Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Low Security Advisories
Loading...
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:aqua-serverless
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01NmdqLTkyN3AtbWZwaM4AAiB_
Jenkins Aqua Security Serverless Scanner Plugin showed plain text password in job configuration form fieldsEcosystems: maven
Packages: org.jenkins-ci.plugins:aqua-serverless
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: io.jenkins.plugins:cavisson-ns-nd-integration
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 months ago
GSA_kwCzR0hTQS1ncXhyLWh2cnctNmhmaM4AAzWv
Jenkins NS-ND Integration Performance Publisher Plugin displays credentials without maskingEcosystems: maven
Packages: io.jenkins.plugins:cavisson-ns-nd-integration
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 months ago
Low
Ecosystems: maven
Packages: com.openmake:deployhub
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1obTU3LTRxcHgtZjczNM4AAjx2
Credentials transmitted in plain text by Jenkins DeployHub PluginEcosystems: maven
Packages: com.openmake:deployhub
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 1 month ago
GSA_kwCzR0hTQS05cWhjLXBnNmotd2YyM84AA6nm
Concrete CMS Stored XSS in blocks of type fileEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 1 month ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 1 month ago
GSA_kwCzR0hTQS14d3JoLXF4bWMteDhjOM4AA6ni
Concrete CMS Cross-site Scripting (XSS) in the Advanced File Search FilterEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 1 month ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 1 month ago
GSA_kwCzR0hTQS1yN3E0LWN3OXItdmhwNM4AA6nj
Concrete CMS Stored XSS in the Custom Class page editingEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 1 month ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 1 month ago
GSA_kwCzR0hTQS1xZ205LXJ4bXEtanhtcc4AA6nk
Concrete CMS Stored XSS in the Search FieldEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 1 month ago
Low
Ecosystems: go
Packages: github.com/etcd-io/etcd
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 year ago
GSA_kwCzR0hTQS0zcDRnLXJjdzUtODI5OM4AAzUC
etcd Key name can be accessed via LeaseTimeToLive APIEcosystems: go
Packages: github.com/etcd-io/etcd
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 year ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost-server/v6
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 9 months ago
GSA_kwCzR0hTQS1nM3Y2LXI4cDktd3hnOc4AA1Pz
Mattermost fails to correctly delete attachmentsEcosystems: go
Packages: github.com/mattermost/mattermost-server/v6
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 9 months ago
Low
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1mcDZwLTV4dnctbTc0Zs4AAZQc
Django User Enumeration VulnerabilityEcosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5ZnctOXg4Ny1ybXJq
Privilege Context Switching Error in ElasticsearchEcosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 3 years ago
Low
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2d3AtNG02Zi1nY2pn
`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: about 3 years ago
Low
Ecosystems: npm
Packages: express-basic-auth
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMzNXYtcXdxZy04N2pj
express-basic-auth Timing Attack due to native string comparison instead of constant time string comparisonEcosystems: npm
Packages: express-basic-auth
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: almost 5 years ago
Low
Ecosystems: maven
Packages: com.nimbusds:nimbus-jose-jwt
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: about 2 years ago
GSA_kwCzR0hTQS1qZm1xLTRnNG0tOTlyaM4AASBR
Nimbus JOSE+JWT vulnerable to padding oracle attackEcosystems: maven
Packages: com.nimbusds:nimbus-jose-jwt
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: about 2 years ago
Low
Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2ZjQtZnczMy02ajJ2
Potential sensitive data exposure in applications using Vaadin 15Ecosystems: maven
Packages: com.vaadin:vaadin-bom
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: about 3 years ago
Low
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 1 year ago
GSA_kwCzR0hTQS14bTY3LTU4N3EtcjJ2d84AAyAX
wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 1 year ago
Low
Ecosystems: go
Packages: github.com/sigstore/cosign, github.com/sigstore/cosign/v2
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 6 months ago
GSA_kwCzR0hTQS12ZnA2LWpydzItOTlnOc4AA2_S
Cosign vulnerable to possible endless data attack from attacker-controlled registryEcosystems: go
Packages: github.com/sigstore/cosign, github.com/sigstore/cosign/v2
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 6 months ago
Low
Ecosystems: maven
Packages: com.inedo.proget:inedo-proget
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1mNmc4LXB4dnAtOTMyOM4AAiIK
Jenkins Inedo ProGet Plugin Plugin has Cleartext Transmission of Sensitive InformationEcosystems: maven
Packages: com.inedo.proget:inedo-proget
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ec2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05aHZmLXBmcTMtN3BwNs4AAjR5
CSRF vulnerability in Jenkins Amazon EC2 PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:ec2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.springframework.graphql:spring-graphql
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 8 months ago
GSA_kwCzR0hTQS1mcnFjLWYyaDgtZmp2Zs4AA19h
Spring for GraphQL may be exposed to GraphQL context with values from a different sessionEcosystems: maven
Packages: org.springframework.graphql:spring-graphql
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 8 months ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:azure-ad
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12dmcyLWhnM2MtbXFqM84AAjkh
Client secret transmitted in plain text by Azure AD PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:azure-ad
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ssh-agent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS13d2d4LTk0djYtZmMycM4AASyU
Jenkins SSH Agent Plugin exposes SSH private key password to users with permission to read the build logEcosystems: maven
Packages: org.jenkins-ci.plugins:ssh-agent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Low
Ecosystems: maven
Packages: io.jenkins.plugins:s3explorer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tZjRwLXdqcm0tY21qcM4AAvdJ
AWS secrets displayed without masking by Jenkins S3 Explorer PluginEcosystems: maven
Packages: io.jenkins.plugins:s3explorer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 2 years ago
GSA_kwCzR0hTQS1xaDM2LTQ0anYtYzh4as0oSA
Potential proxy IP restriction bypass in KubernetesEcosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 2 years ago
Low
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN4NGMtcHEzMy00dzNx
Improper authorisation of members discloses room membership to non-membersEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:credentials-binding
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03ZmY4LXFmd3gtOGd4Nc4AAknO
Improper masking of some secrets in Jenkins Credentials Binding PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:credentials-binding
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:resource-disposer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS02M2pnLTV3djYtN2dods4AAV9P
Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resourceEcosystems: maven
Packages: org.jenkins-ci.plugins:resource-disposer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Low
Ecosystems: maven
Packages: org.datadog.jenkins.plugins:datadog
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oZjd3LWY0aDQtOXhwOM4AAYZt
Exposure of Sensitive Information in Jenkins Datadog pluginEcosystems: maven
Packages: org.datadog.jenkins.plugins:datadog
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: go
Packages: github.com/tendermint/tendermint
Source: GitHub Advisory Database
Blast Radius: 10.8
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYyNGgtcGpqdi1tY3A2
Denial of service in TendermintEcosystems: go
Packages: github.com/tendermint/tendermint
Source: GitHub Advisory Database
Blast Radius: 10.8
Published: almost 3 years ago
Low
Ecosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1mODk5LTRtcjQtZnFwds4AA4Uf
Apache Answer Race Condition vulnerabilityEcosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Low
Ecosystems: npm
Packages: showdown
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2bXEtM2NqNi1oNzM4
Reverse Tabnabbing in showdownEcosystems: npm
Packages: showdown
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 3 years ago
Low
Ecosystems: maven
Packages: com.datapipe.jenkins.plugins:hashicorp-vault-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1mbTZxLTk3Z3ctYzR3aM0sPg
Agent-to-controller security bypass in Jenkins HashiCorp Vault PluginEcosystems: maven
Packages: com.datapipe.jenkins.plugins:hashicorp-vault-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Low
Ecosystems: go
Packages: teler.app
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS14cjdwLThxODItODc4cc4AAwLZ
teler dashboard vulnerable to DOM-based cross-site scripting (XSS)Ecosystems: go
Packages: teler.app
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: npm
Packages: bootstrap-table
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: over 2 years ago
GSA_kwCzR0hTQS1tdzZxLTk4bXAtZzhnOM0W5Q
Cross-site Scripting in bootstrap-tableEcosystems: npm
Packages: bootstrap-table
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: over 2 years ago
Low
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 2 years ago
GSA_kwCzR0hTQS12dzQ3LW1yNDQtM2pmOc0V6g
Confused Deputy in KubernetesEcosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 2 years ago
Low
Ecosystems: pypi
Packages: Flask-Security-Too
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZxbWYtZmo2bS02ODZj
Open Redirect in Flask-Security-TooEcosystems: pypi
Packages: Flask-Security-Too
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: almost 3 years ago
Low
Ecosystems: rubygems
Packages: decidim
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 3 months ago
GSA_kwCzR0hTQS1yMjc1LWo1N2MtN21mMs4AA5ZI
Race condition in EndorsementsEcosystems: rubygems
Packages: decidim
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 3 months ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ec2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13Nmh3LTU3anEtaDdmNc4AAknq
CSRF vulnerability in Amazon EC2 PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:ec2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: cargo
Packages: hyper
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYzcGctcXd2Zy1wOTlj
Lenient Parsing of Content-Length Header When Prefixed with Plus SignEcosystems: cargo
Packages: hyper
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: almost 3 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:quality-gates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ndmNqLTcyaDQtOHhtOc4AAjx0
Jenkins Quality Gates Plugin transmits credentials in plain text during configurationEcosystems: maven
Packages: org.jenkins-ci.plugins:quality-gates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: com.coravy.hudson.plugins.github:github
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1teGNjLTdoNW0teDU3cs4AAtsO
Jenkins GitHub plugin uses weak webhook signature functionEcosystems: maven
Packages: com.coravy.hudson.plugins.github:github
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: almost 2 years ago
Low
Ecosystems: rubygems
Packages: audited
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 1 year ago
GSA_kwCzR0hTQS1oanAzLTVnMnEtN2p3d84AAzCk
Race Condition leading to logging errorsEcosystems: rubygems
Packages: audited
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 1 year ago
Low
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: 5 months ago
GSA_kwCzR0hTQS05cjZwLWhnNGctNWd4cM4AA3oU
Microweber missing standardized error handling mechanismEcosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 2.2
Published: 5 months ago
Low
Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 6.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJqd3ctMng4di1tOXY5
Potential sensitive data exposure in applications using Vaadin 15Ecosystems: maven
Packages: com.vaadin:flow-server
Source: GitHub Advisory Database
Blast Radius: 6.5
Published: about 3 years ago
Low
Ecosystems: npm
Packages: @liquity/contracts
Source: GitHub Advisory Database
Blast Radius: 1.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhoMnAtN3A4Ny1maGdo
Incorrect TCR calculation in batchLiquidateTroves() during Recovery ModeEcosystems: npm
Packages: @liquity/contracts
Source: GitHub Advisory Database
Blast Radius: 1.5
Published: almost 3 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03eHA4LTd3cXgtNWhxeM4AAjcV
Jenkins REST APIs vulnerable to clickjackingEcosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY5MzYtajhncC05cTNw
Open redirects on some federation and push requestsEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: about 3 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:support-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05MnBnLThnNTctaHFweM4AAnqH
Support bundles can include user session IDs in Jenkins Support Core PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:support-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1yOG03LTc5MmotNWp2cc4AAZvd
TYPO3 Cross-Site Scripting (XSS) vulnerabilities in Content Editing Wizards componentEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: almost 2 years ago
Low
Ecosystems: actions
Packages: Azure/setup-kubectl
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wNzU2LXJmeGgteDYzaM4AAx-a
Azure/setup-kubectl: Escalation of privilege vulnerability for v3 and lowerEcosystems: actions
Packages: Azure/setup-kubectl
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Low
Ecosystems: go
Packages: github.com/mutagen-io/mutagen, github.com/mutagen-io/mutagen-compose
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 1 year ago
GSA_kwCzR0hTQS1qbXAyLXdjNHAtd2ZoMs4AAzGL
Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpointsEcosystems: go
Packages: github.com/mutagen-io/mutagen, github.com/mutagen-io/mutagen-compose
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 1 year ago
Low
Ecosystems: go
Packages: github.com/foxcpp/maddy
Source: GitHub Advisory Database
Blast Radius: 0.9
Published: over 2 years ago
GSA_kwCzR0hTQS1xaDU0LTl2YzUtbTlmZ80WgQ
MD5 hash support in github.com/foxcpp/maddyEcosystems: go
Packages: github.com/foxcpp/maddy
Source: GitHub Advisory Database
Blast Radius: 0.9
Published: over 2 years ago
Low
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: over 2 years ago
GSA_kwCzR0hTQS1mOWpnLThwMzItMmY1Nc0hRw
kubectl ANSI escape characters not filteredEcosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: over 2 years ago
Low
Ecosystems: go
Packages: helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1MmYtcHE0Ny0ycjlq
plugin.yaml file allows for duplicate entries in helmEcosystems: go
Packages: helm.sh/helm, helm.sh/helm/v3
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: almost 3 years ago
Low
Ecosystems: go
Packages: github.com/opencontainers/distribution-spec
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: over 2 years ago
GSA_kwCzR0hTQS1tYzh2LW1ncmYtOGY0bc0XWA
Clarify Content-Type handlingEcosystems: go
Packages: github.com/opencontainers/distribution-spec
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: over 2 years ago
Low
Ecosystems: go
Packages: github.com/containerd/containerd
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 2 years ago
GSA_kwCzR0hTQS01ajV3LWc2NjUtNW0zNc0XXw
Ambiguous OCI manifest parsingEcosystems: go
Packages: github.com/containerd/containerd
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 2 years ago
Low
Ecosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI0bTMtdzhnOS1qd3Bx
Information disclosure of source code in SimpleSAMLphpEcosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: about 4 years ago
Low
Ecosystems: pypi
Packages: openapi-python-client
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd3Z3ItNzY2Ni03cHdq
Path Traversal in openapi-python-clientEcosystems: pypi
Packages: openapi-python-client
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: over 3 years ago
Low
Ecosystems: go
Packages: go.temporal.io/server
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: 11 months ago
GSA_kwCzR0hTQS1nbTJnLTJ4cjktcHh4as4AA0J6
Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of ResourceEcosystems: go
Packages: go.temporal.io/server
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: 11 months ago
Low
Ecosystems: go
Packages: code.gitea.io/gitea
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 11 months ago
GSA_kwCzR0hTQS1jZjZ2LTlqNTctdjZyNs4AA0Nx
code.gitea.io/gitea Open Redirect vulnerabilityEcosystems: go
Packages: code.gitea.io/gitea
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: 11 months ago
Low
Ecosystems: go
Packages: github.com/docker/distribution
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 2 years ago
GSA_kwCzR0hTQS1xcTk3LXZtNWgtcnJoZ80psQ
OCI Manifest Type Confusion IssueEcosystems: go
Packages: github.com/docker/distribution
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 2 years ago
Low
Ecosystems: maven
Packages: com.datadoghq:datadog-api-client
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJjeGYtNjU2Ny03cHA2
Local Information Disclosure VulnerabilityEcosystems: maven
Packages: com.datadoghq:datadog-api-client
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 3 years ago
Low
Ecosystems: go
Packages: github.com/opencontainers/image-spec
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 2 years ago
GSA_kwCzR0hTQS03N3ZoLXhwbWctNzJxaM0XWQ
Clarify `mediaType` handlingEcosystems: go
Packages: github.com/opencontainers/image-spec
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 2 years ago
Low
Ecosystems: pypi
Packages: python-keystoneclient
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: almost 2 years ago
GSA_kwCzR0hTQS04cTJtLXB3eGYtamM3Z84AAY6T
python-keystoneclient unsecure user password updateEcosystems: pypi
Packages: python-keystoneclient
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 3 months ago
GSA_kwCzR0hTQS1xcHhtLTY4OXItMzg0Oc4AA5gL
Apache Camel data exposure vulnerabilityEcosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 3 months ago
Low
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 2 years ago
GSA_kwCzR0hTQS1xdjk1LWczZ20teDU0Ms0Wfg
Hashicorp Vault Privilege Escalation VulnerabilityEcosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 2 years ago
Low
Ecosystems: pypi
Packages: nova
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: about 2 years ago
GSA_kwCzR0hTQS1ocWZ4LTR4NHctdm13cM0-2g
Openstack nova qcow format could expose host filesystem informationEcosystems: pypi
Packages: nova
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: about 2 years ago
Low
Ecosystems: pypi, nuget, maven
Packages: mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 1 year ago
GSA_kwCzR0hTQS1qZjJwLTRncWotODQ5Z84AAwED
Temporary File Information Disclosure vulnerability in MPXJEcosystems: pypi, nuget, maven
Packages: mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 1 year ago
Low
Ecosystems: packagist
Packages: october/backend
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4M3YtNTUzeC0zYzRx
Stored XSS by authenticated backend user with access to upload filesEcosystems: packagist
Packages: october/backend
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: over 3 years ago
Low
Ecosystems: pypi
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: about 1 year ago
GSA_kwCzR0hTQS01Z3A1LXZ4ajYtNDI1N84AAx9T
OpenStack Glance Inclusion of Functionality from Untrusted Control Sphere vulnerabilityEcosystems: pypi
Packages: glance
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: qiskit-ibm-runtime
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: about 2 months ago
GSA_kwCzR0hTQS1jcTk2LTk5NzQtdjhobc4AA6LE
Dynamic Variable Evaluation in qiskit-ibm-runtimeEcosystems: pypi
Packages: qiskit-ibm-runtime
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 7 months ago
GSA_kwCzR0hTQS1mYzc1LTU4cjgtcm0zaM4AA2kA
Wagtail vulnerable to disclosure of user names via admin bulk action viewsEcosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 7 months ago
Low
Ecosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: almost 2 years ago
GSA_kwCzR0hTQS0zMmZmLTRnNzktdmdmY84AAtvO
Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query stringsEcosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: almost 2 years ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost-server
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: 19 days ago
GSA_kwCzR0hTQS01Zmg3LTdtdzctbW14Nc4AA7VJ
Mattermost allows team admins to promote guests to team adminsEcosystems: go
Packages: github.com/mattermost/mattermost-server
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: 19 days ago
Low
Ecosystems: rubygems
Packages: katello
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1tNHdoLTg0OGotOXcycs4AAixg
Katello cleartext password storage issueEcosystems: rubygems
Packages: katello
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: almost 2 years ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost-server
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: 19 days ago
GSA_kwCzR0hTQS01cXg5LTlmZmotNXI4Zs4AA7VE
Mattermost fails to fully validate role changesEcosystems: go
Packages: github.com/mattermost/mattermost-server
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: 19 days ago
Low
Ecosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS0zcncyLXdmYzgtd21qNc4AA0xu
Fides Webserver Vulnerable to SVG Bomb File UploadsEcosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Low
Ecosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1nOTVjLTJqZ20taHFjNs4AA0xt
Fides Webserver Vulnerable to Zip Bomb File UploadsEcosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Low
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-deploy
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo2cWotajg4OC12dmdx
Directory exposure in jettyEcosystems: maven
Packages: org.eclipse.jetty:jetty-deploy
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: about 3 years ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost-server/v6, github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: 8 months ago
GSA_kwCzR0hTQS1oOHdoLWY3Z3ctZndwcs4AA2I9
Mattermost Incorrect Authorization vulnerabilityEcosystems: go
Packages: github.com/mattermost/mattermost-server/v6, github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: 8 months ago
Low
Ecosystems: go
Packages: github.com/lima-vm/lima
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: 12 months ago
GSA_kwCzR0hTQS1mN3F3LWpqOWMtcnBxOc4AAzkQ
In Lima, a malicious disk image could read a single file on the host filesystem as a qcow2/vmdk backing fileEcosystems: go
Packages: github.com/lima-vm/lima
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: 12 months ago
Low
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 1.9
Published: about 2 years ago
GSA_kwCzR0hTQS1jNWdqLXc0aHgtZ3ZteM0t6A
Business Logic Errors in microweberEcosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 1.9
Published: about 2 years ago
Low
Ecosystems: packagist
Packages: ec-cube/ec-cube
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS13anB2LWZyZjItM3I1OM4AAvFz
EC-CUBE Directory traversal vulnerabilityEcosystems: packagist
Packages: ec-cube/ec-cube
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: maven
Packages: com.typesafe.play:play
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY5bWYtamdxMy1jMjho
Data Amplification in Play FrameworkEcosystems: maven
Packages: com.typesafe.play:play
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Low
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: almost 2 years ago
GSA_kwCzR0hTQS1yd2Y3LTY1MmYtNzZtds4AAml3
Magento 2 Community Edition vulnerable to Improper AuthorizationEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: almost 2 years ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost-server/v6, github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: 8 months ago
GSA_kwCzR0hTQS1ycDY1LWpwYzctOGg4cM4AA2I7
Mattermost Incorrect Authorization vulnerabilityEcosystems: go
Packages: github.com/mattermost/mattermost-server/v6, github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: 8 months ago
Low
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: over 1 year ago
GSA_kwCzR0hTQS03Y3A3LWpmcDYtamg0Zs4AAxFz
Shopware's log module vulnerable to Improper Output NeutralizationEcosystems: packagist
Packages: shopware/core, shopware/platform
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05cXJwLWg3ZnctNDJoZ84AArTY
Path Traversal in XWiki PlatformEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 11 months ago
GSA_kwCzR0hTQS1qaHByLWo3Y3EtM2pwM84AAz_s
Flask-AppBuilder vulnerable to possible disclosure of sensitive information on user errorEcosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 11 months ago
Low
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-http
Source: GitHub Advisory Database
Blast Radius: 10.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1jajd2LTI3cGctd2Y3cc4AAtJM
Jetty invalid URI parsing may produce invalid HttpURI.authorityEcosystems: maven
Packages: org.eclipse.jetty:jetty-http
Source: GitHub Advisory Database
Blast Radius: 10.5
Published: almost 2 years ago
Low
Ecosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZyNTgtNHhnci1nbTZt
SilverStripe Priviledge escalation through cache pollutionEcosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 4 years ago
Low
Ecosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 14 days ago
GSA_kwCzR0hTQS13MnY4LXBocDQtcDhoY84AA7eE
Wagtail has permission check bypass when editing a model with per-field restrictions through `wagtail.contrib.settings` or `ModelViewSet`Ecosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 14 days ago
Low
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 23 days ago
GSA_kwCzR0hTQS1weGh3LTU5NnItcndxNc4AA7Ph
Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission pluginEcosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 23 days ago
Low
Ecosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ2ZmMtZzhqNS05Y2Nm
Generation of Error Message Containing Sensitive Information in KeycloakEcosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:coverity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1jZ2hnLWpjdjYtNHY1bc4AASj5
Jenkins Coverity Plugin has Insufficiently Protected CredentialsEcosystems: maven
Packages: org.jenkins-ci.plugins:coverity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Low
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: almost 2 years ago
GSA_kwCzR0hTQS0zOXJ3LTRtNjYtODJnZs4AAmmH
Magento incorrect user permissions vulnerability within the Inventory componentEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:lambdatest-automation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1ocHYzLWY1cDctcHhqOc4AA2rA
Jenkins lambdatest-automation Plugin may expose Credentials access tokenEcosystems: maven
Packages: org.jenkins-ci.plugins:lambdatest-automation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Low
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: over 1 year ago
GSA_kwCzR0hTQS05Zm1jLTVmcTQtNWp3aM4AAvx0
HashiCorp Nomad vulnerable to Insufficient Session ExpirationEcosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: over 1 year ago
Low
Ecosystems: npm
Packages: matrix-react-sdk
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUybXEtNmpjdi1qNzl4
User content sandbox can be confused into opening arbitrary documentsEcosystems: npm
Packages: matrix-react-sdk
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: about 3 years ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS0zZzM1LXY1M3ItZ3B4Y84AA5qJ
Mattermost race conditionEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Statistics
Advisories: 18,592
Packages: 8,342
Repositories: 446
Ecosystems: 12
Packages: 8,342
Repositories: 446
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
109
tensorflow-cpu
93
tensorflow-gpu
93
moodle/moodle
17
concrete5/concrete5
13
shopware/platform
12
typo3/cms
11
shopware/core
10
phpmyadmin/phpmyadmin
10
github.com/mattermost/mattermost/server/v8
10
nova
9
org.jenkins-ci.main:jenkins-core
9
org.apache.tomcat:tomcat
9
vyper
7
matrix-synapse
7
Umbraco.CMS
6
puppet
6
sweetalert2
5
helm.sh/helm/v3
5
baserproject/basercms
5
typo3/cms-core
5
undici
5
wasmtime
5
ansible
5
rack
5
k8s.io/kubernetes
5
october/backend
5
org.keycloak:keycloak-services
4
electron
4
helm.sh/helm
4
github.com/cilium/cilium
4
actionpack
4
com.vaadin:flow-server
4
github.com/mattermost/mattermost-server/v6
4
simplesamlphp/simplesamlphp
4
magento/community-edition
4
shopware/shopware
4
org.graylog2:graylog2-server
3
github.com/mattermost/mattermost-server
3
@openzeppelin/contracts-upgradeable
3
sylius/sylius
3
passenger
3
ethyca-fides
3
bin-links
3
com.vaadin:vaadin-bom
3
wagtail
3
glance
3
ckb
3
org.apache.hive:hive
3
org.apache.hive:hive-service
3
symfony/symfony
3
github.com/cosmos/cosmos-sdk
3
org.apache.hive:hive-exec
3
httplib2
3
cryptography
3
plone
3
nautobot
3
node-forge
3
go.etcd.io/etcd
3
org.jenkins-ci.plugins:azure-ad
2
ceph-deploy
2
github.com/hashicorp/nomad
2
typo3/cms-frontend
2
gilacms/gila
2
salt
2
org.jenkins-ci.plugins:bigpanda-jenkins
2
node-ipc
2
Django
2
github.com/answerdev/answer
2
next-auth
2
github.com/authzed/spicedb
2
Pillow
2
github.com/containerd/containerd
2
org.jenkins-ci.plugins:ec2
2
github.com/sigstore/cosign
2
braces
2
winter/wn-backend-module
2
django
2
Flask-Security-Too
2
com.inedo.proget:inedo-proget
2
tuf
2
moin
2
horizon
2
october/cms
2
github.com/mattermost/mattermost-plugin-jira
2
com.ruoyi:ruoyi
2
org.apache.activemq:activemq-parent
2
@openzeppelin/contracts
2
craftcms/cms
2
parse-server
2
Nova
2
activesupport
2
flarum/core
2
org.jenkins-ci.plugins:artifactory
2
github.com/ntbosscher/gobase
2
langchain
2
org.jenkins-ci.plugins:wso2id-oauth
2
nokogiri
2
tools.devnull:build-notifications
2
@apollo/server
2
microweber/microweber
2
keystone
2
github.com/cometbft/cometbft
2
org.bouncycastle:bcprov-jdk14
2
pip
2
OctoPrint
2
github.com/opencontainers/runc
2
silverstripe/framework
2
Zope
2
grumpydictator/firefly-iii
2
aiohttp
2
typo3/cms-install
2
github.com/mutagen-io/mutagen
2
go.etcd.io/etcd/client/v3
2
org.jenkins-ci.plugins:mercurial
2
org.jenkins-ci.plugins:repository-connector
2
ezsystems/ezplatform-kernel
2
ezsystems/ezpublish-kernel
2
Flask-AppBuilder
2
org.eclipse.jetty:jetty-server
2
vantage6
2
cargo
2
s2n-quic
2
symfony/security-http
2
org.xwiki.platform:xwiki-platform-oldcore
2
es5-ext
1
fast-xml-parser
1
org.xwiki.platform:xwiki-platform-security-authentication-script
1
ajenti
1
org.jenkins-ci.plugins:snsnotify
1
org.scala-sbt:io_3
1
org.scala-sbt:io_2.13
1
org.scala-sbt:io_2.12
1
org.scala-sbt:sbt
1
org.keycloak:keycloak-core
1
org.jenkins-ci.plugins:openshift-deployer
1
@diez/generation
1
github.com/oauth2-proxy/oauth2-proxy
1
github.com/oauth2-proxy/oauth2-proxy/v7
1
github.com/nats-io/nats-server/v2
1
wiremock
1
com.github.tomakehurst:wiremock-jre8-standalone
1
com.github.tomakehurst:wiremock-jre8
1
org.wiremock:wiremock
1
org.wiremock:wiremock-standalone
1
rabbit_common
1
@liquity/contracts
1
github.com/Masterminds/goutils
1
automad/automad
1
mindspore
1
go.elastic.co/apm
1
kafo
1
net.sf.mpxj:mpxj
1
net.sf.mpxj
1
net.sf.mpxj-for-csharp
1
net.sf.mpxj-for-vb
1
mpxj
1
keylime
1
kimai/kimai
1
zerocopy
1
francoisjacquet/rosariosis
1
RPLY
1
seneca
1
hooka-tools
1
github.com/canonical/lxd
1
org.bouncycastle:bcprov-jdk13
1
org.bouncycastle:bcprov-jdk12
1
io.jenkins.plugins:gitlab-branch-source
1
org.springframework.batch:spring-batch-core
1
org.jenkins-ci.plugins:ghprb
1
com.xuxueli:xxl-job-core
1
virtualenv
1
com.typesafe.play:play
1
ember-source
1
@aedart/support
1
streamlit
1
org.jenkins-ci.plugins:reverse-proxy-auth-plugin
1
thelounge
1
flarum/framework
1
Werkzeug
1
django-basic-auth-ip-whitelist
1
qutebrowser
1
njwt
1
github.com/flyteorg/flyteadmin
1
plone.restapi
1
datasette-graphql
1
org.keycloak:keycloak-server-spi-private
1
spina
1
admidio/admidio
1
phpmyfaq/phpmyfaq
1
solidus_backend
1
debug
1
org.keycloak:keycloak-parent
1
org.xmlunit:xmlunit-core
1
github.com/consensys/gnark-crypto
1
github.com/tendermint/tendermint
1
github.com/aws/aws-sdk-go
1
github.com/goharbor/harbor
1
croogo/croogo
1
@floffah/build
1
Filter by Repository
https://github.com/tensorflow/tensorflow
109
https://github.com/moodle/moodle
17
https://github.com/concretecms/concretecms
13
https://github.com/shopware/platform
12
https://github.com/openstack/nova
11
https://github.com/etcd-io/etcd
8
https://github.com/umbraco/Umbraco-CMS
7
https://github.com/matrix-org/synapse
7
https://github.com/phpmyadmin/phpmyadmin
7
https://github.com/eclipse/jetty.project
7
https://github.com/vyperlang/vyper
7
https://github.com/octobercms/october
7
https://github.com/rails/rails
6
https://github.com/sweetalert2/sweetalert2
5
https://github.com/rack/rack
5
https://github.com/nodejs/undici
5
https://github.com/ansible/ansible
5
https://github.com/helm/helm
5
https://github.com/kubernetes/kubernetes
5
https://github.com/keycloak/keycloak
5
https://github.com/bytecodealliance/wasmtime
5
https://github.com/baserproject/basercms
5
https://github.com/TYPO3/typo3
5
https://github.com/xwiki/xwiki-platform
5
https://github.com/puppetlabs/puppet
5
https://github.com/jenkinsci/jenkins
5
https://github.com/simplesamlphp/simplesamlphp
4
https://github.com/apache/tomcat
4
https://github.com/cilium/cilium
4
https://github.com/wintercms/winter
4
https://github.com/shopware/shopware
4
https://github.com/electron/electron
4
https://github.com/mattermost/mattermost
4
https://github.com/vaadin/platform
4
https://github.com/vaadin/flow
3
https://github.com/CVEProject/cvelist
3
https://github.com/nautobot/nautobot
3
https://github.com/ethyca/fides
3
https://github.com/Graylog2/graylog2-server
3
https://github.com/symfony/symfony
3
https://github.com/openstack/keystone
3
https://github.com/Sylius/Sylius
3
https://github.com/pyca/cryptography
3
https://github.com/digitalbazaar/forge
3
https://github.com/wagtail/wagtail
3
https://github.com/httplib2/httplib2
3
https://github.com/vantage6/vantage6
3
https://github.com/django/django
3
https://github.com/phusion/passenger
3
https://github.com/cosmos/cosmos-sdk
3
https://github.com/nervosnetwork/ckb
3
https://github.com/apache/activemq
2
https://gitlab.com/sequoia-pgp/sequoia
2
https://github.com/dpgaspar/Flask-AppBuilder
2
https://github.com/GilaCMS/gila
2
https://github.com/mutagen-io/mutagen
2
https://github.com/answerdev/answer
2
https://github.com/sigstore/cosign
2
https://github.com/opencontainers/runc
2
https://github.com/parse-community/parse-server
2
https://github.com/aio-libs/aiohttp
2
https://github.com/sparklemotion/nokogiri
2
https://github.com/aws/s2n-quic
2
https://github.com/ntbosscher/gobase
2
https://github.com/openstack/horizon
2
https://github.com/microweber/microweber
2
https://github.com/zopefoundation/Zope
2
https://github.com/openstack/glance
2
https://github.com/quarkusio/quarkus
2
https://github.com/jenkinsci/ec2-plugin
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/TYPO3/TYPO3.CMS
2
https://github.com/hashicorp/nomad
2
https://github.com/authzed/spicedb
2
https://github.com/cometbft/cometbft
2
https://github.com/RIAEvangelist/node-ipc
2
https://github.com/containerd/containerd
2
https://github.com/Flask-Middleware/flask-security
2
https://github.com/bcgit/bc-java
2
https://github.com/mattermost/mattermost-plugin-jira
2
https://github.com/nats-io/nats-server
2
https://github.com/nextauthjs/next-auth
2
https://github.com/apollographql/apollo-server
2
https://github.com/ceph/ceph-deploy
2
https://github.com/octoprint/octoprint
2
https://github.com/micromatch/braces
2
https://github.com/rust-lang/cargo
2
https://github.com/craftcms/cms
2
https://github.com/theupdateframework/python-tuf
2
https://github.com/flarum/framework
2
https://github.com/pypa/pip
2
https://github.com/opencontainers/distribution-spec
2
https://github.com/ezsystems/ezplatform-kernel
2
https://github.com/firefly-iii/firefly-iii
2
https://github.com/saltstack/salt
2
https://github.com/electron-userland/electron-packager
1
https://github.com/ktorio/ktor
1
https://github.com/PrestaShop/productcomments
1
https://github.com/mlflow/mlflow
1
https://github.com/kopia/kopia
1
https://github.com/jcubic/jquery.terminal
1
https://github.com/floriangaerber/Magnesium-PHP
1
https://github.com/lexik/LexikJWTAuthenticationBundle
1
https://github.com/aedart/ion
1
https://github.com/kitabisa/teler
1
https://github.com/firebase/firebase-tools
1
https://github.com/jeremylong/DependencyCheck
1
https://github.com/tauri-apps/tauri
1
https://github.com/node-red/node-red
1
https://github.com/ubernostrum/django-registration
1
https://github.com/personnummer/php
1
https://github.com/tendermint/tendermint
1
https://github.com/elastic/apm-agent-dotnet
1
https://github.com/plone/Products.CMFPlone
1
https://github.com/jenkinsci/mercurial-plugin
1
https://github.com/canonical/lxd
1
https://github.com/thelounge/thelounge
1
https://github.com/jenkinsci/parameterized-remote-trigger-plugin
1
https://github.com/google/zerocopy
1
https://github.com/ezsystems/ezpublish-kernel
1
https://github.com/tinymce/tinymce
1
https://github.com/NVIDIA/NeMo
1
https://github.com/vapor/postgres-nio
1
https://github.com/jquery-validation/jquery-validation
1
https://github.com/zopefoundation/Products.PluggableAuthService
1
https://github.com/Azure/setup-kubectl
1
https://github.com/swagger-api/swagger-codegen
1
https://github.com/knative-extensions/eventing-github
1
https://github.com/dojo/dijit
1
https://github.com/fluent/fluentd
1
https://github.com/joeferner/redis-commander
1
https://github.com/fastify/fastify-http-proxy
1
https://github.com/brefphp/bref
1
https://github.com/medikoo/es5-ext
1
https://github.com/jenkinsci/resource-disposer-plugin
1
https://github.com/jenkinsci/email-ext-plugin
1
https://github.com/python-imaging/Pillow
1
https://github.com/jenkinsci/qmetry-for-jira-test-management-plugin
1
https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID
1
https://github.com/simplegeo/python-oauth2
1
https://github.com/decidim/decidim
1
https://github.com/spinacms/spina
1
https://github.com/rust-vmm/linux-loader
1
https://github.com/elastic/apm-agent-go
1
https://github.com/amundsen-io/amundsenfrontendlibrary
1
https://github.com/personnummer/go
1
https://github.com/keylime/keylime
1
https://github.com/vega/vega
1
https://github.com/Masterminds/goutils
1
https://github.com/skylot/jadx
1
https://github.com/cloudfoundry/uaa
1
https://github.com/directus/directus
1
https://github.com/Twipped/ircdkit
1
https://github.com/openjdk/jfx
1
https://github.com/impredicative/bitlyshortener
1
https://github.com/livehelperchat/livehelperchat
1
https://github.com/CosmWasm/cosmwasm
1
https://github.com/cjvnjde/google-translate-api-browser
1
https://github.com/jenkinsci/gitlab-plugin
1
https://github.com/zowe/imperative
1
https://github.com/dub-flow/vulnerability-research
1
https://github.com/jenkinsci/digitalocean-plugin
1
https://github.com/theupdateframework/go-tuf
1
https://github.com/arguiot/EyeJS
1
https://github.com/croogo/croogo
1
https://github.com/triaxtec/openapi-python-client
1
https://github.com/npm/npm
1
https://github.com/derbyjs/derby
1
https://github.com/puma/puma
1
https://github.com/endojs/endo
1
https://github.com/moq/moq
1
https://github.com/rails/globalid
1
https://github.com/zopefoundation/Products.GenericSetup
1
https://github.com/rust-vmm/vm-memory
1
https://github.com/yourls/yourls
1
https://github.com/xuxueli/xxl-job
1
https://github.com/ajenti/ajenti
1
https://github.com/argoproj/argo-workflows
1
https://github.com/containers/podman
1
https://github.com/mapfish/mapfish-print
1
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
1
https://github.com/jenkinsci/m2release-plugin
1
https://github.com/tlsfuzzer/tlslite-ng
1
https://github.com/openstack/neutron
1
https://github.com/Nebulosus/shamir
1
https://github.com/tailscale/tailscale
1
https://github.com/matrix-org/vodozemac
1
https://github.com/tm-kn/django-basic-auth-ip-whitelist
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/Bouke/django-user-sessions
1
https://github.com/ericcornelissen/shescape
1
https://sourceforge.net/projects/sourceforge.net
1
https://github.com/memorysafety/sudo-rs
1
https://gitlab.com/edneville/please
1
https://github.com/xmlunit/xmlunit
1
https://github.com/octokit/octopoller.rb
1
https://github.com/disintegration/imaging
1
https://github.com/gradle/gradle
1
https://github.com/node-js-libs/cli
1