Browse Security Advisories
Security Advisories for https://github.com/xwiki/xwiki-platform Clear Filters
Critical
24 days ago
XWiki Platform is vulnerable to HQL injection via wiki and space search REST API
maven
org.xwiki.platform:xwiki-platform-rest-server
Critical
about 2 months ago
XWiki configuration files can be accessed through jsx and sx endpoints
maven
org.xwiki.platform:xwiki-platform-skin-skinx
Critical
about 2 months ago
XWiki configuration files can be accessed through the webjars API
maven
org.xwiki.platform:xwiki-platform-webjars-api
Moderate
2 months ago
XWiki PDF export jobs store sensitive cookies unencrypted in job statuses
maven
org.xwiki.platform:xwiki-platform-export-pdf-api
High
3 months ago
XWiki exposes passwords and emails stored in fields not named password/email in xml.vm
maven
org.xwiki.platform:xwiki-platform-legacy-oldcore, org.xwiki.platform:xwiki-platform-oldcore
High
3 months ago
XWiki leaks password hashes and other accessible password properties
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
3 months ago
XWiki allows Reflected XSS in two templates
maven
org.xwiki.platform:xwiki-platform-web-templates
High
3 months ago
XWiki Platform vulnerable to SQL injection through XWiki#searchDocuments API
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
3 months ago
XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter
maven
org.xwiki.platform:xwiki-platform-distribution-war
High
5 months ago
XWiki does not require right warnings for XClass definitions
maven
org.xwiki.platform:xwiki-platform-security-requiredrights-default
High
5 months ago
XWiki allows remote code execution through preview of XClass changes in AWM editor
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
5 months ago
XWiki does not require right warnings for notification displayer objects
maven
org.xwiki.platform:xwiki-platform-notifications-notifiers-default
High
5 months ago
XWiki makes title of inaccessible pages available through the class property values REST API
maven
org.xwiki.platform:xwiki-platform-rest-server
Moderate
5 months ago
XWiki provides no warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin right
maven
org.xwiki.platform:xwiki-platform-notifications-notifiers-default
High
5 months ago
XWiki allows remote code execution through default value of wiki macro wiki-type parameters
maven
org.xwiki.platform:xwiki-platform-rendering-wikimacro-store
High
5 months ago
XWiki's required right warnings for macros are incomplete
maven
org.xwiki.platform:xwiki-platform-rendering-macro-context, org.xwiki.platform:xwiki-platform-security-requiredrights-default, org.xwiki.platform:xwiki-platform-rendering-macro-cache, org.xwiki.platform:xwiki-platform-rendering-xwiki
High
5 months ago
XWiki allows privilege escalation through link refactoring
maven
org.xwiki.platform:xwiki-platform-refactoring-default
Critical
5 months ago
XWiki allows SQL injection in query endpoint of REST API with Oracle
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
5 months ago
XWiki Platform Security Authorization Bridge allows users with just edit right can enforce required rights with programming right
maven
org.xwiki.platform:xwiki-platform-security-authorization-bridge
High
6 months ago
Any user with view access to the XWiki space can change the authenticator
maven
org.xwiki.platform:xwiki-platform-security-authentication-ui
Moderate
6 months ago
XWiki missing authorization when accessing the wiki level attachments list and metadata via REST API
maven
org.xwiki.platform:xwiki-platform-rest-server
Critical
6 months ago
org.xwiki.platform:xwiki-platform-security-requiredrights-default required rights analysis doesn't consider TextAreas with default content type
maven
org.xwiki.platform:xwiki-platform-security-requiredrights-default
Critical
6 months ago
org.xwiki.platform:xwiki-platform-component-wiki provides no warning when granting XWiki.ComponentClass programming right
maven
org.xwiki.platform:xwiki-platform-component-wiki
Low
6 months ago
The lesscss script service allows cache clearing without programming right
maven
org.xwiki.platform:xwiki-platform-lesscss-script
Low
6 months ago
Solr script service doesn't take dropped programming right into account
maven
org.xwiki.platform:xwiki-platform-search-solr-api
Moderate
6 months ago
org.xwiki.platform:xwiki-platform-wysiwyg-api Open Redirect vulnerability
maven
org.xwiki.platform:xwiki-platform-wysiwyg-api
Critical
6 months ago
org.xwiki.platform:xwiki-platform-rest-server allows SQL injection in query endpoint of REST API
maven
org.xwiki.platform:xwiki-platform-rest-server
High
6 months ago
org.xwiki.platform:xwiki-platform-oldcore allows SQL injection in short form select requests through the script query API
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
7 months ago
Unregistered users can see "public" messages from a closed wiki via notifications from a different wiki
maven
org.xwiki.platform:xwiki-platform-messagestream
High
8 months ago
The WikiManager REST API allows any user to create wikis
maven
org.xwiki.platform:xwiki-platform-wiki-rest-default
High
8 months ago
XWiki allows unregistered users to access private pages information through REST endpoint
maven
org.xwiki.platform:xwiki-platform-rest-server
High
8 months ago
XWiki uses the wrong wiki reference in AuthorizationManager
maven
org.xwiki.platform:xwiki-platform-security-authorization-api
Critical
8 months ago
XWiki Platform allows remote code execution as guest via SolrSearchMacros request
maven
org.xwiki.platform:xwiki-platform-search-solr-ui
Critical
10 months ago
XWiki Realtime WYSIWYG Editor extension allows privilege escalation (PR) through realtime WYSIWYG editing
maven
org.xwiki.platform:xwiki-platform-realtime-wysiwyg-ui
Critical
11 months ago
XWiki allows remote code execution through the extension sheet
maven
org.xwiki.platform:xwiki-platform-repository-server-ui
High
11 months ago
XWiki Platform has an SQL injection in getdocuments.vm with sort parameter
maven
org.xwiki.platform:xwiki-platform-distribution-war
Moderate
11 months ago
XWiki's scheduler in subwiki allows scheduling operations for any main wiki user
maven
org.xwiki.platform:xwiki-platform-scheduler-ui
Critical
11 months ago
XWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList
maven
org.xwiki.platform:xwiki-platform-help-ui
Critical
11 months ago
XWiki allows RCE from script right in configurable sections
maven
org.xwiki.platform:xwiki-platform-administration-ui
Moderate
about 1 year ago
org.xwiki.platform:xwiki-platform-notifications-ui leaks data of notification filters of users
maven
org.xwiki.platform:xwiki-platform-notifications-ui
High
about 1 year ago
org.xwiki.platform:xwiki-platform-notifications-ui is missing checks for notification filter preferences editions
maven
org.xwiki.platform:xwiki-platform-notifications-ui
Moderate
about 1 year ago
XWiki Platform document history including authors of any page exposed to unauthorized actors
maven
org.xwiki.platform:xwiki-platform-rest-server
Critical
about 1 year ago
In XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them
maven
org.xwiki.platform:xwiki-platform-web-templates
Critical
about 1 year ago
XWiki Platform allows XSS through XClass name in string properties
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki Platform vulnerable to Cross-Site Scripting (XSS) through conflict resolution
maven
org.xwiki.platform:xwiki-platform-web-templates
Critical
over 1 year ago
XWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheet
maven
org.xwiki.platform:xwiki-platform-search-ui
High
over 1 year ago
XWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploader
maven
org.xwiki.platform:xwiki-platform-web-war
Moderate
over 1 year ago
XWiki Platform vulnerable to document deletion and overwrite from edit
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki programming rights may be inherited by inclusion
maven
org.xwiki.platform:xwiki-platform-rendering-macro-include
Critical
over 1 year ago
XWiki Platform allows remote code execution from user account
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki Platform remote code execution from account through UIExtension parameters
maven
org.xwiki.platform:xwiki-platform-uiextension-api
Critical
over 1 year ago
XWiki Platform CSRF remote code execution through the realtime HTML Converter API
maven
org.xwiki.platform:xwiki-platform-realtime-ui
Critical
over 1 year ago
XWiki Platform remote code execution from account via custom skins support
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki Platform CSRF remote code execution through scheduler job's document reference
maven
org.xwiki.platform:xwiki-platform-scheduler-ui
Moderate
over 1 year ago
XWiki Platform CSRF in the job scheduler
maven
org.xwiki.platform:xwiki-platform-scheduler-ui
Critical
over 1 year ago
XWiki Platform: Remote code execution through space title and Solr space facet
maven
org.xwiki.platform:xwiki-platform-search-solr-ui
Critical
over 1 year ago
XWiki Platform: Remote code execution from edit in multilingual wikis via translations
maven
org.xwiki.platform:xwiki-platform-localization-source-wiki
Critical
over 1 year ago
XWiki Platform: Remote code execution as guest via DatabaseSearch
maven
org.xwiki.platform:xwiki-platform-search-ui
Critical
over 1 year ago
XWiki Platform: Privilege escalation (PR) from user registration through PDFClass
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki Platform: Remote code execution from account via SearchSuggestSourceSheet
maven
org.xwiki.platform:xwiki-platform-search-ui
Moderate
over 1 year ago
XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted
maven
org.xwiki.platform:xwiki-platform-oldcore
High
almost 2 years ago
XWiki vulnerable to Denial of Service attack through attachments
maven
org.xwiki.platform:xwiki-platform-distribution-war
Critical
almost 2 years ago
XWiki Remote Code Execution Vulnerability via User Registration
maven
org.xwiki.platform:xwiki-platform-administration-ui
High
almost 2 years ago
XWiki has no right protection on rollback action
maven
org.xwiki.platform:xwiki-platform, org.xwiki.platform:xwiki-platform-oldcore
High
almost 2 years ago
Velocity execution without script right through tree macro
maven
org.xwiki.platform:xwiki-platform-index-tree-macro
Critical
almost 2 years ago
Remote code execution/programming rights with configuration section from any user account
maven
org.xwiki.platform:xwiki-platform-administration-ui
Critical
almost 2 years ago
XSS/CSRF Remote Code Execution in XWiki.ConfigurableClass
maven
org.xwiki.platform:xwiki-platform-administration-ui
Critical
almost 2 years ago
Remote code execution from account through SearchAdmin
maven
org.xwiki.platform:xwiki-platform-search-ui
Moderate
almost 2 years ago
Solr search discloses email addresses of users
maven
org.xwiki.platform:xwiki-platform-search-solr-api
High
almost 2 years ago
Solr search discloses password hashes of all users
maven
org.xwiki.platform:xwiki-platform-search-solr-api
High
almost 2 years ago
Whole content of all documents of all wikis exposed to anybody with view right on Solr suggest service
maven
org.xwiki.platform:xwiki-platform-search-solr-query
Critical
almost 2 years ago
Cookies are sent to external images in rendered diff (and server side request forgery)
maven
org.xwiki.platform:xwiki-platform-diff-xml
Critical
almost 2 years ago
XWiki Platform vulnerable to reflected cross-site scripting through revision parameter in content menu
maven
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
Critical
almost 2 years ago
XWiki Platform vulnerable to remote code execution through the section parameter in Administration as guest
maven
org.xwiki.platform:xwiki-platform-administration, org.xwiki.platform:xwiki-platform-administration-ui
Critical
almost 2 years ago
XWiki Platform privilege escalation from script right to programming right through title displayer
maven
org.xwiki.platform:xwiki-platform-display-api
High
almost 2 years ago
XWiki Platform vulnerable to privilege escalation and remote code execution via the edit action
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
almost 2 years ago
XWiki Platform vulnerable to remote code execution via the edit action because it lacks CSRF token
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
about 2 years ago
XWiki Platform vulnerable to XSS with edit right in the create document form for existing pages
maven
org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-web-templates
Critical
about 2 years ago
XWiki Platform web templates vulnerable to reflected XSS in the create document form if name validation is enabled
maven
org.xwiki.platform:xwiki-platform-web-templates
Critical
about 2 years ago
XWiki users can be tricked to execute scripts as the create page action doesn't display the page's title
maven
org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-web-templates
Critical
about 2 years ago
XWiki Platform XSS vulnerability from account in the create page form via template provider
maven
org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-web-standard, org.xwiki.platform:xwiki-platform-web-templates
Critical
about 2 years ago
org.xwiki.platform:xwiki-platform-office-importer vulnerable to arbitrary server side file writing from account through office converter
maven
org.xwiki.platform:xwiki-platform-office-importer
Moderate
about 2 years ago
org.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documents
maven
org.xwiki.platform:xwiki-platform-oldcore
High
about 2 years ago
org.xwiki.platform:xwiki-platform-attachment-api vulnerable to Missing Authorization on Attachment Move
maven
org.xwiki.platform:xwiki-platform-attachment-api
High
about 2 years ago
Privilege escalation (PR)/remote code execution from account through Menu.UIExtensionSheet
maven
org.xwiki.platform:xwiki-platform-menu-ui, org.xwiki.platform:xwiki-platform-menu
Moderate
about 2 years ago
Velocity execution without script right through VelocityCode and VelocityWiki property
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
about 2 years ago
XWiki Platform's Groovy jobs check the wrong author, allowing remote code execution
maven
org.xwiki.platform:xwiki-platform-scheduler-api, com.xpn.xwiki.platform.plugins:xwiki-plugin-scheduler
High
about 2 years ago
XWiki Platform vulnerable to CSRF privilege escalation/RCE via the create action
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
about 2 years ago
XWiki Platform privilege escalation (PR) from account through AWM content fields
maven
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Moderate
about 2 years ago
XWiki Platform Stored Cross-site Scripting in the user profile via the timezone displayer
maven
org.xwiki.platform:xwiki-platform-web-templates
Critical
about 2 years ago
XWiki Platform privilege escalation (PR)/RCE from account through Invitation subject/message
maven
org.xwiki.platform:xwiki-platform-invitation-ui
Moderate
over 2 years ago
Obfuscated email addresses should not be sorted
maven
org.xwiki.platform:xwiki-platform-livetable-ui
Critical
over 2 years ago
org.xwiki.platform:xwiki-platform-skin-ui Eval Injection vulnerability
maven
org.xwiki.platform:xwiki-platform-skin-ui
Critical
over 2 years ago
XWiki Platform vulnerable to cross-site request forgery (CSRF) via the REST API
maven
org.xwiki.platform:xwiki-platform-rest-server, com.xpn.xwiki.platform:xwiki-rest, com.xpn.xwiki.platform:xwiki-core-rest-server
Critical
over 2 years ago
Upgrading doesn't prevent exploiting vulnerable XWiki documents
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 2 years ago
XWiki Platform vulnerable to Code injection through NotificationRSSService
maven
org.xwiki.platform:xwiki-platform-notifications-ui
Critical
over 2 years ago
XWiki Platform vulnerable to Code Injection in icon themes
maven
org.xwiki.platform:xwiki-platform-icon-ui, org.xwiki.platform:xwiki-platform-icon-default, org.xwiki.platform:xwiki-platform-icon-script
Critical
over 2 years ago
XWiki Platform vulnerable to persistent Cross-site Scripting through CKEditor Configuration pages
maven
org.xwiki.platform:xwiki-platform-ckeditor-ui, org.xwiki.contrib:application-ckeditor-ui
Critical
over 2 years ago
XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in DeleteApplication page
maven
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Critical
over 2 years ago
XWiki Platform vulnerable to reflected cross-site scripting via back and xcontinue parameters in resubmit template
maven
org.xwiki.platform:xwiki-platform-web-templates
Filter by Severity
Filter by Ecosystem
maven
6,871
packagist
5,365
pypi
4,865
npm
4,367
go
2,967
nuget
1,642
cargo
1,096
rubygems
906
hex
40
actions
39
swift
35
pub
9
Filter by Package
tensorflow
431
moodle/moodle
425
tensorflow-cpu
408
tensorflow-gpu
398
magento/community-edition
324
Microsoft.ChakraCore
247
org.jenkins-ci.main:jenkins-core
242
typo3/cms
171
com.liferay.portal:release.portal.bom
147
org.apache.tomcat:tomcat
136
github.com/mattermost/mattermost/server/v8
136
com.liferay.portal:release.dxp.bom
124
pimcore/pimcore
120
dolibarr/dolibarr
117
typo3/cms-core
108
phpmyadmin/phpmyadmin
107
microweber/microweber
103
drupal/core
100
Django
99
silverstripe/framework
91
apache-airflow
89
librenms/librenms
86
magento/project-community-edition
83
drupal/drupal
75
thorsten/phpmyfaq
74
github.com/mattermost/mattermost-server
70
com.fasterxml.jackson.core:jackson-databind
69
github.com/usememos/memos
68
concrete5/concrete5
67
salt
65
ansible
63
shopware/platform
63
symfony/symfony
61
actionpack
61
apache-superset
61
github.com/grafana/grafana
56
Plone
55
org.apache.struts:struts2-core
55
mlflow
53
craftcms/cms
53
shopware/core
51
org.keycloak:keycloak-core
50
github.com/rancher/rancher
50
nova
48
mautic/core
48
github.com/hashicorp/vault
48
baserproject/basercms
47
nokogiri
46
org.keycloak:keycloak-services
45
gradio
44
vyper
44
org.xwiki.platform:xwiki-platform-oldcore
43
org.elasticsearch:elasticsearch
43
matrix-synapse
43
k8s.io/kubernetes
42
nilsteampassnet/teampass
42
rdiffweb
42
showdoc/showdoc
41
mantisbt/mantisbt
41
org.apache.tomcat.embed:tomcat-embed-core
41
intelliants/subrion
40
froxlor/froxlor
40
plone
40
picklescan
39
directus
39
net.mingsoft:ms-mcms
38
snipe/snipe-it
38
github.com/mattermost/mattermost-server/v6
37
com.thoughtworks.xstream:xstream
37
django
36
com.jfinal:jfinal
36
rack
35
io.undertow:undertow-core
35
github.com/argoproj/argo-cd/v2
35
moin
35
github.com/answerdev/answer
34
parse-server
33
org.jenkins-ci.plugins:script-security
32
zendframework/zendframework1
32
github.com/argoproj/argo-cd
32
gogs.io/gogs
32
github.com/cilium/cilium
31
flowise
31
github.com/hashicorp/nomad
31
keystone
31
shopware/shopware
31
github.com/hashicorp/consul
31
opencv-python
30
getgrav/grav
30
opencv-contrib-python
30
contao/core-bundle
29
Pillow
29
next
29
github.com/docker/docker
29
vllm
28
pillow
28
electron
28
DotNetNuke.Core
28
org.apache.solr:solr-core
28
mediawiki/core
28
centreon/centreon
27
org.opencms:opencms-core
27
prestashop/prestashop
27
org.springframework.security:spring-security-core
26
org.apache.tomcat:tomcat-catalina
26
pocketmine/pocketmine-mp
25
openssl-src
25
rubygems-update
25
open-webui
25
org.eclipse.jetty:jetty-server
25
github.com/traefik/traefik/v2
25
surrealdb
24
magento/core
24
pyload-ng
24
getkirby/cms
24
org.keycloak:keycloak-parent
24
remdex/livehelperchat
23
puppet
23
phpoffice/phpexcel
23
simplesamlphp/simplesamlphp
23
grumpydictator/firefly-iii
23
activerecord
22
laravel/framework
22
ckb
22
org.apache.openmeetings:openmeetings-parent
22
zendframework/zendframework
22
tribalsystems/zenario
22
deno
22
org.apache.nifi:nifi
21
github.com/goharbor/harbor
21
glance
21
@openzeppelin/contracts
21
@openzeppelin/contracts-upgradeable
21
helm.sh/helm/v3
21
wasmtime
21
cockpit-hq/cockpit
20
typo3/cms-backend
20
ethyca-fides
20
code.gitea.io/gitea
20
github.com/ethereum/go-ethereum
20
aim
20
org.cloudfoundry.identity:cloudfoundry-identity-server
20
funadmin/funadmin
20
github.com/zitadel/zitadel
19
org.bouncycastle:bcprov-jdk14
19
topthink/framework
19
langchain
19
neutron
19
org.xwiki.platform:xwiki-platform-web-templates
19
transformers
19
genix/cms
18
cobbler
18
mercurial
18
mindsdb
18
org.springframework:spring-core
18
org.apache.jspwiki:jspwiki-main
18
forkcms/forkcms
18
com.vaadin:vaadin-bom
18
golang.org/x/net
18
Microsoft.AspNetCore.App.Runtime.win-x64
18
contao/contao
18
calibreweb
17
openmage/magento-lts
17
Microsoft.AspNetCore.App.Runtime.win-x86
17
cryptography
17
github.com/openfga/openfga
17
notebook
17
opencart/opencart
17
francoisjacquet/rosariosis
17
github.com/traefik/traefik/v3
17
cakephp/cakephp
17
org.apache.inlong:manager-pojo
17
OctoPrint
17
com.liferay.portal:com.liferay.portal.impl
17
yetiforce/yetiforce-crm
17
Microsoft.AspNetCore.App.Runtime.linux-arm64
17
org.apache.geode:geode-core
17
ezsystems/ezpublish-kernel
17
Microsoft.AspNetCore.App.Runtime.linux-x64
16
Microsoft.AspNetCore.App.Runtime.win-arm
16
sequelize
16
PaddlePaddle
16
org.apache.activemq:activemq-client
16
phpbb/phpbb
16
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
16
lollms
16
Microsoft.AspNetCore.App.Runtime.linux-arm
16
org.apache.tomcat:tomcat-coyote
16
paddlepaddle
16
rusqlite
16
ghost
16
org.apache.dubbo:dubbo
16
org.apache.ranger:ranger
16
tinymce
16
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
16
vite
16
github.com/containerd/containerd
15
Microsoft.AspNetCore.App.Runtime.osx-x64
15
october/system
15
pimcore/admin-ui-classic-bundle
15
Filter by Repository
https://github.com/tensorflow/tensorflow
433
https://github.com/moodle/moodle
250
https://github.com/xwiki/xwiki-platform
222
https://github.com/chakra-core/ChakraCore
214
https://github.com/jenkinsci/jenkins
178
https://github.com/liferay/liferay-portal
167
https://github.com/django/django
119
https://github.com/apache/tomcat
118
https://github.com/pimcore/pimcore
116
https://github.com/apache/airflow
105
https://github.com/TYPO3/typo3
94
https://github.com/microweber/microweber
90
https://github.com/keycloak/keycloak
90
https://github.com/librenms/librenms
77
https://github.com/rails/rails
70
https://github.com/FasterXML/jackson-databind
70
https://github.com/thorsten/phpmyfaq
69
https://github.com/usememos/memos
68
https://github.com/silverstripe/silverstripe-framework
68
https://github.com/kubernetes/kubernetes
66
https://github.com/symfony/symfony
64
https://github.com/Dolibarr/dolibarr
60
https://github.com/mattermost/mattermost
59
https://github.com/ansible/ansible
59
https://github.com/python-pillow/Pillow
52
https://github.com/spring-projects/spring-framework
51
https://github.com/argoproj/argo-cd
50
https://github.com/apache/struts
47
https://github.com/grafana/grafana
47
https://github.com/rancher/rancher
46
https://github.com/mautic/mautic
46
https://github.com/phpmyadmin/phpmyadmin
45
https://github.com/concretecms/concretecms
44
https://github.com/vyperlang/vyper
44
https://github.com/shopware/platform
43
https://github.com/saltstack/salt
42
https://github.com/ikus060/rdiffweb
42
https://github.com/directus/directus
41
https://github.com/craftcms/cms
41
https://github.com/shopware/shopware
40
https://github.com/gradio-app/gradio
39
https://github.com/mmaitre314/picklescan
39
https://github.com/star7th/showdoc
39
https://github.com/dotnet/runtime
38
https://github.com/openstack/nova
38
https://github.com/mantisbt/mantisbt
38
https://github.com/magento/magento2
38
https://github.com/x-stream/xstream
37
https://github.com/plone/Products.CMFPlone
37
https://github.com/octobercms/october
36
https://github.com/umbraco/Umbraco-CMS
35
https://github.com/mlflow/mlflow
35
https://github.com/sparklemotion/nokogiri
35
https://github.com/answerdev/answer
34
https://github.com/apache/activemq
34
https://github.com/parse-community/parse-server
33
https://github.com/matrix-org/synapse
32
https://github.com/go-gitea/gitea
32
https://github.com/opencv/opencv
32
https://github.com/cilium/cilium
31
https://github.com/PaddlePaddle/Paddle
31
https://github.com/apache/inlong
31
https://github.com/contao/contao
30
https://github.com/snipe/snipe-it
30
https://github.com/rack/rack
29
https://github.com/strapi/strapi
29
https://github.com/CVEProject/cvelist
28
https://github.com/FlowiseAI/Flowise
28
https://github.com/electron/electron
28
https://github.com/gogs/gogs
28
https://github.com/openstack/keystone
28
https://github.com/netty/netty
27
https://github.com/geoserver/geoserver
26
https://github.com/apache/nifi
26
https://github.com/froxlor/froxlor
26
https://github.com/baserproject/basercms
26
https://github.com/github/advisory-database
26
https://github.com/vercel/next.js
25
https://github.com/vllm-project/vllm
25
https://github.com/surrealdb/surrealdb
25
https://github.com/pmmp/PocketMine-MP
25
https://github.com/denoland/deno
25
https://github.com/traefik/traefik
25
https://github.com/langchain-ai/langchain
25
https://github.com/bcgit/bc-java
25
https://github.com/zitadel/zitadel
25
https://github.com/getgrav/grav
24
https://github.com/pyload/pyload
24
https://github.com/run-llama/llama_index
24
https://github.com/hashicorp/consul
24
https://github.com/apache/cxf
24
https://github.com/nilsteampassnet/TeamPass
23
https://github.com/bytecodealliance/wasmtime
23
https://github.com/moby/moby
23
https://github.com/livehelperchat/livehelperchat
23
https://github.com/dnnsoftware/Dnn.Platform
23
https://github.com/PrestaShop/PrestaShop
23
https://github.com/TYPO3/TYPO3.CMS
23
https://github.com/eclipse/jetty.project
23
https://github.com/firefly-iii/firefly-iii
23
https://github.com/jenkinsci/script-security-plugin
22
https://github.com/helm/helm
22
https://github.com/nervosnetwork/ckb
22
https://github.com/getkirby/kirby
22
https://github.com/PHPOffice/PhpSpreadsheet
22
https://github.com/OpenZeppelin/openzeppelin-contracts
21
https://github.com/laravel/framework
21
https://github.com/undertow-io/undertow
21
https://github.com/goharbor/harbor
21
https://github.com/hashicorp/vault
21
https://github.com/OpenNMS/opennms
20
https://github.com/jeecgboot/jeecg-boot
20
https://github.com/ethyca/fides
20
https://github.com/funadmin/funadmin
20
https://github.com/opencast/opencast
20
https://github.com/simplesamlphp/simplesamlphp
20
https://github.com/huggingface/transformers
19
https://github.com/TYPO3-CMS/core
19
https://github.com/backstage/backstage
19
https://github.com/nilsteampassnet/teampass
19
https://github.com/intelliants/subrion
19
https://github.com/alkacon/opencms-core
19
https://github.com/cloudfoundry/uaa
19
https://github.com/vaadin/platform
18
https://github.com/apache/camel
18
https://github.com/rubygems/rubygems
18
https://github.com/OpenMage/magento-lts
17
https://github.com/liufee/cms
17
https://github.com/containerd/containerd
17
https://github.com/ethereum/go-ethereum
17
https://github.com/vantage6/vantage6
17
https://github.com/openfga/openfga
17
https://github.com/apache/kylin
17
https://github.com/mindsdb/mindsdb
17
https://github.com/dotnet/aspnetcore
16
https://github.com/pyca/cryptography
16
https://github.com/forkcms/forkcms
16
https://github.com/hashicorp/nomad
16
https://github.com/sequelize/sequelize
16
https://github.com/yetiforcecompany/yetiforcecrm
16
https://github.com/etcd-io/etcd
16
https://github.com/tinymce/tinymce
16
https://github.com/vitejs/vite
16
https://github.com/quarkusio/quarkus
16
https://github.com/rusqlite/rusqlite
16
https://github.com/cobbler/cobbler
15
https://github.com/spring-projects/spring-security
15
https://github.com/ckeditor/ckeditor4
15
https://github.com/containers/podman
15
https://github.com/thorsten/phpMyFAQ
15
https://github.com/centreon/centreon
15
https://github.com/decidim/decidim
15
https://github.com/zendframework/zendframework
15
https://github.com/nodejs/undici
15
https://github.com/drupal/core
15
https://github.com/PHPMailer/PHPMailer
15
https://github.com/puppetlabs/puppet
15
https://github.com/OPCFoundation/UA-.NETStandard
15
https://github.com/xuxueli/xxl-job
15
https://github.com/MobSF/Mobile-Security-Framework-MobSF
15
https://github.com/dompdf/dompdf
15
https://github.com/aio-libs/aiohttp
15
https://github.com/apache/superset
14
https://github.com/pimcore/admin-ui-classic-bundle
14
https://github.com/cockpit-hq/cockpit
14
https://github.com/ImageMagick/ImageMagick
14
https://github.com/twisted/twisted
14
https://github.com/golang/go
14
https://github.com/dpgaspar/Flask-AppBuilder
14
https://github.com/pgadmin-org/pgadmin4
14
https://github.com/Graylog2/graylog2-server
14
https://github.com/urllib3/urllib3
14
https://github.com/apache/zeppelin
14
https://github.com/janeczku/calibre-web
14
https://github.com/cosmos/cosmos-sdk
14
https://github.com/publify/publify
14
https://github.com/ming-soft/MCMS
14
https://github.com/rails/rails-html-sanitizer
14
https://github.com/TryGhost/Ghost
14
https://github.com/openbao/openbao
13
https://github.com/zenml-io/zenml
13
https://github.com/swagger-api/swagger-ui
13
https://github.com/laurent22/joplin
13
https://github.com/OpenRefine/OpenRefine
13
https://github.com/1Panel-dev/1Panel
13
https://github.com/opencontainers/runc
13
https://github.com/modoboa/modoboa
13
https://github.com/apache/dolphinscheduler
13
https://github.com/dromara/hutool
13
https://github.com/h2oai/h2o-3
13
https://github.com/yiisoft/yii2
12
https://github.com/DSpace/DSpace
12
https://github.com/nautobot/nautobot
12
https://github.com/igniterealtime/Openfire
12
https://github.com/smarty-php/smarty
12
https://github.com/modxcms/revolution
12
https://github.com/OctoPrint/OctoPrint
12
https://github.com/n8n-io/n8n
12
https://github.com/getsentry/sentry
12