Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories
Browse all Security Advisories for
Loading...
Critical
Ecosystems: npm
Packages: @seal-security/mongoose-fixed
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1yYzR2LTk5Y3ItcGpjbc4AA2gY
Prototype Pollution in ali-security/mongooseEcosystems: npm
Packages: @seal-security/mongoose-fixed
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1tOTZyLTd2cW0tajk1Z84AA8uX
Typo3 Information Disclosure in User AuthenticationEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1xcjVmLTZmY3YtdzY5cc4AA8ua
Typo3 Security Misconfiguration in Frontend Session HandlingEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: maven
Packages: io.github.skylot:jadx-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1mamg2LXA1NjYtd3I2cc4AAtkO
skylot jadx affected by Incorrect Behavior Order in vulnerable dependencyEcosystems: maven
Packages: io.github.skylot:jadx-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
Ecosystems: nuget
Packages: CefSharp.Common.NETCore, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS00YzI5LWdmcnAtZzZ4Oc4AA2QO
CefSharp affected by libvpx's heap buffer overflow in vp8 encodingEcosystems: nuget
Packages: CefSharp.Common.NETCore, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1xOWM0LTl2NW0tNTk3cM4AA8uY
Typo3 Information Disclosure in Backend User InterfaceEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1mNXJyLTlyODQtd3dxZs4AA8ud
Typo3 Broken Access Control in Import ModuleEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: scrapy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS05eDhtLTJ4cGYtY3JwM84AAtvM
Scrapy before 2.6.2 and 1.8.3 vulnerable to one proxy sending credentials to anotherEcosystems: pypi
Packages: scrapy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1nOXJ2LTZnNTYtNjVoOM4AA8uZ
Typo3 Security Misconfiguration in User Session HandlingEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: nuget
Packages: Imageflow.NativeTool.osx_10_11-x86_64, Imageflow.NativeTool.ubuntu_18_04-x86_64, Imageflow.NativeTool.ubuntu_16_04-x86_64, Imageflow.NativeTool.ubuntu_18_04-x86_64-haswell, Imageflow.NativeRuntime.ubuntu_16_04-x86_64, Imageflow.NativeRuntime.osx_10_11-x86_64, Imageflow.NativeRuntime.ubuntu_18_04-x86_64, Imageflow.NativeRuntime.ubuntu_18_04-x86_64-haswell, Imageflow.NativeTool.ubuntu-x86_64-haswell, Imageflow.NativeTool.ubuntu-x86_64, Imageflow.NativeTool.win-x86, Imageflow.NativeTool.osx-x86_64, Imageflow.NativeTool.win-x86_64, Imageflow.NativeRuntime.ubuntu-x86_64-haswell, Imageflow.NativeRuntime.ubuntu-x86_64, Imageflow.NativeRuntime.win-x86, Imageflow.NativeRuntime.osx-x86_64, Imageflow.NativeRuntime.win-x86_64, ImageResizer.Plugins.Imageflow, Imageflow.Server, Imageflow.AllPlatforms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS03dnByLTNwcHctcXJwas4AA2HE
Imageflow affected by libwebp zero-day and should not be used with malicious source images.Ecosystems: nuget
Packages: Imageflow.NativeTool.osx_10_11-x86_64, Imageflow.NativeTool.ubuntu_18_04-x86_64, Imageflow.NativeTool.ubuntu_16_04-x86_64, Imageflow.NativeTool.ubuntu_18_04-x86_64-haswell, Imageflow.NativeRuntime.ubuntu_16_04-x86_64, Imageflow.NativeRuntime.osx_10_11-x86_64, Imageflow.NativeRuntime.ubuntu_18_04-x86_64, Imageflow.NativeRuntime.ubuntu_18_04-x86_64-haswell, Imageflow.NativeTool.ubuntu-x86_64-haswell, Imageflow.NativeTool.ubuntu-x86_64, Imageflow.NativeTool.win-x86, Imageflow.NativeTool.osx-x86_64, Imageflow.NativeTool.win-x86_64, Imageflow.NativeRuntime.ubuntu-x86_64-haswell, Imageflow.NativeRuntime.ubuntu-x86_64, Imageflow.NativeRuntime.win-x86, Imageflow.NativeRuntime.osx-x86_64, Imageflow.NativeRuntime.win-x86_64, ImageResizer.Plugins.Imageflow, Imageflow.Server, Imageflow.AllPlatforms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: gradio_pdf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS00bTNnLTZyN2ctanY0Zs4AA8t0
Arbitrary JavaScript execution due to using outdated librariesEcosystems: pypi
Packages: gradio_pdf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: cargo
Packages: warp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04djRqLTdqZ2YtNXJnOc4AAxTg
Warp vulnerable to Path Traversal via Improper validation of Windows pathsEcosystems: cargo
Packages: warp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1oOTM0LWY0bTQtd2M4eM4AA8uc
Typo3 Information Disclosure in Page TreeEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: cargo
Packages: async-graphql
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: over 2 years ago
GSA_kwCzR0hTQS14cTNjLThncW0tdjY0OM4AAtvJ
async-graphql / async-graphql - @DOS GraphQL Nested Fragments overflowEcosystems: cargo
Packages: async-graphql
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: over 2 years ago
Moderate
Ecosystems: cargo
Packages: owning_ref
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS05cXhoLTI1OHYtNjY2Y84AAt5y
owning_ref vulnerable to multiple soundness issuesEcosystems: cargo
Packages: owning_ref
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
Ecosystems: go
Packages: github.com/nghttp2/nghttp2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS12eDc0LWY1MjgtZnhxZ84AA2Va
github.com/nghttp2/nghttp2 has HTTP/2 Rapid ResetEcosystems: go
Packages: github.com/nghttp2/nghttp2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: nuget
Packages: Akka
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1ncHY1LXJwNnctNThyOM4AAv_m
Remote code execution vulnerability in dependency System.Drawing.CommonEcosystems: nuget
Packages: Akka
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS02ZjltLXY3bXAtN2pqcc4AA8uO
Authentication Bypass in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS0yNTl2LXhtMzQtcDdmcs4AA8ue
Typo3 Cross-Site Scripting in Language Pack HandlingEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1od3c1LTZ4ODUtbWMyNM4AA8ub
Typo3 Arbitrary Code Execution and Cross-Site Scripting in Backend APIEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/flow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1yNm1tLXdtaGYtODQ5bc4AA8ui
Time-Based Information Disclosure Vulnerability in FlowEcosystems: packagist
Packages: typo3/flow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1wcGdmLTg3NDUtOHBneM4AA8uM
Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1ocTM3LXJmamMtbXI4aM4AA8t-
Cross-Site Scripting (XSS) in TYPO3 BackendEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: cargo
Packages: temporary
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS0yanE5LTZ4eDctM2gyOc4AAt8C
`temporary` makes use of uninitialized memoryEcosystems: cargo
Packages: temporary
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: cargo
Packages: inventory
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zNnhtLTM1cXEtNzk1d84AA1zR
Inventory exposes reference to non-Sync data to an arbitrary threadEcosystems: cargo
Packages: inventory
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: packagist
Packages: pocketmine/pocketmine-mp
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 1 year ago
GSA_kwCzR0hTQS03OXJjLWpqaDYtcmM4Oc4AA13p
PocketMine-MP server crash due to incorrect EC curve used for LoginPacket identityPublicKeyEcosystems: packagist
Packages: pocketmine/pocketmine-mp
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 1 year ago
High
Ecosystems: packagist
Packages: typo3/neos
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS00NTQyLXA1NmgtOHh3d84AA8ug
Cross-Site Scripting (XSS) vulnerabilities in NeosEcosystems: packagist
Packages: typo3/neos
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Critical
Ecosystems: maven
Packages: com.hazelcast:hazelcast, com.hazelcast.jet:hazelcast-jet
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: about 3 years ago
GSA_kwCzR0hTQS12NTd4LWd4ZmotNDg0cc0kcQ
Security Advisory for "Log4Shell"Ecosystems: maven
Packages: com.hazelcast:hazelcast, com.hazelcast.jet:hazelcast-jet
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: about 3 years ago
Low
Ecosystems: go
Packages: knative.dev/eventing-gitlab
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS05OWp2LTgyOTItMmhwbc4AA3pg
eventing-gitlab vulnerable to denial of service, caused by improper enforcement of the timeout on individual read operationsEcosystems: go
Packages: knative.dev/eventing-gitlab
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 8 months ago
GSA_kwCzR0hTQS12cHIzLXJjOTktMndwcs4AA8t8
Information Disclosure in TYPO3 BackendEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 8 months ago
Moderate
Ecosystems: cargo
Packages: mz-avro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qd2gyLXZycjktdmNwMs4AAuiu
mz-avro's incorrect use of `set_len` allows for un-initialized memoryEcosystems: cargo
Packages: mz-avro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: almost 3 years ago
GSA_kwCzR0hTQS12NmdwLTltbW0tYzZwNc054w
Out-of-bounds Write in zlib affects NokogiriEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 45.3
Published: almost 3 years ago
Moderate
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS05djQ4LTJoNXgtZnZwbc4AAwkS
usememos/memos vulnerable to improper access controlEcosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
Ecosystems: rubygems
Packages: commonmarker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02MzZmLXhtNWotcGo5bc4AAxIx
Several quadratic complexity bugs may lead to denial of service in CommonmarkerEcosystems: rubygems
Packages: commonmarker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: 8 months ago
GSA_kwCzR0hTQS12NWpwLTRoMnAtajJwNM4AA8t3
Privilege Escalation in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: 8 months ago
Critical
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: 8 months ago
GSA_kwCzR0hTQS02N3dnLTZqN3ItbXFoOM4AA8uB
Arbitrary Code Execution in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: 8 months ago
Moderate
Ecosystems: actions
Packages: https://github.com/pytorch/pytorch/.github/actions/filter-test-configs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1odzZyLWc4Z2otMjk4N84AA1lL
Actions expression injection in `filter-test-configs` (`GHSL-2023-181`)Ecosystems: actions
Packages: https://github.com/pytorch/pytorch/.github/actions/filter-test-configs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: 8 months ago
GSA_kwCzR0hTQS01d3g2LXh3eGYtcThxas4AA8t2
Cross-Site Scripting in TYPO3 BackendEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: 8 months ago
High
Ecosystems: packagist
Packages: typo3/flow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS12aDZqLXd2MjUtOHF4cs4AA8uf
Flow Bugfix Releases for Entity SecurityEcosystems: packagist
Packages: typo3/flow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 8 months ago
GSA_kwCzR0hTQS1wdzJxLXF3dmotZ2g0M84AA8uR
Cache Flooding in TYPO3 FrontendEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1xbXdmLWo3ZzctZjVqd84AA8t9
Cross-Site Scripting in third party library mso/idna-convertEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: 8 months ago
GSA_kwCzR0hTQS03cXdnLWZjcHcteGc1Z84AA8uD
Privilege Escalation & SQL Injection in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: 8 months ago
High
Ecosystems: npm
Packages: git-tags-remote
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdtOXgtcTc5OC1obXI0
Command Injection in git-tags-remoteEcosystems: npm
Packages: git-tags-remote
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: over 4 years ago
High
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1nNHBmLTNqdnEtMmdjd84AA8uC
TYPO3 Remote Code Execution in third party library swiftmailerEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 8 months ago
GSA_kwCzR0hTQS1nNDZoLXYyY2MtNmM5NM4AA8uN
Information Disclosure in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 8 months ago
Low
Ecosystems: cargo
Packages: tokio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00cTgzLTdjcTQtcDZ3Z84AAxat
`tokio::io::ReadHalf<T>::unsplit` is UnsoundEcosystems: cargo
Packages: tokio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1wNWM1LWdtajQtZzQ4Zs4AA8t_
Cross-Site Scripting (XSS) vulnerability in typolinksEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Critical
Ecosystems: npm
Packages: flatmap-stream, event-stream
Source: GitHub Advisory Database
Blast Radius: 53.7
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1oNmYtOGoyeC00NDgz
Critical severity vulnerability that affects event-stream and flatmap-streamEcosystems: npm
Packages: flatmap-stream, event-stream
Source: GitHub Advisory Database
Blast Radius: 53.7
Published: about 6 years ago
Critical
Ecosystems: npm
Packages: eslint-scope, eslint-config-eslint
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4eGYtcTN3OS00eGd3
Malicious Package in eslint-scopeEcosystems: npm
Packages: eslint-scope, eslint-config-eslint
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: over 6 years ago
High
Ecosystems: cargo
Packages: oqs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1oODY0LW04dm0tM3h2as4AAuFr
oqs's Post-Quantum Signature scheme Rainbow level I parametersets brokenEcosystems: cargo
Packages: oqs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: go
Packages: github.com/superfly/tokenizer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1mMjhnLTg2aGMtODIzcc4AA0sa
Tokenizer vulnerable to client brute-force of token secretsEcosystems: go
Packages: github.com/superfly/tokenizer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: cargo
Packages: nano-id
Source: GitHub Advisory Database
Blast Radius: 2.8
Published: 8 months ago
GSA_kwCzR0hTQS0yaGZ3LXc3MzktcDd4Nc4AA8su
nano-id reduced entropy due to inadequate character set usageEcosystems: cargo
Packages: nano-id
Source: GitHub Advisory Database
Blast Radius: 2.8
Published: 8 months ago
Critical
Ecosystems: go
Packages: github.com/bnb-chain/tss-lib
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oMjRjLTZwNnAtbTN2eM4AA1oF
tss-lib leaks secret keys in response to incorrectly constructed Paillier moduliEcosystems: go
Packages: github.com/bnb-chain/tss-lib
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: maven
Packages: org.folio:mod-remote-storage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tOHY3LTQ2OXAtNXg4Oc4AA04K
Hard-coded System User Credentials in Folio Data Export Spring moduleEcosystems: maven
Packages: org.folio:mod-remote-storage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: ezsystems/ezplatform-solr-search-engine
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS03Y3JjLXIzd2ctY2ZnZs4AA26r
Json response for search reveals Solr credentialsEcosystems: packagist
Packages: ezsystems/ezplatform-solr-search-engine
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: 8 months ago
GSA_kwCzR0hTQS1taDNyLTZjcDUtaGMyas4AA8uQ
Authentication Bypass in TYPO3 FrontendEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: Adyen
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: 5 months ago
GSA_kwCzR0hTQS1mM3E0LWdnZnAtanYzNM4AA_D2
Adyen APIs Library for Python timing attack vulnerabilityEcosystems: pypi
Packages: Adyen
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: 5 months ago
Moderate
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03NnI3LWg0NnctNDYzcs4AAxps
Cross Site Scripting (XSS) in Model\DataObject\Data\UrlSlugEcosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: maven
Packages: org.silverpeas.core:silverpeas-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS00dzU0LXd3YzkteDYyY84AA8m1
Silverpeas authentication bypassEcosystems: maven
Packages: org.silverpeas.core:silverpeas-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Moderate
Ecosystems: npm
Packages: moment-timezone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS12NzhjLTRwNjMtMmo2Y84AAuiz
Cleartext Transmission of Sensitive Information in moment-timezoneEcosystems: npm
Packages: moment-timezone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: maven
Packages: com.tencyle.fixes:org.codehaus.jettison--jettison
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS14cWNxLWo4dzktM3B4ds4AA0_O
Jettison parser crash by stackoverflowEcosystems: maven
Packages: com.tencyle.fixes:org.codehaus.jettison--jettison
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: cargo
Packages: users
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qY3I2LTRmcnEtOWdqas4AA1zQ
Users vulnerable to unaligned read of `*const *const c_char` pointerEcosystems: cargo
Packages: users
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: cargo
Packages: topgrade
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1mMnd4LXhqZncteGp2Ns4AA0vw
topgrade Time-of-check Time-of-use (TOCTOU) Race Condition in remove_dir_allEcosystems: cargo
Packages: topgrade
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: maven
Packages: com.schibsted.security:strongbox-sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1taGdtLTUydmctcHZ2Y84AAxqk
Privilege escalation in StrongboxEcosystems: maven
Packages: com.schibsted.security:strongbox-sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: array-macro
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS03djRqLTh3dnItdjU1cs4AArqy
`array!` macro is unsound when its length is impure constantEcosystems: cargo
Packages: array-macro
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: cargo
Packages: cortex-m-rt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14dzVqLWd2MmctbWptMs4AAxo-
Miscompilation in cortex-m-rt 0.7.1 and 0.7.2Ecosystems: cargo
Packages: cortex-m-rt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: pypi
Packages: dbt-core
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: about 1 year ago
GSA_kwCzR0hTQS1qNGczLTNxOHgtanhxcM4AA3ow
dbt-core's secret env vars written to package-lock.json in plaintextEcosystems: pypi
Packages: dbt-core
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: about 1 year ago
High
Ecosystems: rubygems
Packages: pageflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS13cnJ3LWNycDgtOTc5cc4AAuzs
Pageflow vulnerable to sensitive user data extraction via Ransack query injectionEcosystems: rubygems
Packages: pageflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: nuget
Packages: CefSharp.Common.NETCore, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qNjQ2LWdqNXAtcDQ1Z84AA1_1
CefSharp affected by heap buffer overflow in WebPEcosystems: nuget
Packages: CefSharp.Common.NETCore, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: packagist
Packages: typo3/phar-stream-wrapper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS00djVnLThwcTItMzJtMs4AA8uj
By-passing Protection of PharStreamWrapper InterceptorEcosystems: packagist
Packages: typo3/phar-stream-wrapper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: npm
Packages: @backstage/plugin-scaffolder-backend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
GSA_kwCzR0hTQS0yZzhnLTYzajQtOXczcs0YQA
RCE vulnerability affecting v1beta3 templates in @backstage/plugin-scaffolder-backendEcosystems: npm
Packages: @backstage/plugin-scaffolder-backend
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 3 years ago
Critical
Ecosystems: maven
Packages: org.folio:mod-data-export-spring
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS12Zjc4LTNxOWYtOTJnM84AA04H
Hard-coded System User Credentials in Folio Data Export Spring moduleEcosystems: maven
Packages: org.folio:mod-data-export-spring
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: packagist
Packages: typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: over 2 years ago
GSA_kwCzR0hTQS1ncXFmLWc1cjctODR2Zs4AAuzy
TYPO3 HTML Sanitizer Bypasses Cross-Site Scripting ProtectionEcosystems: packagist
Packages: typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: over 2 years ago
High
Ecosystems: npm
Packages: fs-path
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdjOTQtNnc4OS1ocHFy
Command Injection in fs-pathEcosystems: npm
Packages: fs-path
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Low
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS05NDZjLWY5dzYtMmMyNc4AA26n
Download route allows filename change in eZpublish kernelEcosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
Ecosystems: npm
Packages: fury-adapter-swagger
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJyN2YtNGgyYy01eDcz
fury-adapter-swagger allows arbitrary file read from systemEcosystems: npm
Packages: fury-adapter-swagger
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: over 4 years ago
Critical
Ecosystems: packagist
Packages: ibexa/solr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS12NnhwLWNjdngtdzUybc4AA26q
Json response for search reveals Solr credentialsEcosystems: packagist
Packages: ibexa/solr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: 8 months ago
GSA_kwCzR0hTQS1qODZ4LXBqbXItOW02d84AA8t7
SQL Injection in TYPO3 Frontend LoginEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: 8 months ago
GSA_kwCzR0hTQS02eGg4LThwZnYtNTN2eM4AA8t1
Authentication Bypass in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: 8 months ago
High
Ecosystems: go
Packages: github.com/edgelesssys/constellation/v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS1nOGZjLXZyY2ctOHZqZ84AA7BP
Constallation has pods exposed to peers in VPCEcosystems: go
Packages: github.com/edgelesssys/constellation/v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Moderate
Ecosystems: go
Packages: github.com/cyphar/filepath-securejoin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS02eHY1LTg2cTktN3hyOM4AA1v8
SecureJoin: on windows, paths outside of the rootfs could be inadvertently producedEcosystems: go
Packages: github.com/cyphar/filepath-securejoin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1odjJqLTY2NTQteDc0cc4AA8qI
Reflected Cross-Site Scripting (XSS) in DolibarrEcosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS04aDI4LWY0NmYtbTg3aM4AA8uA
Insecure Deserialization in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Low
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: 8 months ago
GSA_kwCzR0hTQS1jN3A2LTNjOWMtZjg4cc4AA8uE
Information Disclosure in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 8 months ago
GSA_kwCzR0hTQS14dmNwLTMzcmMtajhncc4AA8t5
Insecure Unserialize in TYPO3 Import/ExportEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 8 months ago
High
Ecosystems: npm
Packages: sharp
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: about 1 year ago
GSA_kwCzR0hTQS01NHhxLWNncXItcnBtM84AA3N1
sharp vulnerability in libwebp dependency CVE-2023-4863Ecosystems: npm
Packages: sharp
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: about 1 year ago
Moderate
Ecosystems: pypi
Packages: copyparty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jdzdqLXY1MnctZnA1cs4AA01m
copyparty vulnerable to reflected cross-site scripting via hc parameterEcosystems: pypi
Packages: copyparty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: packagist
Packages: pocketmine/pocketmine-mp
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 2 years ago
GSA_kwCzR0hTQS04Y3dxLTRjbWYtcHg3M84AAuFv
PocketMine-MP invalid skin geometry JSON data leading to server crashEcosystems: packagist
Packages: pocketmine/pocketmine-mp
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 2 years ago
Moderate
Ecosystems: packagist
Packages: pimcore/admin-ui-classic-bundle
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1qbWg5LTZyanEtZ2poOc4AA8tw
Vulnerable embedded jQuery VersionEcosystems: packagist
Packages: pimcore/admin-ui-classic-bundle
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: packagist
Packages: openmage/magento-lts
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 1 year ago
GSA_kwCzR0hTQS05ajV3LTJjcWMtY3dqOc4AA3oh
Magento LTS vulnerable to Stored XSS via TinyMCE WYSIWYG EditorEcosystems: packagist
Packages: openmage/magento-lts
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 1 year ago
High
Ecosystems: packagist
Packages: phpoffice/phpexcel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS0zbTl4LTJxZmoteHZxNM4ABBD1
PHPExcel XXE VulnerabilityEcosystems: packagist
Packages: phpoffice/phpexcel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 8 months ago
GSA_kwCzR0hTQS1nd2Z4LXA3bXItZjkyds4AA8t6
Missing Access Check in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 8 months ago
Moderate
Ecosystems: cargo
Packages: nats
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13dmM0LWo3ZzUtNGY3Oc4AAyWJ
NATS TLS certificate common name validation bypassEcosystems: cargo
Packages: nats
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
GSA_kwCzR0hTQS1qMzVwLXEyNHItNTM2N80_ng
Dep Group Remote Memory Exhaustion (Denial of Service) in ckbEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1wbXhwLTcyMjQtaDc5NM4AA8sA
Denial of Service (DoS) attack possibility in TYPO3 component Indexed SearchEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: 8 months ago
GSA_kwCzR0hTQS04NnI4LTRnM3ctN3hqcM4AA8t4
Cross-Site Scripting in TYPO3 BackendEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS13cnBmLTJ4OGgtODJncs4AA8r_
Typo3 Arbitrary File Disclosure in Form ComponentEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: npm
Packages: @graphql-mesh/http, @graphql-mesh/cli
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1qMndoLXdydjMtNHg0Z84AAxq7
Unwanted access to the entire file system vulnerability due to a missing check in `staticFiles` HTTP handlerEcosystems: npm
Packages: @graphql-mesh/http, @graphql-mesh/cli
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: almost 2 years ago
High
Ecosystems: go
Packages: github.com/clidey/whodb/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS01cGY2LWNxMnYtMjN3d84ABCoH
WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of ServiceEcosystems: go
Packages: github.com/clidey/whodb/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1wNzZmLXdyMjItNHJ2Ns4AAxHA
CakePHP vulnerable to Remote File Inclusion through View template name manipulationEcosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Statistics
Advisories: 21,126
Packages: 9,213
Repositories: 5,650
Ecosystems: 12
Packages: 9,213
Repositories: 5,650
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
433
tensorflow-gpu
427
tensorflow-cpu
423
moodle/moodle
367
Microsoft.ChakraCore
247
magento/community-edition
235
org.jenkins-ci.main:jenkins-core
193
typo3/cms
174
org.apache.tomcat:tomcat
132
pimcore/pimcore
118
dolibarr/dolibarr
113
typo3/cms-core
107
Django
103
drupal/core
99
microweber/microweber
97
phpmyadmin/phpmyadmin
92
silverstripe/framework
88
apache-airflow
85
drupal/drupal
83
librenms/librenms
80
thorsten/phpmyfaq
73
github.com/mattermost/mattermost/server/v8
72
Plone
72
com.fasterxml.jackson.core:jackson-databind
69
symfony/symfony
69
github.com/usememos/memos
64
ansible
63
actionpack
61
concrete5/concrete5
60
salt
56
org.apache.struts:struts2-core
56
apache-superset
55
shopware/platform
52
com.liferay.portal:release.portal.bom
51
org.keycloak:keycloak-core
49
github.com/grafana/grafana
49
craftcms/cms
48
mlflow
47
nova
47
baserproject/basercms
47
django
46
nokogiri
43
rdiffweb
42
matrix-synapse
41
plone
41
showdoc/showdoc
40
org.apache.tomcat.embed:tomcat-embed-core
40
shopware/core
40
nilsteampassnet/teampass
40
intelliants/subrion
39
github.com/rancher/rancher
39
vyper
39
org.elasticsearch:elasticsearch
39
github.com/mattermost/mattermost-server/v6
38
froxlor/froxlor
38
com.thoughtworks.xstream:xstream
37
org.xwiki.platform:xwiki-platform-oldcore
37
mautic/core
37
github.com/hashicorp/vault
37
com.jfinal:jfinal
36
k8s.io/kubernetes
36
net.mingsoft:ms-mcms
35
moin
35
snipe/snipe-it
35
org.keycloak:keycloak-services
35
gradio
35
io.undertow:undertow-core
34
zendframework/zendframework1
34
github.com/answerdev/answer
34
org.jenkins-ci.plugins:script-security
33
keystone
32
opencv-contrib-python
31
Pillow
31
gogs.io/gogs
31
opencv-python
31
parse-server
31
github.com/argoproj/argo-cd
31
shopware/shopware
30
getgrav/grav
30
github.com/hashicorp/nomad
29
github.com/hashicorp/consul
29
github.com/docker/docker
29
mediawiki/core
28
directus
28
github.com/argoproj/argo-cd/v2
27
centreon/centreon
27
pillow
26
openssl-src
26
prestashop/prestashop
26
github.com/cilium/cilium
26
electron
26
org.springframework.security:spring-security-core
25
rubygems-update
25
org.apache.solr:solr-core
25
contao/core-bundle
24
magento/core
24
org.eclipse.jetty:jetty-server
24
org.keycloak:keycloak-parent
24
puppet
23
zendframework/zendframework
23
rack
23
grumpydictator/firefly-iii
23
pocketmine/pocketmine-mp
23
com.liferay.portal:release.dxp.bom
23
remdex/livehelperchat
23
simplesamlphp/simplesamlphp
23
getkirby/cms
22
ckb
22
org.bouncycastle:bcprov-jdk14
22
org.apache.openmeetings:openmeetings-parent
22
tribalsystems/zenario
22
Microsoft.AspNetCore.App.Runtime.win-x86
21
glance
21
@openzeppelin/contracts-upgradeable
21
Microsoft.AspNetCore.App.Runtime.win-x64
21
activerecord
21
org.apache.nifi:nifi
21
Microsoft.AspNetCore.App.Runtime.win-arm
20
github.com/ethereum/go-ethereum
20
funadmin/funadmin
20
org.cloudfoundry.identity:cloudfoundry-identity-server
20
code.gitea.io/gitea
20
langchain
20
@openzeppelin/contracts
20
next
20
laravel/framework
20
phpoffice/phpspreadsheet
20
github.com/traefik/traefik/v2
20
github.com/goharbor/harbor
19
DotNetNuke.Core
19
org.xwiki.platform:xwiki-platform-web-templates
19
golang.org/x/net
19
wasmtime
19
contao/contao
19
org.springframework:spring-core
19
Microsoft.AspNetCore.App.Runtime.win-arm64
18
Microsoft.AspNetCore.App.Runtime.linux-arm64
18
mindsdb
18
topthink/framework
18
Microsoft.AspNetCore.App.Runtime.linux-arm
18
com.vaadin:vaadin-bom
18
cockpit-hq/cockpit
18
Microsoft.AspNetCore.App.Runtime.osx-x64
18
Microsoft.AspNetCore.App.Runtime.linux-x64
18
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
18
forkcms/forkcms
18
mercurial
18
cobbler
18
notebook
17
org.apache.geode:geode-core
17
symfony/security
17
yetiforce/yetiforce-crm
17
ezsystems/ezpublish-kernel
17
cakephp/cakephp
17
francoisjacquet/rosariosis
17
genix/cms
17
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
17
helm.sh/helm/v3
17
opencart/opencart
17
neutron
17
PaddlePaddle
16
org.bouncycastle:bcprov-jdk15
16
github.com/zitadel/zitadel
16
openmage/magento-lts
16
surrealdb
16
typo3/cms-backend
16
paddlepaddle
16
cryptography
16
sequelize
16
tinymce
16
rusqlite
16
ethyca-fides
16
org.apache.activemq:activemq-client
16
phpbb/phpbb
16
pyload-ng
16
org.apache.jspwiki:jspwiki-main
16
org.apache.dubbo:dubbo
16
smarty/smarty
15
Microsoft.NetCore.App.Runtime.win-arm
15
symfony/security-http
15
ghost
15
Microsoft.NetCore.App.Runtime.win-arm64
15
october/system
15
Microsoft.NetCore.App.Runtime.win-x64
15
Microsoft.NetCore.App.Runtime.win-x86
15
ckeditor4
15
ec-cube/ec-cube
15
OctoPrint
15
org.apache.struts.xwork:xwork-core
15
calibreweb
15
org.apache.tomcat:tomcat-coyote
14
silverstripe/cms
14
aiohttp
14
publify_core
14
dompdf/dompdf
14
joplin
14
feehi/cms
14
codeigniter4/framework
14
pyftpdlib
14
rails-html-sanitizer
14
Filter by Repository
https://github.com/tensorflow/tensorflow
433
https://github.com/moodle/moodle
218
https://github.com/chakra-core/ChakraCore
214
https://github.com/xwiki/xwiki-platform
189
https://github.com/jenkinsci/jenkins
150
https://github.com/django/django
114
https://github.com/pimcore/pimcore
113
https://github.com/apache/tomcat
103
https://github.com/apache/airflow
101
https://github.com/microweber/microweber
88
https://github.com/TYPO3/typo3
85
https://github.com/keycloak/keycloak
78
https://github.com/librenms/librenms
71
https://github.com/FasterXML/jackson-databind
70
https://github.com/thorsten/phpmyfaq
69
https://github.com/silverstripe/silverstripe-framework
66
https://github.com/rails/rails
64
https://github.com/symfony/symfony
64
https://github.com/usememos/memos
64
https://github.com/ansible/ansible
58
https://github.com/Dolibarr/dolibarr
57
https://github.com/kubernetes/kubernetes
53
https://github.com/python-pillow/Pillow
52
https://github.com/spring-projects/spring-framework
47
https://github.com/apache/struts
46
https://github.com/shopware/platform
43
https://github.com/argoproj/argo-cd
42
https://github.com/ikus060/rdiffweb
42
https://github.com/grafana/grafana
41
https://github.com/concretecms/concretecms
41
https://github.com/vyperlang/vyper
39
https://github.com/phpmyadmin/phpmyadmin
38
https://github.com/star7th/showdoc
38
https://github.com/magento/magento2
38
https://github.com/plone/Products.CMFPlone
37
https://github.com/openstack/nova
37
https://github.com/x-stream/xstream
37
https://github.com/dotnet/runtime
36
https://github.com/craftcms/cms
36
https://github.com/octobercms/october
35
https://github.com/rancher/rancher
35
https://github.com/mautic/mautic
35
https://github.com/answerdev/answer
34
https://github.com/saltstack/salt
34
https://github.com/apache/activemq
33
https://github.com/gradio-app/gradio
32
https://github.com/matrix-org/synapse
32
https://github.com/opencv/opencv
32
https://github.com/go-gitea/gitea
32
https://github.com/sparklemotion/nokogiri
32
https://github.com/mlflow/mlflow
31
https://github.com/parse-community/parse-server
31
https://github.com/PaddlePaddle/Paddle
31
https://github.com/snipe/snipe-it
30
https://github.com/openstack/keystone
28
https://github.com/CVEProject/cvelist
28
https://github.com/umbraco/Umbraco-CMS
28
https://github.com/shopware/shopware
28
https://github.com/apache/inlong
27
https://github.com/directus/directus
27
https://github.com/cilium/cilium
26
https://github.com/baserproject/basercms
26
https://github.com/froxlor/froxlor
26
https://github.com/gogs/gogs
26
https://github.com/contao/contao
25
https://github.com/github/advisory-database
25
https://github.com/electron/electron
25
https://github.com/apache/nifi
24
https://github.com/getgrav/grav
24
https://github.com/strapi/strapi
24
https://github.com/eclipse/jetty.project
23
https://github.com/TYPO3/TYPO3.CMS
23
https://github.com/firefly-iii/firefly-iii
23
https://github.com/pmmp/PocketMine-MP
23
https://github.com/livehelperchat/livehelperchat
23
https://github.com/PrestaShop/PrestaShop
22
https://github.com/nervosnetwork/ckb
22
https://github.com/apache/cxf
22
https://github.com/langchain-ai/langchain
22
https://github.com/hashicorp/consul
22
https://github.com/jenkinsci/script-security-plugin
21
https://github.com/netty/netty
21
https://github.com/nilsteampassnet/TeamPass
21
https://github.com/OpenNMS/opennms
20
https://github.com/jeecgboot/jeecg-boot
20
https://github.com/bytecodealliance/wasmtime
20
https://github.com/simplesamlphp/simplesamlphp
20
https://github.com/funadmin/funadmin
20
https://github.com/undertow-io/undertow
20
https://github.com/traefik/traefik
20
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/PHPOffice/PhpSpreadsheet
20
https://github.com/moby/moby
20
https://github.com/cloudfoundry/uaa
19
https://github.com/geoserver/geoserver
19
https://github.com/zitadel/zitadel
19
https://github.com/goharbor/harbor
19
https://github.com/nilsteampassnet/teampass
19
https://github.com/bcgit/bc-java
19
https://github.com/getkirby/kirby
19
https://github.com/helm/helm
18
https://github.com/intelliants/subrion
18
https://github.com/rubygems/rubygems
18
https://github.com/rack/rack
18
https://github.com/vaadin/platform
17
https://github.com/backstage/backstage
17
https://github.com/denoland/deno
17
https://github.com/liufee/cms
17
https://github.com/mindsdb/mindsdb
17
https://github.com/opencast/opencast
17
https://github.com/hashicorp/vault
17
https://github.com/laravel/framework
17
https://github.com/etcd-io/etcd
16
https://github.com/TYPO3-CMS/core
16
https://github.com/forkcms/forkcms
16
https://github.com/ethyca/fides
16
https://github.com/ethereum/go-ethereum
16
https://github.com/OpenMage/magento-lts
16
https://github.com/sequelize/sequelize
16
https://github.com/vercel/next.js
16
https://github.com/pyload/pyload
16
https://github.com/yetiforcecompany/yetiforcecrm
16
https://github.com/mattermost/mattermost
16
https://github.com/surrealdb/surrealdb
16
https://github.com/rusqlite/rusqlite
16
https://github.com/tinymce/tinymce
16
https://github.com/vantage6/vantage6
15
https://github.com/puppetlabs/puppet
15
https://github.com/apache/camel
15
https://github.com/hashicorp/nomad
15
https://github.com/zendframework/zendframework
15
https://github.com/drupal/core
15
https://github.com/centreon/centreon
15
https://github.com/PHPMailer/PHPMailer
15
https://github.com/dompdf/dompdf
15
https://github.com/pyca/cryptography
15
https://github.com/decidim/decidim
15
https://github.com/cobbler/cobbler
15
https://github.com/rails/rails-html-sanitizer
14
https://github.com/janeczku/calibre-web
14
https://github.com/aio-libs/aiohttp
14
https://github.com/thorsten/phpMyFAQ
14
https://github.com/cockpit-hq/cockpit
14
https://github.com/twisted/twisted
14
https://github.com/containerd/containerd
14
https://github.com/nodejs/undici
14
https://github.com/golang/go
14
https://github.com/xuxueli/xxl-job
14
https://github.com/ckeditor/ckeditor4
14
https://github.com/dotnet/aspnetcore
14
https://github.com/apache/dolphinscheduler
13
https://github.com/ming-soft/MCMS
13
https://github.com/laurent22/joplin
13
https://github.com/quarkusio/quarkus
13
https://github.com/OPCFoundation/UA-.NETStandard
13
https://github.com/OpenRefine/OpenRefine
13
https://github.com/openfga/openfga
13
https://github.com/swagger-api/swagger-ui
13
https://github.com/apache/superset
13
https://github.com/publify/publify
13
https://github.com/modoboa/modoboa
13
https://github.com/TryGhost/Ghost
13
https://github.com/dromara/hutool
13
https://github.com/apache/kylin
12
https://github.com/getsentry/sentry
12
https://github.com/puma/puma
12
https://github.com/patriksimek/vm2
12
https://github.com/pimcore/admin-ui-classic-bundle
12
https://github.com/1Panel-dev/1Panel
12
https://github.com/opencontainers/runc
12
https://github.com/urllib3/urllib3
12
https://github.com/centreon/centreon-archived
12
https://github.com/smarty-php/smarty
12
https://github.com/containers/podman
12
https://github.com/wagtail/wagtail
12
https://github.com/openstack/glance
12
https://github.com/cloudflare/cfrpki
11
https://github.com/igniterealtime/Openfire
11
https://github.com/dolibarr/dolibarr
11
https://github.com/Sylius/Sylius
11
https://github.com/scrapy/scrapy
11
https://github.com/dpgaspar/Flask-AppBuilder
11
https://github.com/matrix-org/matrix-js-sdk
11
https://github.com/zenml-io/zenml
11
https://github.com/cosmos/cosmos-sdk
11
https://github.com/owen2345/camaleon-cms
11
https://github.com/top-think/framework
11
https://github.com/pgadmin-org/pgadmin4
11
https://github.com/cri-o/cri-o
11
https://github.com/codeigniter4/CodeIgniter4
11
https://github.com/ezsystems/ezpublish-kernel
11
https://github.com/spring-projects/spring-security
11
https://github.com/WWBN/AVideo
11
https://github.com/yiisoft/yii2
11
https://github.com/Pylons/waitress
11
https://github.com/cakephp/cakephp
11
https://github.com/nats-io/nats-server
11
https://github.com/onionshare/onionshare
11
https://github.com/Studio-42/elFinder
11