtanF3Oc4AA08A
SQL injection in jeecg-bootEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 10 months ago
Critical
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS04Z2ptLWgzeGotbXA2d80fkQ
RPC call failure in ckbEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: codeigniter/framework
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: about 2 years ago
GSA_kwCzR0hTQS1nNDM0LTNxMmotaGo0cs4AAWhd
CodeIgniter Session Fixation VulnerabilityEcosystems: packagist
Packages: codeigniter/framework
Source: GitHub Advisory Database
Blast Radius: 26.5
Published: about 2 years ago
Critical
Ecosystems: cargo
Packages: acc_reader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1wNGNyLTY0eDQtZjkyZs0fpA
Use of Uninitialized Resource in acc_reader.Ecosystems: cargo
Packages: acc_reader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 1 year ago
GSA_kwCzR0hTQS1tcXc5LTNjam0teHdwM84AAvIw
Moodle Minor SQL injection risk in admin user browsingEcosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 1 year ago
GSA_kwCzR0hTQS0yaG1tLXEyNzIteG1oZs4AAvIu
Moodle remote code executionEcosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 1 year ago
Critical
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
GSA_kwCzR0hTQS1xM3JtLWY1MjctZ2h4as4AAw-1
Publify Improper Input Validation vulnerabilityEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 2 years ago
GSA_kwCzR0hTQS14aHEzLTQ1NXIteHY0NM4AAayr
Moodle SQL injection via user preferencesEcosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 2 years ago
Critical
Ecosystems: pypi
Packages: lmdb
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1jNzRjLXA0cDctcjhxNc4AAiBu
py-lmdb Invalid write operationEcosystems: pypi
Packages: lmdb
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: cn.hutool:hutool-all
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 1 year ago
GSA_kwCzR0hTQS03N2g4LTVqM2gtamNqZs4AAxTc
Dromara Hutool Deserialization of Untrusted Data vulnerabilityEcosystems: maven
Packages: cn.hutool:hutool-all
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: gerapy
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 2 years ago
GSA_kwCzR0hTQS05dzdmLW00ajQtajN4d80g4g
Gerapy < 0.9.8 may cause remote code executionEcosystems: pypi
Packages: gerapy
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: js-data
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 2 years ago
GSA_kwCzR0hTQS1jNmg0LWdjM2YtaGdqcc0eZw
Prototype Pollution in js-dataEcosystems: npm
Packages: js-data
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.solr:solr-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1wY2NyLXE3djktNWYyN80eMw
Apache Solr Improper Input Validation and Path TraversalEcosystems: maven
Packages: org.apache.solr:solr-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: serializes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4OTktMzQ4eC1oM3Jx
Malicious Package in serializesEcosystems: npm
Packages: serializes
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 1,300
Ecosystems: 12
Packages: 8,381
Repositories: 1,300
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
34
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
org.jenkins-ci.main:jenkins-core
18
net.mingsoft:ms-mcms
18
salt
17
moodle/moodle
15
drupal/core
14
topthink/framework
13
com.liferay.portal:release.portal.bom
13
com.liferay.portal:release.dxp.bom
12
org.apache.dubbo:dubbo
12
langchain
12
mlflow
12
magento/core
11
org.apache.struts:struts2-core
11
apache-airflow
10
vm2
10
drupal/drupal
10
tensorflow
9
phpmyadmin/phpmyadmin
9
org.xwiki.platform:xwiki-platform-oldcore
9
funadmin/funadmin
9
tensorflow-gpu
8
tensorflow-cpu
8
paddlepaddle
8
froxlor/froxlor
8
org.jeecgframework.boot:jeecg-boot-common
8
shopware/platform
8
rdiffweb
8
org.xwiki.platform:xwiki-platform-web-templates
8
rusqlite
7
studio-42/elfinder
7
org.xwiki.platform:xwiki-platform-administration-ui
7
sequelize
7
gogs.io/gogs
7
ansible
7
symfony/symfony
7
thorsten/phpmyfaq
6
github.com/answerdev/answer
6
github.com/argoproj/argo-cd
6
parse-server
6
aaptjs
6
ezsystems/ezpublish-kernel
6
mautic/core
5
Microsoft.ChakraCore
5
django
5
org.jenkins-ci.plugins:script-security
5
org.xwiki.platform:xwiki-platform-web
5
safe-eval
5
org.jeecgframework.boot:jeecg-boot-parent
5
org.apache.inlong:manager-pojo
5
mercurial
5
org.apache.shiro:shiro-core
5
centreon/centreon
5
zendframework/zendframework
5
org.apache.activemq:activemq-client
5
shopware/core
5
prestashop/prestashop
5
ckb
5
steal
5
org.xwiki.commons:xwiki-commons-xml
5
Pillow
5
nodebb
5
org.cloudfoundry.identity:cloudfoundry-identity-server
4
github.com/grafana/grafana
4
nukeviet/nukeviet
4
github.com/argoproj/argo-cd/v2
4
org.apache.kylin:kylin-server-base
4
openssl-src
4
org.apache.tapestry:tapestry-core
4
baserproject/basercms
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
librenms/librenms
4
pyload-ng
4
apache-airflow-providers-apache-hive
4
PaddlePaddle
4
net.opentsdb:opentsdb
4
feehi/cms
4
calibreweb
4
contao/core-bundle
4
spree_auth_devise
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
swagger-ui
4
org.apache.tomcat.embed:tomcat-embed-core
4
safer-eval
4
github.com/hashicorp/vault
4
org.eclipse.jetty:jetty-server
4
github.com/usememos/memos
4
code.gitea.io/gitea
4
org.jeecgframework.boot:jeecg-boot-base-core
4
smallvec
4
hermes-engine
4
org.apache.openmeetings:openmeetings-parent
4
messagepack-rs
4
org.apache.inlong:manager-service
4
contao/contao
4
Django
4
realms-shim
4
nilsteampassnet/teampass
4
codeigniter4/framework
3
org.apache.logging.log4j:log4j-core
3
showdoc/showdoc
3
lmdb
3
org.jenkins-ci.plugins:active-directory
3
github.com/dexidp/dex
3
org.xwiki.platform:xwiki-platform-icon-ui
3
zendframework/zendframework1
3
org.apache.storm:storm
3
github.com/rancher/rancher
3
org.xwiki.platform:xwiki-platform-search-ui
3
org.apache.dolphinscheduler:dolphinscheduler
3
typo3/cms
3
org.apache.ignite:ignite-core
3
org.apache.inlong:manager-web
3
com.hazelcast:hazelcast
3
modoboa
3
log4j:log4j
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
id-map
3
tribalsystems/zenario
3
@openzeppelin/contracts-upgradeable
3
pimcore/pimcore
3
org.xwiki.platform:xwiki-platform-panels-ui
3
nvflare
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
org.jeecgframework.boot:jeecg-boot-base
3
slp-validate
3
org.keycloak:keycloak-core
3
ro.pippo:pippo-core
3
facade/ignition
3
symfony/security
3
edu.stanford.nlp:stanford-corenlp
3
com.jflyfox:jflyfox_jfinal
3
symfony/security-core
3
com.alibaba:dubbo
3
ezsystems/ezplatform-kernel
3
org.apache.hadoop:hadoop-common
3
jsrsasign
3
codeigniter/framework
3
impresscms/impresscms
3
github.com/go-gitea/gitea
3
simplesamlphp/simplesamlphp
3
nokogiri
3
org.apache.any23:apache-any23
3
org.apache.linkis:linkis
3
craftcms/cms
3
handlebars
3
smarty/smarty
3
rubygems-update
3
io.dataease:dataease-plugin-common
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
github.com/pterodactyl/wings
3
org.apache.ozone:ozone-main
3
adodb/adodb-php
3
slpjs
3
strapi
3
cobbler
3
dompdf/dompdf
3
org.springframework.security:spring-security-core
3
browserify-shim
3
org.apache.jmeter:ApacheJMeter
3
actix-web
3
ibexa/core
3
mongoose
3
io.undertow:undertow-core
3
org.apache.solr:solr-parent
3
xcb
3
phpmailer/phpmailer
3
org.apache.solr:solr-core
3
elefant/cms
3
org.richfaces:richfaces-core
3
francoisjacquet/rosariosis
3
ray
3
github.com/hashicorp/nomad
3
publify_core
3
feathers-sequelize
3
codiad/codiad
3
alextselegidis/easyappointments
2
eslint-config-eslint
2
github.com/beego/beego
2
github.com/beego/beego/v2
2
mysql2
2
org.xwiki.platform:xwiki-platform-attachment-ui
2
org.apache.flume.flume-ng-sources:flume-jms-source
2
llama-index
2
Radicale
2
github.com/russellhaering/gosaml2
2
laravel/framework
2
org.keycloak:keycloak-services
2
com.hazelcast.jet:hazelcast-jet
2
org.apache.derby:derby
2
cn.hutool:hutool-all
2
org.apache.inlong:manager-dao
2
@keystone-6/core
2
joplin
2
ctx
2
org.xwiki.platform:xwiki-platform-administration
2
org.xwiki.platform:xwiki-platform-distribution-war
2
org.jenkins-ci.plugins:semantic-versioning-plugin
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/apache/airflow
14
https://github.com/saltstack/salt
14
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/funadmin/funadmin
9
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/tensorflow/tensorflow
9
https://github.com/django/django
9
https://github.com/top-think/framework
9
https://github.com/langchain-ai/langchain
8
https://github.com/magento/magento2
8
https://github.com/ikus060/rdiffweb
8
https://github.com/apache/inlong
8
https://github.com/argoproj/argo-cd
7
https://github.com/Studio-42/elFinder
7
https://github.com/python-pillow/Pillow
7
https://github.com/gogs/gogs
7
https://github.com/go-gitea/gitea
7
https://github.com/ansible/ansible
7
https://github.com/sequelize/sequelize
7
https://github.com/rusqlite/rusqlite
7
https://github.com/apache/struts
7
https://github.com/thorsten/phpmyfaq
6
https://github.com/shopware/platform
6
https://github.com/shenzhim/aaptjs
6
https://github.com/parse-community/parse-server
6
https://github.com/symfony/symfony
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/answerdev/answer
6
https://github.com/apache/tomcat
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/PrestaShop/PrestaShop
5
https://github.com/nervosnetwork/ckb
5
https://github.com/froxlor/froxlor
5
https://github.com/NodeBB/NodeBB
5
https://github.com/apache/activemq
5
https://github.com/dromara/hutool
5
https://github.com/keycloak/keycloak
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/moodle/moodle
5
https://github.com/stealjs/steal
5
https://github.com/swagger-api/swagger-ui
4
https://github.com/hwchase17/langchain
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/janeczku/calibre-web
4
https://github.com/otake84/messagepack-rs
4
https://github.com/cloudfoundry/uaa
4
https://github.com/pippo-java/pippo
4
https://github.com/usememos/memos
4
https://github.com/contao/contao
4
https://github.com/dompdf/dompdf
4
https://github.com/spring-projects/spring-framework
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/servo/rust-smallvec
4
https://github.com/grafana/grafana
4
https://github.com/liufee/cms
4
https://github.com/pyload/pyload
4
https://github.com/CVEProject/cvelist
4
https://github.com/centreon/centreon-archived
3
https://github.com/shopware/shopware
3
https://github.com/modoboa/modoboa
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/publify/publify
3
https://github.com/facade/ignition
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/star7th/showdoc
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/pimcore/pimcore
3
https://github.com/smarty-php/smarty
3
https://github.com/rancher/rancher
3
https://github.com/facebook/hermes
3
https://github.com/craftcms/cms
3
https://github.com/nukeviet/nukeviet
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/hazelcast/hazelcast
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/crewjam/saml
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/ibexa/core
3
https://github.com/ADOdb/ADOdb
3
https://github.com/rubygems/rubygems.org
3
https://github.com/andrewhickman/id-map
3
https://github.com/rubygems/rubygems
3
https://github.com/twisted/twisted
3
https://github.com/apache/camel
3
https://github.com/actix/actix-web
3
https://github.com/pterodactyl/wings
3
https://github.com/dwisiswant0/advisory
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/octobercms/october
3
https://github.com/denoland/deno
3
https://github.com/mautic/mautic
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/github/securitylab
3
https://github.com/baserproject/basercms
3
https://github.com/dexidp/dex
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/neorazorx/facturascripts
3
https://github.com/apache/shiro
3
https://github.com/kjur/jsrsasign
3
https://github.com/mbechler/marshalsec
3
https://github.com/jmrozanec/cron-utils
2
https://github.com/sjep/array
2
https://github.com/pytorch/serve
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/jfinal/jfinal
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/top-think/thinkphp
2
https://github.com/SAP/cloud-pysec
2
https://github.com/apache/kylin
2
https://github.com/TribalSystems/Zenario
2
https://github.com/totaljs/framework
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/ahdinosaur/set-in
2
https://github.com/kubernetes/kubernetes
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/MrSwitch/hello.js
2
https://github.com/ibexa/admin-ui
2
https://github.com/evmos/evmos
2
https://github.com/beego/beego
2
https://github.com/dominictarr/libnested
2
https://github.com/fluxcd/flux2
2
https://github.com/moby/buildkit
2
https://github.com/unshiftio/url-parse
2
https://github.com/sidorares/node-mysql2
2
https://github.com/noear/solon
2
https://github.com/h2database/h2database
2
https://github.com/firebase/php-jwt
2
https://github.com/netvl/acc_reader
2
https://github.com/rubyzip/rubyzip
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/rest-client/rest-client
2
https://github.com/hashicorp/go-getter
2
https://github.com/qcubed/qcubed
2
https://github.com/nats-io/jwt
2
https://github.com/getgrav/grav
2
https://github.com/rochacbruno/quokka
2
https://github.com/graphite-project/graphite-web
2
https://github.com/rails/rails
2
https://github.com/uasoft-indonesia/badaso
2
https://github.com/apache/flume
2
https://github.com/Froxlor/Froxlor
2
https://github.com/TogaTech/tEnvoy
2
https://github.com/PowerJob/PowerJob
2
https://github.com/Gerapy/Gerapy
2
https://github.com/rust-random/rand
2
https://github.com/hashicorp/nomad
2
https://github.com/vert-x3/vertx-web
2
https://github.com/apache/karaf
2
https://github.com/simplesamlphp/simplesamlphp
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/sparklemotion/nokogiri
2
https://github.com/laurent22/joplin
2
https://gitlab.com/francoisjacquet/rosariosis
2
https://github.com/dominictarr/event-stream
2
https://github.com/KnpLabs/snappy
2
https://github.com/apache/incubator-streampark
2
https://github.com/SAP/cloud-security-services-integration-library
2
https://github.com/skoranga/node-dns-sync
2
https://github.com/commenthol/safer-eval
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/dfinity/agent-js
2
https://github.com/jaw187/node-traceroute
2
https://github.com/WWBN/AVideo
2
https://github.com/markevans/dragonfly
2
https://github.com/soketi/soketi
2
https://github.com/nilsteampassnet/TeamPass
2
https://github.com/line/armeria
2
https://github.com/gofiber/fiber
2
https://github.com/joomla/joomla-cms
2
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
2
https://github.com/benbusby/whoogle-search
2
https://github.com/google/flatbuffers
2
https://github.com/gventuri/pandas-ai
2
https://github.com/nodejs/llhttp
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/Automattic/mongoose
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/hashicorp/vault
2
https://github.com/ionicabizau/parse-url
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/keystonejs/keystone
2