Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Moderate Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1yeGZ2LWdtNXgtOXdxas4AAdTk
Jenkin allows attackers to obtain passwords by reading the HTML source code
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS05dmc5LXgzOGctOWhmeM4AAdTh
Jenkins allows attackers to determine whether a user exists
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1meGo4LWNxY3AtM3Zncc4AAdTf
Jenkins cross-site scripting (XSS) vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1jOTY3LTI2NTItZ2Zqbc4AA5zF
CasaOS Username Enumeration
Ecosystems: go
Packages: github.com/IceWhaleTech/CasaOS-UserService
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS04Zm00LXIyM3AtdjY4ds4AA5zr
Jenkins MQ Notifier Plugin exposes sensitive information in build logs
Ecosystems: maven
Packages: com.sonymobile.jenkins.plugins.mq:mq-notifier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1qNmpnLXc3OWMtN3A4ds0zJQ
File Upload Restriction Bypass leading to Cross-site Scripting in ShowDoc
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00aGZwLW05Z3YtbTc1M84AA5bO
XWiki extension license information is public, exposing instance id and license holder details
Ecosystems: maven
Packages: com.xwiki.licensing:application-licensing-licensor-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1ybXFwLW12djItNTRjNs4AA5ct
Apache Answer Unrestricted Upload of File with Dangerous Type vulnerability
Ecosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS01NnIzLWY1MzYtNWdmN84AA6JL
GeoServer's GWC Seed Form vulnerable to Stored Cross-Site Scripting (XSS)
Ecosystems: maven
Packages: org.geoserver:gs-gwc-rest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS05cmZyLXBmMngtZzR4Zs4AA6JJ
GeoServer's Style Publisher vulnerable to Stored Cross-Site Scripting (XSS)
Ecosystems: maven
Packages: org.geoserver:gs-ows, org.geoserver:gs-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS1xcnA5LTIzcDctZzVtZs4AA5ic
Apache Ambari XML External Entity injection
Ecosystems: maven
Packages: org.apache.ambari.contrib.views:wfmanager
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1ncDhnLWY0MmYtOTVxMs4AA6ar
ZITADEL's actions can overload reserved claims
Ecosystems: go
Packages: github.com/zitadel/zitadel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS02dmZ3LTc0d3ItM2NoaM0nNg
Cross-site Scripting in Crater Invoice
Ecosystems: packagist
Packages: bytefury/crater
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS05cTZ2LXJ4bXctZzNnaM4AA5ry
Apache Ambari: Various Cross site scripting problems
Ecosystems: maven
Packages: org.apache.ambari:ambari
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1oaGY4LWY1dzktZzZ2aM4AA6i0
OpenID Connect Authentication (oidc) Typo3 extension Authentication Bypass
Ecosystems: packagist
Packages: causal/oidc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS03ZnBnLXBwM20taDIyZs4AAdTl
Jenkins allows attackers to execute arbitrary jobs
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1yOTU2LTI1NTMtdnZocs4AA6sD
React Native Sms User Consent Intent Redirection Vulnerability
Ecosystems: npm
Packages: @kyivstarteam/react-native-sms-user-consent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
GSA_kwCzR0hTQS03OTQ1LTVtY3YtZjJwcM4AA521
LibOSDP vulnerable to a null pointer deref in osdp_reply_name
Ecosystems: pypi
Packages: libosdp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS14MnZnLTV3cmYtdmo2ds4AA53Z
1Panel is vulnerable to command injection
Ecosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
GSA_kwCzR0hTQS14cjhmLTU5cHAtcnh4aM4AAq4d
Elevation of privilege in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.SpaServices
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13dnhjLTg1NWYtanZyds4AA6y0
Azure Identity Library for .NET Information Disclosure Vulnerability
Ecosystems: nuget
Packages: Azure.Identity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY5ajItcTRxNS1jeGg0
No CSRF protection on the password change form
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS02NHg0LTloYzYtcjJoNs4AAtUo
Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library
Ecosystems: nuget
Packages: Azure.Storage.Blobs, Azure.Storage.Queues
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02dzJmLTZ3cTMtcmp2Zs4AAtYp
RuoYi 4.7.3 vulnerable to arbitrary file upload in background management module
Ecosystems: maven
Packages: com.ruoyi:ruoyi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01NjMzLWYzM2otYzZmN83_9A
Tampering vulnerability in .NET Core
Ecosystems: nuget
Packages: Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1wcnJmLTM5N3YtODN4aM4AAhTD
Open redirect in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Server.HttpSys, Microsoft.AspNetCore.Server.IIS, Microsoft.AspNetCore.All, Microsoft.AspNetCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14M3AzLTkyOWotcHE2Ns4AAdTU
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1mcTlmLTl3djktcmZtZ84AATfk
Improper Certificate Validation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1yNjljLTVqN2Mtdm02cc3o9A
Cross-site Scripting in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14Nmp3LTJmMjMtbWM1as3mkg
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1odzU1LWY4d2MtODJtNs4AAq6O
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB2MzYtaDdqaC1xbTYy
Heap buffer overflow in CefSharp
Ecosystems: nuget
Packages: CefSharp.Wpf.HwndHost, CefSharp.WinForms, CefSharp.Wpf, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
GSA_kwCzR0hTQS13amg5LTM0NGctdmM0Oc4AArdi
Cross-site Scripting in RosarioSIS
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wNTY2LXdweHgtNTc0bc4AAgZB
Missing Authorization in Jenkins WMI Windows Agents plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:windows-slaves
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1naHEyLW0zcHEtcWYzcM06rQ
Stored XSS in Jenkins CVS Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cvs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1jd3JtLTMzcXEtNHcyeM4AAwp6
usememos/memos Cross-Site Request Forgery vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1yN2hnLTJjcHAtOHdxcc4AAwp_
usememos/memos has Incorrectly Specified Destination in a Communication Channel
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1naGNxLTQ3MnctdmY0aM05dQ
Incorrect Use of Privileged APIs in org.xwiki.platform.skin.skinx
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-skin-skinx
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00OHAzLXhmdnctZzU5Y802fg
Incorrect Access Control in ImpressCMS
Ecosystems: packagist
Packages: impresscms/impresscms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS03djlwLTM0cjItcTY2OM4AAmKt
Incorrect default pattern in Jenkins Audit Trail Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:audit-trail
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xY3cyLTQ5MnYtNTd4as4AAwkV
usememos/memos missing Secure cookie attribute
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xcnJmLXh2Y2YtcDY0cc4AAwo9
usememos/memos vulnerable Improper Restriction of Excessive Authentication Attempts
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1oMjdnLTcybWgtOW0zM84AAiIW
Jenkins Git Changelog Plugin has Insufficiently Protected Credentials
Ecosystems: maven
Packages: de.wellnerbou.jenkins:git-changelog
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05ajJwLThxcWYtaDU1Y84AAxl7
Cross-site Scripting in UDX Stateless Media Plugin
Ecosystems: packagist
Packages: wpcloud/wp-stateless
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03OXJtLWYyNmctMjk2cM4AAhf5
Jenkins Maven Release Plugin vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: org.jenkins-ci.plugins.m2release:m2release
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12cTU5LTV4MjYtaDYzOc4AAyK3
Authorization Bypass Through User-Controlled Key play-with-docker
Ecosystems: go
Packages: github.com/play-with-docker/play-with-docker
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1qeHI2LTdxZzUtOHd2Ns4AAyPK
OpenNMS Meridian and Horizon vulnerable to Cross-Site Request Forgery
Ecosystems: maven
Packages: org.opennms:opennms-webapp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1jajZyLThweGotNWp2Ns4AAyCF
Incorrect Permission Preservation in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS03djdnLTl2eDYtdmNnMs4AAyoN
Goobi viewer Core Reflected Cross-Site Scripting Vulnerability Using LOGID Parameter
Ecosystems: maven
Packages: io.goobi.viewer:viewer-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS05anE1LXh3cXctcThqM84AAy53
XWiki Platform vulnerable to page render failure due to broken translations
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-localization-source-wiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1nNjZ2LTN2NjItZzM3Nc4AAy6F
RosarioSIS improper access control vulnerability
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS02OTg3LXhjY3YtZmhqcM4AAzW0
Jenkins Pipeline Utility Steps Plugin arbitrary file write vulnerability
Ecosystems: maven
Packages: org.jenkins-ci.plugins:pipeline-utility-steps
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVjNmMtdzRjNC12Z3Z4
Stored XSS vulnerability in Jenkins Scriptler Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:scriptler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU3djQtbTlqeC1taDhy
Improper Input Validation
Ecosystems: go
Packages: github.com/ovn-org/ovn-kubernetes
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpoajYtNW1oNi00cHZm
Denial-of-Service within Docker container
Ecosystems: go
Packages: ktbs.dev/teler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4MjItcHc1Ny12djM3
XSS vulnerability when listing users on add & modify server pages.
Ecosystems: packagist
Packages: pterodactyl/panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmcmgtOGNtai1nYzU5
System.Management.Automation subject to bypass via script debugging
Ecosystems: nuget
Packages: System.Management.Automation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNxY2YtNGc0aC1yZ2hm
Cross-site scripting in Apache Archiva
Ecosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 5 years ago
Moderate
GSA_kwCzR0hTQS02aG1tLTc3cjItaDZocs4AAjR8
Missing permission checks in Jenkins Amazon EC2 Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ec2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oajMyLTltY3ctNWN3aM4AAk1I
Missing permission check in Jenkins Project Inheritance Plugin
Ecosystems: maven
Packages: hudson.plugins:project-inheritance
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wcHY5LXY0M2MteHFwcM4AAqqQ
XXE vulnerability in Jenkins pom2config Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:pom2config
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mcGgyLWZ3anEtcHJqZs4AAlOi
Users with Overall/Read access could enumerate credentials IDs in Jenkins Fortify on Demand Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:fortify-on-demand-uploader
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xMm1tLXczcWMtMjkzNs4AAlOM
Stored XSS vulnerability in Jenkins Link Column Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:link-column
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tZnZxLW0zamotODg2NM4AAwo8
usememos/memos vulnerable to Improper Verification of Source of a Communication Channel
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00MnEyLW01NGYtamg5Nc4AAwp8
sememos/memos vulnerable to Improper Handling of Values
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS01cHB4LXJndzIteGcyM84AATfi
Improper Neutralization of Input During Web Page Generation in Jenkins
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS12Y3ZnLWc4cDItM2hxcs4AAwAd
Cross-site Scripting in Backdrop CMS
Ecosystems: packagist
Packages: backdrop/backdrop
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04cmZjLXYzdmotajYyd84AAi-3
Jenkins Alauda DevOps Pipeline Plugin allows attackers with Overall/Read permission to capture credentials stored in Jenkins
Ecosystems: maven
Packages: com.alauda.jenkins.plugins:alauda-devops-pipeline
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ncW0yLTJnY3gtcDg4d80ilg
Incorrect Permission Assignment for Critical Resource in Jenkins Credentials Binding Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:credentials
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1jOGNjLWhqNTctdm02Nc0ijg
User passwords transmitted in plain text by Jenkins Active Directory Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:active-directory
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS0yNGhwLTg0anAtOHdnbc4AAv5H
Cross-Site Request Forgery in Jenkins Cluster Statistics Plugin
Ecosystems: maven
Packages: org.zeroturnaround:cluster-stats
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1taDhnLThqd3AtcTZ4d80iiA
CSRF vulnerability in Jenkins batch task Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:batch-task
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1maGh4LXI5ODMtNDR4Y8021w
SSL/TLS certificate validation globally disabled by Jenkins Proxmox Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:proxmox
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS05bTNjLXhmaGYtNTNtaM33cg
Jenkins DeployHub Plugin stores credentials in plain text
Ecosystems: maven
Packages: com.openmake:deployhub
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00cTIzLWc3bWYteHA5OM3orA
Cross-site Scripting in Apache DeltaSpike
Ecosystems: maven
Packages: org.apache.deltaspike.modules:jsf-module-project
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS12Njd4LWdwZzctbXd2M84AAWoa
Exposure of Sensitive Information in Jenkins Kubernetes Plugin
Ecosystems: maven
Packages: org.csanchez.jenkins.plugins:kubernetes
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS13NDdnLTR2cmMtbTN3Ms4AAgkx
Cross-site Scripting in Apache Pluto Chatroom demo
Ecosystems: maven
Packages: org.apache.portals.pluto:chatRoomDemo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qajkzLTRqcjUteDQ1aM4AAvrP
Apache Sling App CMS vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: org.apache.sling:org.apache.sling.cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS14NzVyLWc2M20tODJ3as0zFw
Passwords stored in plain text by Jenkins dbCharts Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:dbCharts
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01OWZtLTZ4M3EtcTNxNc4AAXuz
Missing permissions check in Jenkins Core
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ybTVtLTlteDQtZzVyN84AAR1v
Improper Authentication in Jenkins Blue Ocean Plugin
Ecosystems: maven
Packages: io.jenkins.blueocean:blueocean
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1mcHhxLXc3cDktcjkyNM0zBw
Arbitrary file read vulnerability in Jenkins kubernetes-cd Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:kubernetes-cd
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS02M213LWhwM2gtZ2M3N84AAknj
CSRF vulnerability in Jenkins CVS Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cvs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0zZ3A5LWg4aHctcHhwd84AAnq3
Denial of service in .NET core
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.tvos-x64, Microsoft.NETCore.App.Runtime.tvos-arm64, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.ios-x86, Microsoft.NETCore.App.Runtime.ios-x64, Microsoft.NETCore.App.Runtime.ios-arm, Microsoft.NETCore.App.Runtime.browser-wasm, Microsoft.NETCore.App.Runtime.android-x86, Microsoft.NETCore.App.Runtime.android-x64, Microsoft.NETCore.App.Runtime.android-arm64, Microsoft.NETCore.App.Runtime.android-arm, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App.Host.win-x86, Microsoft.NETCore.App.Host.win-x64, Microsoft.NETCore.App.Host.win-arm64, Microsoft.NETCore.App.Host.win-arm, Microsoft.NETCore.App.Host.rhel.6-x64, Microsoft.NETCore.App.Host.osx-x64, Microsoft.NETCore.App.Host.linux-x64, Microsoft.NETCore.App.Host.linux-musl-x64, Microsoft.NETCore.App.Host.linux-musl-arm64, Microsoft.NETCore.App.Host.linux-arm64, Microsoft.NETCore.App.Host.linux-arm, Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12djg5LXhnZ3gtcXFoMs4AAknT
Improper permission checks in Jenkins Copy Artifact Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:copyartifact
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jODljLXB2bTctMzN3as4AAkns
Lack of SSL/TLS certificate and hostname validation in Amazon EC2 Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ec2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yNTg3LXc5M2ctNjNtMs0sNA
Agent-to-controller security bypass in Jenkins HashiCorp Vault Plugin allows reading arbitrary files
Ecosystems: maven
Packages: com.datapipe.jenkins.plugins:hashicorp-vault-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1qZ205LXhwZmotNGZxNs0keQ
Path traversal in Onionshare
Ecosystems: pypi
Packages: onionshare-cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS12ajRtLTgzbTgteHB3Nc4AAvii
OpenFGA Authorization Bypass via tupleset wildcard
Ecosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS14cXBwLTI2cHAtMjM2Nc4AAolc
XSS vulnerability in Jenkins Markdown Formatter Plugin
Ecosystems: maven
Packages: io.jenkins.plugins:markdown-formatter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mNG1tLTJyNjktbWc1Zs4AAvih
OpenFGA Authorization Bypass
Ecosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1nODRmLWNtYzgtNjgyY80sQQ
Password parameter default values exposed by Jenkins Pipeline: Build Step Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:pipeline-build-step
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS03M3Y1LXc2ZmctMm00NM4AAvdc
Jenkins Tuleap Git Branch Source Plugin allows unauthenticated attackers to trigger Tuleap projects whose configured repo matches attacker-specified value
Ecosystems: maven
Packages: org.jenkins-ci.plugins:tuleap-git-branch-source
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0yeDQ5LXdqMzgtNzhxOc4AAvdD
Agent-to-controller security bypass vulnerability in Jenkins Compuware Topaz Utilities Plugin
Ecosystems: maven
Packages: com.compuware.jenkins:compuware-topaz-utilities
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS12aHhxLTltcHYtZ2o4N806ow
Private key stored in plain text by Jenkins Google Compute Engine Plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:google-compute-engine
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14NWd2LTVycXYtNjU0bc4AAvdH
Jenkins Compuware Topaz for Total Test Plugin allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins
Ecosystems: maven
Packages: com.compuware.jenkins:compuware-topaz-for-total-test
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2cXYtZjVnZi04Z2Nm
Missing Authorization in Jenkins P4 plugin
Ecosystems: maven
Packages: org.jenkins-ci.plugins:p4
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS02OHdqLWMyanctNXBwOc4AAxuG
Stored cross site scripting in changedetection.io
Ecosystems: pypi
Packages: changedetection.io
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS02NXdoLWc4eDgtZ20yaM4AAzyH
Apache NiFi vulnerable to Deserialization of Untrusted Data
Ecosystems: maven
Packages: org.apache.nifi:nifi-jms-bundle
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS05anJoLWhjaDgtcnI1Y84AAW49
Jenkins Copy To Slave Plugin allows access to arbitrary files on the Jenkins controller file system
Ecosystems: maven
Packages: org.jenkins-ci.plugins:copy-to-slave
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 2,494
Ecosystems: 12
Filter by Severity
Moderate 8,161 High 6,452 Critical 2,849 Low 1,017
Filter by Ecosystem
maven 2,589 packagist 2,256 pypi 1,820 npm 1,067 go 899 nuget 567 rubygems 373 cargo 262 hex 14 swift 12 pub 3 actions 3
Filter by Package
moodle/moodle 247 tensorflow 207 tensorflow-cpu 191 tensorflow-gpu 190 org.jenkins-ci.main:jenkins-core 114 magento/community-edition 106 org.apache.tomcat:tomcat 92 pimcore/pimcore 86 typo3/cms 66 microweber/microweber 62 django 54 typo3/cms-core 54 dolibarr/dolibarr 53 apache-airflow 52 phpmyadmin/phpmyadmin 50 drupal/core 46 thorsten/phpmyfaq 45 github.com/usememos/memos 42 actionpack 42 apache-superset 40 drupal/drupal 38 plone 35 concrete5/concrete5 34 showdoc/showdoc 34 github.com/grafana/grafana 33 Plone 32 librenms/librenms 32 ansible 31 nova 31 org.keycloak:keycloak-core 31 github.com/mattermost/mattermost-server/v6 30 moin 27 github.com/mattermost/mattermost/server/v8 27 intelliants/subrion 27 symfony/symfony 27 craftcms/cms 26 silverstripe/framework 25 com.liferay.portal:release.portal.bom 25 snipe/snipe-it 24 org.elasticsearch:elasticsearch 24 baserproject/basercms 22 github.com/answerdev/answer 21 org.apache.struts:struts2-core 20 k8s.io/kubernetes 20 grumpydictator/firefly-iii 19 shopware/platform 18 shopware/shopware 18 rdiffweb 18 froxlor/froxlor 18 matrix-synapse 18 remdex/livehelperchat 18 mediawiki/core 18 nilsteampassnet/teampass 18 getkirby/cms 17 keystone 17 org.apache.tomcat.embed:tomcat-embed-core 16 prestashop/prestashop 15 github.com/argoproj/argo-cd/v2 15 vyper 15 tribalsystems/zenario 14 puppet 14 Django 14 salt 14 glance 14 nokogiri 14 yetiforce/yetiforce-crm 14 mautic/core 13 org.keycloak:keycloak-services 13 forkcms/forkcms 13 org.xwiki.platform:xwiki-platform-oldcore 13 github.com/docker/docker 13 io.undertow:undertow-core 13 Pillow 13 com.jfinal:jfinal 13 shopware/core 13 tinymce 12 github.com/goharbor/harbor 12 org.apache.solr:solr-core 12 github.com/hashicorp/consul 12 org.apache.jspwiki:jspwiki-main 12 com.thoughtworks.xstream:xstream 12 neutron 12 github.com/hashicorp/vault 12 github.com/hashicorp/nomad 11 lavalite/cms 11 DotNetNuke.Core 11 pyftpdlib 11 feehi/feehicms 11 github.com/cilium/cilium 11 genix/cms 11 org.bouncycastle:bcprov-jdk14 11 getgrav/grav 11 github.com/argoproj/argo-cd 11 directus 11 org.keycloak:keycloak-parent 11 @openzeppelin/contracts 10 org.eclipse.jetty:jetty-server 10 notebook 10 github.com/ethereum/go-ethereum 10 ec-cube/ec-cube 10 rack 10 org.springframework.security:spring-security-core 10 github.com/greenpau/caddy-security 10 org.bouncycastle:bcprov-jdk15on 10 fat_free_crm 10 github.com/mattermost/mattermost-server 10 @openzeppelin/contracts-upgradeable 10 contao/core-bundle 10 org.apache.jspwiki:jspwiki-war 10 org.apache.nifi:nifi 10 wallabag/wallabag 10 francoisjacquet/rosariosis 10 com.vaadin:vaadin-bom 10 typo3/cms-backend 10 activesupport 10 joplin 10 github.com/containerd/containerd 10 org.springframework:spring-core 10 PaddlePaddle 10 helm.sh/helm/v3 10 swagger-ui 9 roundup 9 TinyMCE 9 org.igniterealtime.openfire:parent 9 org.mortbay.jetty:jetty 9 cakephp/cakephp 9 org.jenkins-ci.plugins:git 9 org.opencrx:opencrx-core-models 9 ghost 9 zendframework/zendframework1 9 gogs.io/gogs 9 angular 9 bolt/bolt 9 publify_core 9 rubygems-update 9 org.jenkins-ci.plugins:script-security 9 horizon 9 ckeditor4 9 tinymce/tinymce 9 code.gitea.io/gitea 9 github.com/openfga/openfga 8 org.apache.activemq:activemq-client 8 wasmtime 8 org.apache.archiva:archiva 8 electron 8 simplesamlphp/simplesamlphp 8 rails-html-sanitizer 8 jquery-rails 8 github.com/kubeedge/kubeedge 8 opencv-python 8 bootstrap 8 org.opencms:opencms-core 8 laravel/framework 8 org.jenkins-ci.plugins:electricflow 8 editor.md 8 rails 8 sylius/sylius 8 contao/contao 8 silverstripe/cms 8 centreon/centreon 8 opencv-contrib-python 8 Microsoft.ChakraCore 8 impresscms/impresscms 8 actionview 8 io.jenkins:configuration-as-code 7 github.com/moby/moby 7 modoboa 7 com.vaadin:flow-server 7 pyload-ng 7 silverstripe/admin 7 trytond 7 phpbb/phpbb 7 admidio/admidio 7 aiohttp 7 validator 7 org.apache.cxf:cxf-core 7 org.opennms:opennms 7 kevinpapst/kimai2 7 io.jenkins.blueocean:blueocean 7 pillow 7 wagtail 7 org.apache.santuario:xmlsec 7 org.bouncycastle:bcprov-jdk15 7 jquery-ui 7 jquery-ui-rails 7 org.bouncycastle:bcprov-jdk15to18 7 org.webjars.npm:jquery-ui 7 jQuery.UI.Combined 7 github.com/google/fscrypt 7 org.owasp.antisamy:antisamy 7 org.jenkins-ci.plugins:subversion 7 phpmyfaq/phpmyfaq 7 activerecord 7 next 7 org.jenkins-ci.plugins:email-ext 7 OctoPrint 7 org.apache.james:james-server 7 github.com/1Panel-dev/1Panel 7 swift 7 vantage6 7
Filter by Repository
https://github.com/tensorflow/tensorflow 207 https://github.com/moodle/moodle 164 https://github.com/jenkinsci/jenkins 90 https://github.com/pimcore/pimcore 83 https://github.com/microweber/microweber 58 https://github.com/django/django 57 https://github.com/apache/tomcat 53 https://github.com/apache/airflow 51 https://github.com/thorsten/phpmyfaq 45 https://github.com/usememos/memos 42 https://github.com/xwiki/xwiki-platform 38 https://github.com/TYPO3/typo3 35 https://github.com/kubernetes/kubernetes 33 https://github.com/rails/rails 33 https://github.com/star7th/showdoc 32 https://github.com/librenms/librenms 30 https://github.com/plone/Products.CMFPlone 29 https://github.com/grafana/grafana 29 https://github.com/keycloak/keycloak 27 https://github.com/ansible/ansible 26 https://github.com/phpmyadmin/phpmyadmin 22 https://github.com/symfony/symfony 22 https://github.com/spring-projects/spring-framework 21 https://github.com/craftcms/cms 21 https://github.com/answerdev/answer 21 https://github.com/openstack/nova 21 https://github.com/Dolibarr/dolibarr 21 https://github.com/snipe/snipe-it 20 https://github.com/apache/activemq 19 https://github.com/argoproj/argo-cd 19 https://github.com/concretecms/concretecms 19 https://github.com/firefly-iii/firefly-iii 19 https://github.com/ikus060/rdiffweb 18 https://github.com/python-pillow/Pillow 18 https://github.com/livehelperchat/livehelperchat 18 https://github.com/matrix-org/synapse 17 https://github.com/shopware/platform 17 https://github.com/apache/struts 17 https://github.com/magento/magento2 16 https://github.com/shopware/shopware 16 https://github.com/vyperlang/vyper 15 https://github.com/openstack/keystone 15 https://github.com/CVEProject/cvelist 15 https://github.com/PaddlePaddle/Paddle 14 https://github.com/froxlor/froxlor 14 https://github.com/yetiforcecompany/yetiforcecrm 14 https://github.com/OpenNMS/opennms 14 https://github.com/TYPO3/TYPO3.CMS 14 https://github.com/go-gitea/gitea 13 https://github.com/octobercms/october 13 https://github.com/getkirby/kirby 13 https://github.com/x-stream/xstream 13 https://github.com/mautic/mautic 13 https://github.com/goharbor/harbor 12 https://github.com/netty/netty 12 https://github.com/PrestaShop/PrestaShop 12 https://github.com/tinymce/tinymce 12 https://github.com/apache/cxf 12 https://github.com/contao/contao 11 https://github.com/intelliants/subrion 11 https://github.com/forkcms/forkcms 11 https://github.com/silverstripe/silverstripe-framework 11 https://github.com/cilium/cilium 11 https://github.com/saltstack/salt 10 https://github.com/laurent22/joplin 10 https://github.com/ethereum/go-ethereum 10 https://github.com/moby/moby 10 https://github.com/liufee/cms 10 https://github.com/baserproject/basercms 10 https://github.com/nilsteampassnet/TeamPass 10 https://github.com/OpenZeppelin/openzeppelin-contracts 10 https://github.com/vaadin/platform 10 https://github.com/helm/helm 10 https://github.com/greenpau/caddy-security 10 https://github.com/containerd/containerd 10 https://github.com/mattermost/mattermost 10 https://github.com/directus/directus 10 https://github.com/github/advisory-database 9 https://github.com/strapi/strapi 9 https://github.com/electron/electron 9 https://github.com/geoserver/geoserver 9 https://github.com/fatfreecrm/fat_free_crm 9 https://github.com/apache/nifi 9 https://github.com/publify/publify 9 https://github.com/jquery/jquery 9 https://github.com/puppetlabs/puppet 9 https://github.com/sparklemotion/nokogiri 9 https://github.com/jenkinsci/git-plugin 9 https://github.com/getgrav/grav 8 https://github.com/pandao/editor.md 8 https://github.com/LavaLite/cms 8 https://github.com/openfga/openfga 8 https://github.com/swagger-api/swagger-ui 8 https://github.com/eclipse/jetty.project 8 https://github.com/ckeditor/ckeditor4 8 https://github.com/bcgit/bc-java 8 https://github.com/rails/rails-html-sanitizer 8 https://github.com/TryGhost/Ghost 8 https://github.com/openstack/glance 8 https://github.com/hashicorp/consul 8 https://github.com/rack/rack 8 https://github.com/rubygems/rubygems 8 https://github.com/bytecodealliance/wasmtime 8 https://github.com/wallabag/wallabag 8 https://github.com/nilsteampassnet/teampass 8 https://github.com/kubeedge/kubeedge 8 https://github.com/jupyter/notebook 8 https://github.com/twbs/bootstrap 7 https://github.com/aio-libs/aiohttp 7 https://github.com/vaadin/flow 7 https://github.com/pyload/pyload 7 https://github.com/nahsra/antisamy 7 https://github.com/opencv/opencv 7 https://github.com/dolibarr/dolibarr 7 https://github.com/hashicorp/vault 7 https://github.com/laravel/framework 7 https://github.com/traefik/traefik 7 https://github.com/wagtail/wagtail 7 https://github.com/scrapy/scrapy 7 https://github.com/apache/zeppelin 7 https://github.com/dotnet/runtime 7 https://github.com/openstack/horizon 7 https://github.com/chakra-core/ChakraCore 7 https://github.com/jeecgboot/jeecg-boot 7 https://github.com/vantage6/vantage6 7 https://github.com/thorsten/phpMyFAQ 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/modoboa/modoboa 7 https://github.com/google/fscrypt 7 https://github.com/1Panel-dev/1Panel 7 https://github.com/gogs/gogs 7 https://github.com/kevinpapst/kimai2 7 https://github.com/giampaolo/pyftpdlib 7 https://github.com/cui2shark/security 6 https://github.com/parse-community/parse-server 6 https://github.com/opensearch-project/security 6 https://github.com/neorazorx/facturascripts 6 https://github.com/ipython/ipython 6 https://github.com/cloudflare/cfrpki 6 https://github.com/jenkinsci/configuration-as-code-plugin 6 https://github.com/pimcore/customer-data-framework 6 https://github.com/jenkinsci/config-file-provider-plugin 6 https://github.com/opencast/opencast 6 https://github.com/panva/jose 6 https://github.com/igniterealtime/Openfire 6 https://github.com/croogo/croogo 6 https://github.com/backstage/backstage 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/jquery/jquery-ui 6 https://github.com/urllib3/urllib3 6 https://github.com/dompdf/dompdf 6 https://github.com/containers/podman 6 https://github.com/d4wner/Vulnerabilities-Report 6 https://github.com/umbraco/Umbraco-CMS 6 https://github.com/pimcore/admin-ui-classic-bundle 6 https://github.com/onionshare/onionshare 6 https://github.com/cubefs/cubefs 6 https://github.com/faucetsdn/ryu 6 https://github.com/simplesamlphp/simplesamlphp 6 https://github.com/oroinc/orocommerce 6 https://github.com/jenkinsci/script-security-plugin 6 https://github.com/Sylius/Sylius 6 https://github.com/nocodb/nocodb 6 https://github.com/OctoPrint/OctoPrint 5 https://github.com/cosmos/cosmos-sdk 5 https://github.com/cri-o/cri-o 5 https://github.com/rancher/rancher 5 https://github.com/sulu/sulu 5 https://github.com/opencontainers/runc 5 https://github.com/pmmp/PocketMine-MP 5 https://github.com/cloudfoundry/uaa 5 https://github.com/hashicorp/nomad 5 https://github.com/lief-project/LIEF 5 https://github.com/admidio/admidio 5 https://github.com/unshiftio/url-parse 5 https://github.com/hyperium/hyper 5 https://github.com/puma/puma 5 https://github.com/apache/superset 5 https://github.com/mantisbt/mantisbt 5 https://github.com/etcd-io/etcd 5 https://github.com/paritytech/frontier 5 https://github.com/gradio-app/gradio 5 https://github.com/nervosnetwork/ckb 5 https://github.com/cakephp/cakephp 5 https://github.com/evershopcommerce/evershop 5 https://github.com/NodeBB/NodeBB 5 https://github.com/TribalSystems/Zenario 5 https://github.com/kivikakk/comrak 5 https://github.com/jenkinsci/codedx-plugin 5 https://github.com/alextselegidis/easyappointments 5 https://github.com/apache/tika 5 https://bitbucket.org/snakeyaml/snakeyaml 5 https://github.com/bolt/bolt 5 https://github.com/zitadel/zitadel 5 https://github.com/jenkinsci/subversion-plugin 5 https://github.com/lxml/lxml 5 https://github.com/xuxueli/xxl-job 5 https://github.com/yiisoft/yii2 5 https://github.com/apache/dolphinscheduler 5