Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories
Browse all Security Advisories for
Loading...
Moderate
Ecosystems: pypi
Packages: wagtail-2fa
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5cHgtd3czai1nMm1t
2FA bypass in Wagtail through new device pathEcosystems: pypi
Packages: wagtail-2fa
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: pannellum
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01MngtMjlwcS13M3Z2
Pannellum Cross-Site Scripting due to data not being sanitized for URIs or vbscriptEcosystems: npm
Packages: pannellum
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: about 5 years ago
High
Ecosystems: npm
Packages: vant
Source: GitHub Advisory Database
Blast Radius: 37.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl4cjgtOGhtYy0zODlm
Cross-Site Scripting in vantEcosystems: npm
Packages: vant
Source: GitHub Advisory Database
Blast Radius: 37.8
Published: about 5 years ago
Moderate
Ecosystems: pypi
Packages: airflow
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEzcDQtZ3c3ci13cWpj
Apache Airflow vulnerable to XSS and local file disclosureEcosystems: pypi
Packages: airflow
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: about 5 years ago
Critical
Ecosystems: packagist
Packages: usmanhalalit/pixie
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4d2ctcXY2ci1qNHZw
SQL Injection in usmanhalalit/pixieEcosystems: packagist
Packages: usmanhalalit/pixie
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: about 5 years ago
High
Ecosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 35.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5bXEtNHg0Ny01djgz
Prototype Pollution in angularEcosystems: npm
Packages: angular
Source: GitHub Advisory Database
Blast Radius: 35.7
Published: about 5 years ago
High
Ecosystems: packagist
Packages: phpoffice/phpspreadsheet
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ2d3YtaDY5bS13ZzZm
XXE in PHPSpreadsheet due to incomplete fix for previous encoding issueEcosystems: packagist
Packages: phpoffice/phpspreadsheet
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: about 5 years ago
High
Ecosystems: packagist
Packages: phpoffice/phpspreadsheet
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjcmctMjloNy1oNGNq
XXE in PHPSpreadsheet due to encoding issueEcosystems: packagist
Packages: phpoffice/phpspreadsheet
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: about 5 years ago
High
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-main
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4ODMtcnBxZi1tMjY3
user/group information can be corrupted across storing in fsimage and reading back from fsimageEcosystems: maven
Packages: org.apache.hadoop:hadoop-main
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 5 years ago
Critical
Ecosystems: pypi
Packages: rediswrapper
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZyY2YtZzUzOS14Nmgz
Uncontrolled deserialization of a pickled object in rediswrapper allows attackers to execute arbitrary scriptsEcosystems: pypi
Packages: rediswrapper
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 5 years ago
High
Ecosystems: packagist
Packages: simplito/elliptic-php
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1yNnItODJ4NC1mNGpq
Timing attacks might allow practical recovery of the long-term private keyEcosystems: packagist
Packages: simplito/elliptic-php
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: about 5 years ago
Critical
Ecosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2aDgtdmMyOC1tMmhm
Potential to access user credentials from the log files when debug logging enabledEcosystems: maven
Packages: io.undertow:undertow-core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 5 years ago
High
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg3cXctbXhybS1jNmgy
Unauthenticated crypto and weak IV in Magento\Framework\EncryptionEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: about 5 years ago
Critical
Ecosystems: pypi
Packages: limnoria
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZnODgtdnIzdi03Nm1m
Eval injection in Supybot/LimnoriaEcosystems: pypi
Packages: limnoria
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 5 years ago
Critical
Ecosystems: packagist
Packages: symfony/symfony, symfony/proxy-manager-bridge, symfony/dependency-injection
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnd2otcHJwcS1qcGMy
Symfony Service IDs Allow InjectionEcosystems: packagist
Packages: symfony/symfony, symfony/proxy-manager-bridge, symfony/dependency-injection
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: about 5 years ago
High
Ecosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5cjMtcmNwai1oN3c2
Path traversal attack on Windows platformsEcosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: about 5 years ago
Moderate
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3aHEtajVxZy13anZw
Stored Cross-Site Scripting vulnerability in admin component of DotNetNukeEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: slpjs
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQyNWMtY2NmMy0zanJy
Critical severity vulnerability that affects slpjsEcosystems: npm
Packages: slpjs
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: slp-validate
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdteDYtdnhjZi1jM2dy
Validation Bypass in slp-validateEcosystems: npm
Packages: slp-validate
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: about 5 years ago
Moderate
Ecosystems: rubygems
Packages: rack-cors
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBmOGYtdzI2Ny1tcTJo
The rack-cors rubygem may allow directory traveralEcosystems: rubygems
Packages: rack-cors
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: about 5 years ago
High
Ecosystems: rubygems
Packages: json-jwt
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmZjctNmg0cS1xNXBq
JSON-jwt Gem lacked element count during splitting of JWE stringEcosystems: rubygems
Packages: json-jwt
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: about 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqbXctdmY5aC1nMjV2
jackson-databind polymorphic typing issueEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZtbWMtNzQycS1qZzc1
jackson-databind polymorphic typing issueEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 5 years ago
Low
Ecosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZyNTgtNHhnci1nbTZt
SilverStripe Priviledge escalation through cache pollutionEcosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: silverstripe/assets, silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp2eDUtcm02cS1neDdw
Lack of access control on upoaded filesEcosystems: packagist
Packages: silverstripe/assets, silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc3cjctcjhyOS12cmcy
Session fixation in change password formEcosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: about 5 years ago
Critical
Ecosystems: packagist
Packages: silverstripe/framework, silverstripe/cms
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNnOGotOHc1Mi03MzV2
Missing warning can lead to unauthenticated admin access in SilverStripeEcosystems: packagist
Packages: silverstripe/framework, silverstripe/cms
Source: GitHub Advisory Database
Blast Radius: 35.6
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: silverstripe/framework, symbiote/silverstripe-versionedfiles
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhtNmoteDM0Mi1nd3E5
SilverStripe Versioned Files module Unpublished files are exposed publiclyEcosystems: packagist
Packages: silverstripe/framework, symbiote/silverstripe-versionedfiles
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core, symfony/symfony, symfony/framework-bundle
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5OTYtcTVyOC13N2cy
Symfony Cross-site Scripting (XSS) vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core, symfony/symfony, symfony/framework-bundle
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZtNjgtODltOC00Z2pq
Composer JavaScript injection possible via html commentsEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh2NjktZjd4NS1yNHF3
Magento Cross-Site Scripting via Attribute Set NameEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYyZngtM3Y0Zi1td3ht
Bypass of sitemp access restrictionsEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: about 5 years ago
Critical
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNxNXgtN214cC1ycDZq
Remote code execution via vulnerable Symphony dependecy injectionEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 5 years ago
High
Ecosystems: packagist
Packages: magento/product-community-edition, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg5Y2gtaHFmOS1yZ3Az
Using JS libraries with known security vulnerabilitiesEcosystems: packagist
Packages: magento/product-community-edition, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQyN2ctMnI4My0zY2Nt
Information disclosure through processing of external XML entitiesEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: about 5 years ago
Moderate
Ecosystems: maven
Packages: org.opencms:opencms-core
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxcXItM3BqMy1xMmY1
XSS issues in the management interfaceEcosystems: maven
Packages: org.opencms:opencms-core
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
Moderate
Ecosystems: maven
Packages: org.opencms:opencms-core
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJwNnAtdjY5cC05bW05
XSS in login formEcosystems: maven
Packages: org.opencms:opencms-core
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
Moderate
Ecosystems: maven
Packages: org.opencms:opencms-core
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM2aGYtNmhwMi05ZzRj
Local file inclusion allows unauthorized access to internal resources in Alkacon OpenCmsEcosystems: maven
Packages: org.opencms:opencms-core
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: about 5 years ago
Moderate
Ecosystems: maven
Packages: org.opencms:opencms-core
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4cDgtN2g1dy1oMjM1
XSS in search engineEcosystems: maven
Packages: org.opencms:opencms-core
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
High
Ecosystems: packagist
Packages: robrichards/xmlseclibs
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBxbTYtY2d3ci14NnBm
Signature validation bypass in XmlSecLibsEcosystems: packagist
Packages: robrichards/xmlseclibs
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: bagisto/bagisto
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB3cmYtcTdoOC1qanI3
Authorization Bypass Through User-Controlled Key in BagistoEcosystems: packagist
Packages: bagisto/bagisto
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: getgrav/grav
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYyNjgtdjQzNC00NW01
Cross-site Scripting in GravEcosystems: packagist
Packages: getgrav/grav
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: about 5 years ago
Critical
Ecosystems: packagist
Packages: cesnet/simplesamlphp-module-proxystatistics
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1MnEteHhqNC14MnJ4
SQL Injection in SimpleSAMLphpEcosystems: packagist
Packages: cesnet/simplesamlphp-module-proxystatistics
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01NTMtOXdteC01MzNo
Cross-site scripting in DolibarrEcosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: about 5 years ago
High
Ecosystems: npm
Packages: @cubejs-backend/api-gateway
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRqNngtdzQyNi02cmM2
Default Express middleware security check is ignored in productionEcosystems: npm
Packages: @cubejs-backend/api-gateway
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: maven
Packages: org.apache.cxf:apache-cxf, org.apache.cxf:cxf
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4cDgtOWc1OS1xMmhy
Potential DOS attack due to unrestricted attachment count in messagesEcosystems: maven
Packages: org.apache.cxf:apache-cxf, org.apache.cxf:cxf
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: about 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.cxf:cxf
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN3NnctcTg4ai02bXFm
Potential session hijack in Apache CXFEcosystems: maven
Packages: org.apache.cxf:cxf
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: about 5 years ago
Moderate
Ecosystems: pypi
Packages: notebook
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpxd2Mtam01Ni13Y3dq
Cross-site scripting in Jupyter NotebookEcosystems: pypi
Packages: notebook
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI1OTgtMmY1OS1ybWhx
SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: bolt/bolt
Source: GitHub Advisory Database
Blast Radius: 14.4
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNqOHAtNTN2OS0yYzI2
Cross-site Scripting in BoltEcosystems: packagist
Packages: bolt/bolt
Source: GitHub Advisory Database
Blast Radius: 14.4
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo5eHAtOTJ2Yy01NTlq
SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: about 5 years ago
Moderate
Ecosystems: maven
Packages: org.pac4j:pac4j-saml
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJjNzUtY2Y1Yy1teHZo
Use of Cryptographically Weak Pseudo-Random Number Generator in org.pac4j:pac4j-samlEcosystems: maven
Packages: org.pac4j:pac4j-saml
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: about 5 years ago
Moderate
Ecosystems: rubygems
Packages: loofah
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWMzZ3YtOWN4Zi02ZjU3
Loofah Allows Cross-site ScriptingEcosystems: rubygems
Packages: loofah
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: about 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW14N3AtNjY3OS04ZzNx
Polymorphic Typing in FasterXML jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05anctMjM3ci1ndmZ2
SQL Injection in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: about 5 years ago
Moderate
Ecosystems: maven
Packages: org.apache.nifi:nifi-framework-cluster-protocol
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh3eDYtdm1qNC01cnY4
Denial of service via deserialization attack in nifiEcosystems: maven
Packages: org.apache.nifi:nifi-framework-cluster-protocol
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: about 5 years ago
High
Ecosystems: rubygems
Packages: ruby_parser-legacy
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhod2MtOGc0OS1qOGp4
Ruby_parser-legacy Incorrect Permission Assignment for Critical ResourceEcosystems: rubygems
Packages: ruby_parser-legacy
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: node-red-dashboard
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhnNTktbTd3eC04NTNx
Cross-site Scripting in node-red-dashboardEcosystems: npm
Packages: node-red-dashboard
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: about 5 years ago
High
Ecosystems: pypi
Packages: graphite-web
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmajYtMjc1cS00cHZt
graphite.composer.views.send_email vulnerable to SSRFEcosystems: pypi
Packages: graphite-web
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: about 5 years ago
High
Ecosystems: nuget
Packages: Auth0.AuthenticationApi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5Y2ctcThyMi14dmpx
Improper Authentication in Auth0.AuthenticationApiEcosystems: nuget
Packages: Auth0.AuthenticationApi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 5 years ago
High
Ecosystems: pypi
Packages: unoconv
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3cDUtN2N3Ni1tNDVo
Server-Side Request Forgery in unoconvEcosystems: pypi
Packages: unoconv
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: about 5 years ago
High
Ecosystems: maven
Packages: io.projectreactor.netty:reactor-netty
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo1MnIteGM2OC1xOGY0
Insufficiently Protected Credentials in Pivotal Reactor NettyEcosystems: maven
Packages: io.projectreactor.netty:reactor-netty
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 53.9
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2ODctdnY5ai1oZ3Bo
Improper Input Validation in Automattic MongooseEcosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 53.9
Published: about 5 years ago
High
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo3bWotNzQ4eC03cDc4
DOS attack in Pillow when processing specially crafted image filesEcosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 5 years ago
Moderate
Ecosystems: rubygems
Packages: haml
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI1M3ctZzR4bS0zZ2M2
Haml vulnerable to cross-site scriptingEcosystems: rubygems
Packages: haml
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjZzgtcHE5di14OThx
Sandbox Breakout in realms-shimEcosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzeDQtd3I0aC1wdzMz
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: knex
Source: GitHub Advisory Database
Blast Radius: 48.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4djQtcXd4NS03ZjU5
SQL Injection in knexEcosystems: npm
Packages: knex
Source: GitHub Advisory Database
Blast Radius: 48.8
Published: about 5 years ago
High
Ecosystems: maven
Packages: io.ratpack:ratpack-core
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW12cXAtcTM3Yy13Zjlq
io.ratpack:ratpack-core vulnerable to Improper Neutralization of Special Elements in Output ('Injection')Ecosystems: maven
Packages: io.ratpack:ratpack-core
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: renovate
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY3eDMtN2h3Ny1wY2pn
Renovate vulnerable to leakage of temporary repository tokens into Pull Request commentsEcosystems: npm
Packages: renovate
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnY2gtamptci1ncDd3
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: about 5 years ago
High
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtaDgtZ3gybS1tcjc1
Out-of-Memory Error in Bouncy Castle CryptoEcosystems: maven
Packages: org.bouncycastle:bcprov-jdk14
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: about 5 years ago
Critical
Ecosystems: maven
Packages: com.nimbusds:nimbus-jose-jwt
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY2dmYtcHE4Yy02OW00
Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWTEcosystems: maven
Packages: com.nimbusds:nimbus-jose-jwt
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: about 5 years ago
High
Ecosystems: npm
Packages: csv-parse
Source: GitHub Advisory Database
Blast Radius: 39.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU4MmYtcDRwZy14Yzc0
Regular Expression Denial of Service in csv-parseEcosystems: npm
Packages: csv-parse
Source: GitHub Advisory Database
Blast Radius: 39.7
Published: about 5 years ago
Critical
Ecosystems: maven, npm
Packages: io.springfox:springfox-swagger-ui, org.webjars.npm:swagger-ui, org.webjars:swagger-ui, swagger-ui
Source: GitHub Advisory Database
Blast Radius: 87.4
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM0MjctaGpjMy13cmZ3
Cross-site scripting in Swagger-UIEcosystems: maven, npm
Packages: io.springfox:springfox-swagger-ui, org.webjars.npm:swagger-ui, org.webjars:swagger-ui, swagger-ui
Source: GitHub Advisory Database
Blast Radius: 87.4
Published: about 5 years ago
Critical
Ecosystems: rubygems
Packages: netaddr
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ5cGotNjl2Zi1jNjg5
netaddr before 1.5.3 and 2.0.4 has Incorrect Default PermissionsEcosystems: rubygems
Packages: netaddr
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: api-platform/core
Source: GitHub Advisory Database
Blast Radius: 23.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk3NGotd2p4eC13Z2dq
Incorrect Access Control vulnerability in api-platform/coreEcosystems: packagist
Packages: api-platform/core
Source: GitHub Advisory Database
Blast Radius: 23.6
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: yii2mod/yii2-cms
Source: GitHub Advisory Database
Blast Radius: 6.1
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmaDgtMjVoOS1taGdm
Cross-site Scripting in YII2-CMSEcosystems: packagist
Packages: yii2mod/yii2-cms
Source: GitHub Advisory Database
Blast Radius: 6.1
Published: about 5 years ago
High
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5eGgtM3c1Zy0yMjly
SQL Injection in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 5 years ago
High
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.4
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3OHgtODVoYy1nYzRn
SQL Injection in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.4
Published: about 5 years ago
High
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzMzYtanhmci00YzNj
Path Traversal in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY0aGgteHhxaC13Z3Bx
Exposure of Sensitive Information to an Unauthorized Actor in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: about 5 years ago
High
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc1cjItZ3ZnZi1tcG04
Improper Encoding or Escaping of Output and Injection in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3N3YtZ3dmci1obXBq
Missing Authentication for Critical Function in LibreNMSEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: about 5 years ago
Moderate
Ecosystems: maven
Packages: org.apache.jspwiki:jspwiki-war
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxbWctcWc1My1tcnA4
Cross-site scripting in Apache JSPWikiEcosystems: maven
Packages: org.apache.jspwiki:jspwiki-war
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
Moderate
Ecosystems: maven
Packages: org.apache.jspwiki:jspwiki-war
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNyeDIteDZteC1ncmoz
Cross-site scripting in Apache JSPWikiEcosystems: maven
Packages: org.apache.jspwiki:jspwiki-war
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
Moderate
Ecosystems: maven
Packages: org.apache.jspwiki:jspwiki-war
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3ZnEtcXdtcC14OXhn
Cross-site scripting in Apache JSPWikiEcosystems: maven
Packages: org.apache.jspwiki:jspwiki-war
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
Moderate
Ecosystems: maven
Packages: org.apache.jspwiki:jspwiki-war
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc2d3ctMng0My1oOTYz
Cross-site scripting in Apache JSPWikiEcosystems: maven
Packages: org.apache.jspwiki:jspwiki-war
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 5 years ago
High
Ecosystems: maven
Packages: io.netty:netty-all, org.jboss.netty:netty
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5NzktNG1mdy01M3Zn
HTTP Request Smuggling in NettyEcosystems: maven
Packages: io.netty:netty-all, org.jboss.netty:netty
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: about 5 years ago
High
Ecosystems: maven
Packages: io.github.1tchy.java9modular.org.apache.commons:commons-compress, org.apache.commons:commons-compress
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzeDYtNHg1cC1ycnZ2
Denial of Service in Apache Commons CompressEcosystems: maven
Packages: io.github.1tchy.java9modular.org.apache.commons:commons-compress, org.apache.commons:commons-compress
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: about 5 years ago
High
Ecosystems: npm
Packages: html-pdf
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg0dzUtcjU0Ni14OXFo
Arbitrary File Read in html-pdfEcosystems: npm
Packages: html-pdf
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: about 5 years ago
High
Ecosystems: pypi
Packages: indico
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY3Y3gtcmhocS1tZmhx
High severity vulnerability that affects indicoEcosystems: pypi
Packages: indico
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYzZjYtZjI5Zi1yZ3Zw
Missing Authorization in DrupalEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 5 years ago
High
Ecosystems: pypi
Packages: ecdsa
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB3ZnctbWdmai03ZzNn
ecdsa Denial of Service vulnerability in signature verification and signature malleabilityEcosystems: pypi
Packages: ecdsa
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: about 5 years ago
Low
Ecosystems: npm
Packages: eye.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1ndjItNTd2ai05OXhj
Low severity vulnerability that affects eye.jsEcosystems: npm
Packages: eye.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Low
Ecosystems: rubygems
Packages: iodine
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg1cmYteGg1NC13aHAz
Malicious URL drafting attack against iodines static file server may allow path traversalEcosystems: rubygems
Packages: iodine
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: ses, realms-shim
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZqZzgtNzMzMy01NTR3
Sandbox Breakout in realms-shimEcosystems: npm
Packages: ses, realms-shim
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: about 5 years ago
High
Ecosystems: nuget
Packages: PeterO.Cbor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN4dzQtOXF2OS12eDVo
High severity vulnerability that affects PeterO.CborEcosystems: nuget
Packages: PeterO.Cbor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 5 years ago
Critical
Ecosystems: rubygems
Packages: simple_form
Source: GitHub Advisory Database
Blast Radius: 48.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI3NHEtZ3hjZy03M2h4
Improper Input Validation in simple_formEcosystems: rubygems
Packages: simple_form
Source: GitHub Advisory Database
Blast Radius: 48.3
Published: about 5 years ago
High
Ecosystems: npm
Packages: centra
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2Y2otcjg4cC05MnJt
Buffer Overflow in centraEcosystems: npm
Packages: centra
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: about 5 years ago
Statistics
Advisories: 20,807
Packages: 9,111
Repositories: 5,566
Ecosystems: 12
Packages: 9,111
Repositories: 5,566
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
433
tensorflow-gpu
427
tensorflow-cpu
423
moodle/moodle
367
Microsoft.ChakraCore
247
magento/community-edition
235
org.jenkins-ci.main:jenkins-core
193
typo3/cms
174
org.apache.tomcat:tomcat
132
pimcore/pimcore
118
dolibarr/dolibarr
113
typo3/cms-core
106
Django
100
microweber/microweber
94
phpmyadmin/phpmyadmin
92
drupal/core
92
apache-airflow
85
silverstripe/framework
85
drupal/drupal
78
librenms/librenms
74
Plone
72
thorsten/phpmyfaq
70
com.fasterxml.jackson.core:jackson-databind
69
symfony/symfony
69
github.com/usememos/memos
64
ansible
63
github.com/mattermost/mattermost/server/v8
61
concrete5/concrete5
60
actionpack
60
salt
56
org.apache.struts:struts2-core
55
shopware/platform
52
org.keycloak:keycloak-core
52
apache-superset
51
github.com/grafana/grafana
49
baserproject/basercms
47
nova
47
mlflow
47
craftcms/cms
46
com.liferay.portal:release.portal.bom
46
django
44
nokogiri
43
rdiffweb
42
plone
41
matrix-synapse
41
shopware/core
40
showdoc/showdoc
40
intelliants/subrion
39
org.apache.tomcat.embed:tomcat-embed-core
38
froxlor/froxlor
38
vyper
38
github.com/rancher/rancher
38
org.keycloak:keycloak-services
37
mautic/core
37
nilsteampassnet/teampass
37
github.com/hashicorp/vault
37
com.thoughtworks.xstream:xstream
37
github.com/mattermost/mattermost-server/v6
37
org.xwiki.platform:xwiki-platform-oldcore
37
org.elasticsearch:elasticsearch
36
com.jfinal:jfinal
36
k8s.io/kubernetes
36
snipe/snipe-it
35
moin
35
net.mingsoft:ms-mcms
35
gradio
34
zendframework/zendframework1
34
github.com/answerdev/answer
34
io.undertow:undertow-core
34
org.jenkins-ci.plugins:script-security
33
keystone
32
Pillow
31
parse-server
31
opencv-contrib-python
31
opencv-python
31
github.com/argoproj/argo-cd
31
shopware/shopware
30
getgrav/grav
29
github.com/hashicorp/consul
29
github.com/docker/docker
29
mediawiki/core
28
github.com/hashicorp/nomad
28
github.com/argoproj/argo-cd/v2
27
centreon/centreon
27
openssl-src
26
electron
26
pillow
26
prestashop/prestashop
26
directus
26
github.com/cilium/cilium
26
org.keycloak:keycloak-parent
25
gogs.io/gogs
25
org.apache.solr:solr-core
25
rubygems-update
25
magento/core
24
org.eclipse.jetty:jetty-server
24
org.springframework.security:spring-security-core
24
contao/core-bundle
24
pocketmine/pocketmine-mp
23
rack
23
simplesamlphp/simplesamlphp
23
puppet
23
grumpydictator/firefly-iii
23
zendframework/zendframework
23
remdex/livehelperchat
23
ckb
22
tribalsystems/zenario
22
getkirby/cms
22
org.bouncycastle:bcprov-jdk14
22
glance
21
org.apache.openmeetings:openmeetings-parent
21
Microsoft.AspNetCore.App.Runtime.win-x64
21
Microsoft.AspNetCore.App.Runtime.win-x86
21
activerecord
21
@openzeppelin/contracts-upgradeable
21
org.apache.nifi:nifi
21
github.com/ethereum/go-ethereum
20
Microsoft.AspNetCore.App.Runtime.win-arm
20
laravel/framework
20
code.gitea.io/gitea
20
org.cloudfoundry.identity:cloudfoundry-identity-server
20
@openzeppelin/contracts
20
langchain
20
funadmin/funadmin
20
org.springframework:spring-core
20
contao/contao
19
github.com/goharbor/harbor
19
DotNetNuke.Core
19
github.com/traefik/traefik/v2
19
org.xwiki.platform:xwiki-platform-web-templates
19
wasmtime
19
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
18
next
18
com.liferay.portal:release.dxp.bom
18
cockpit-hq/cockpit
18
Microsoft.AspNetCore.App.Runtime.linux-arm64
18
Microsoft.AspNetCore.App.Runtime.win-arm64
18
cobbler
18
Microsoft.AspNetCore.App.Runtime.linux-x64
18
topthink/framework
18
com.vaadin:vaadin-bom
18
Microsoft.AspNetCore.App.Runtime.osx-x64
18
mindsdb
18
forkcms/forkcms
18
Microsoft.AspNetCore.App.Runtime.linux-arm
18
golang.org/x/net
18
mercurial
18
helm.sh/helm/v3
17
genix/cms
17
neutron
17
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
17
org.apache.geode:geode-core
17
cakephp/cakephp
17
opencart/opencart
17
notebook
17
symfony/security
17
ezsystems/ezpublish-kernel
17
francoisjacquet/rosariosis
17
sequelize
16
ethyca-fides
16
cryptography
16
org.bouncycastle:bcprov-jdk15
16
github.com/zitadel/zitadel
16
org.apache.dubbo:dubbo
16
openmage/magento-lts
16
paddlepaddle
16
org.apache.jspwiki:jspwiki-main
16
rusqlite
16
org.apache.activemq:activemq-client
16
tinymce
16
yetiforce/yetiforce-crm
16
PaddlePaddle
16
typo3/cms-backend
16
phpbb/phpbb
16
pyload-ng
16
surrealdb
15
OctoPrint
15
smarty/smarty
15
ghost
15
symfony/security-http
15
october/system
15
ckeditor4
15
ec-cube/ec-cube
15
org.apache.struts.xwork:xwork-core
15
calibreweb
15
publify_core
14
feehi/cms
14
dompdf/dompdf
14
bolt/bolt
14
camaleon_cms
14
pyftpdlib
14
swagger-ui
14
org.apache.inlong:manager-pojo
14
joplin
14
activesupport
14
org.apache.tomcat:tomcat-coyote
14
modoboa
14
rails-html-sanitizer
14
github.com/containerd/containerd
14
silverstripe/cms
14
Filter by Repository
https://github.com/tensorflow/tensorflow
433
https://github.com/moodle/moodle
218
https://github.com/chakra-core/ChakraCore
214
https://github.com/xwiki/xwiki-platform
183
https://github.com/jenkinsci/jenkins
150
https://github.com/django/django
113
https://github.com/pimcore/pimcore
113
https://github.com/apache/tomcat
101
https://github.com/apache/airflow
100
https://github.com/microweber/microweber
88
https://github.com/keycloak/keycloak
79
https://github.com/TYPO3/typo3
75
https://github.com/FasterXML/jackson-databind
70
https://github.com/thorsten/phpmyfaq
69
https://github.com/librenms/librenms
66
https://github.com/silverstripe/silverstripe-framework
64
https://github.com/usememos/memos
64
https://github.com/symfony/symfony
64
https://github.com/rails/rails
59
https://github.com/ansible/ansible
58
https://github.com/Dolibarr/dolibarr
56
https://github.com/kubernetes/kubernetes
53
https://github.com/python-pillow/Pillow
52
https://github.com/apache/struts
46
https://github.com/spring-projects/spring-framework
46
https://github.com/shopware/platform
43
https://github.com/argoproj/argo-cd
42
https://github.com/ikus060/rdiffweb
42
https://github.com/concretecms/concretecms
41
https://github.com/grafana/grafana
41
https://github.com/vyperlang/vyper
38
https://github.com/phpmyadmin/phpmyadmin
38
https://github.com/star7th/showdoc
38
https://github.com/magento/magento2
38
https://github.com/plone/Products.CMFPlone
37
https://github.com/openstack/nova
37
https://github.com/x-stream/xstream
37
https://github.com/octobercms/october
35
https://github.com/mautic/mautic
35
https://github.com/rancher/rancher
34
https://github.com/craftcms/cms
34
https://github.com/saltstack/salt
34
https://github.com/answerdev/answer
34
https://github.com/apache/activemq
33
https://github.com/dotnet/runtime
33
https://github.com/sparklemotion/nokogiri
32
https://github.com/opencv/opencv
32
https://github.com/go-gitea/gitea
32
https://github.com/matrix-org/synapse
32
https://github.com/parse-community/parse-server
31
https://github.com/PaddlePaddle/Paddle
31
https://github.com/mlflow/mlflow
31
https://github.com/gradio-app/gradio
31
https://github.com/snipe/snipe-it
30
https://github.com/CVEProject/cvelist
28
https://github.com/shopware/shopware
28
https://github.com/openstack/keystone
28
https://github.com/apache/inlong
27
https://github.com/cilium/cilium
26
https://github.com/baserproject/basercms
26
https://github.com/froxlor/froxlor
26
https://github.com/umbraco/Umbraco-CMS
25
https://github.com/github/advisory-database
25
https://github.com/contao/contao
25
https://github.com/directus/directus
25
https://github.com/electron/electron
25
https://github.com/gogs/gogs
24
https://github.com/strapi/strapi
24
https://github.com/getgrav/grav
24
https://github.com/firefly-iii/firefly-iii
23
https://github.com/pmmp/PocketMine-MP
23
https://github.com/eclipse/jetty.project
23
https://github.com/apache/nifi
23
https://github.com/TYPO3/TYPO3.CMS
23
https://github.com/livehelperchat/livehelperchat
23
https://github.com/PrestaShop/PrestaShop
22
https://github.com/netty/netty
22
https://github.com/langchain-ai/langchain
22
https://github.com/nervosnetwork/ckb
22
https://github.com/hashicorp/consul
22
https://github.com/jenkinsci/script-security-plugin
21
https://github.com/apache/cxf
21
https://github.com/jeecgboot/jeecg-boot
20
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/bytecodealliance/wasmtime
20
https://github.com/undertow-io/undertow
20
https://github.com/OpenNMS/opennms
20
https://github.com/simplesamlphp/simplesamlphp
20
https://github.com/moby/moby
20
https://github.com/funadmin/funadmin
20
https://github.com/goharbor/harbor
19
https://github.com/traefik/traefik
19
https://github.com/getkirby/kirby
19
https://github.com/zitadel/zitadel
19
https://github.com/bcgit/bc-java
19
https://github.com/nilsteampassnet/teampass
19
https://github.com/cloudfoundry/uaa
19
https://github.com/intelliants/subrion
18
https://github.com/helm/helm
18
https://github.com/rack/rack
18
https://github.com/nilsteampassnet/TeamPass
18
https://github.com/geoserver/geoserver
18
https://github.com/rubygems/rubygems
18
https://github.com/liufee/cms
17
https://github.com/mindsdb/mindsdb
17
https://github.com/vaadin/platform
17
https://github.com/backstage/backstage
17
https://github.com/opencast/opencast
17
https://github.com/hashicorp/vault
17
https://github.com/yetiforcecompany/yetiforcecrm
16
https://github.com/forkcms/forkcms
16
https://github.com/etcd-io/etcd
16
https://github.com/pyload/pyload
16
https://github.com/mattermost/mattermost
16
https://github.com/sequelize/sequelize
16
https://github.com/ethereum/go-ethereum
16
https://github.com/laravel/framework
16
https://github.com/OpenMage/magento-lts
16
https://github.com/tinymce/tinymce
16
https://github.com/ethyca/fides
16
https://github.com/denoland/deno
16
https://github.com/rusqlite/rusqlite
16
https://github.com/TYPO3-CMS/core
16
https://github.com/pyca/cryptography
15
https://github.com/PHPMailer/PHPMailer
15
https://github.com/centreon/centreon
15
https://github.com/decidim/decidim
15
https://github.com/surrealdb/surrealdb
15
https://github.com/vantage6/vantage6
15
https://github.com/cobbler/cobbler
15
https://github.com/apache/camel
15
https://github.com/dompdf/dompdf
15
https://github.com/puppetlabs/puppet
15
https://github.com/zendframework/zendframework
15
https://github.com/ckeditor/ckeditor4
14
https://github.com/cockpit-hq/cockpit
14
https://github.com/vercel/next.js
14
https://github.com/containerd/containerd
14
https://github.com/xuxueli/xxl-job
14
https://github.com/dotnet/aspnetcore
14
https://github.com/twisted/twisted
14
https://github.com/aio-libs/aiohttp
14
https://github.com/janeczku/calibre-web
14
https://github.com/hashicorp/nomad
14
https://github.com/rails/rails-html-sanitizer
14
https://github.com/dromara/hutool
13
https://github.com/publify/publify
13
https://github.com/OpenRefine/OpenRefine
13
https://github.com/golang/go
13
https://github.com/quarkusio/quarkus
13
https://github.com/TryGhost/Ghost
13
https://github.com/apache/dolphinscheduler
13
https://github.com/ming-soft/MCMS
13
https://github.com/modoboa/modoboa
13
https://github.com/laurent22/joplin
13
https://github.com/swagger-api/swagger-ui
13
https://github.com/OPCFoundation/UA-.NETStandard
13
https://github.com/nodejs/undici
13
https://github.com/openfga/openfga
12
https://github.com/centreon/centreon-archived
12
https://github.com/openstack/glance
12
https://github.com/pimcore/admin-ui-classic-bundle
12
https://github.com/puma/puma
12
https://github.com/smarty-php/smarty
12
https://github.com/1Panel-dev/1Panel
12
https://github.com/containers/podman
12
https://github.com/opencontainers/runc
12
https://github.com/PHPOffice/PhpSpreadsheet
12
https://github.com/apache/kylin
12
https://github.com/patriksimek/vm2
12
https://github.com/urllib3/urllib3
12
https://github.com/wagtail/wagtail
12
https://github.com/igniterealtime/Openfire
11
https://github.com/Pylons/waitress
11
https://github.com/pomerium/pomerium
11
https://github.com/ezsystems/ezpublish-kernel
11
https://github.com/getsentry/sentry
11
https://github.com/Studio-42/elFinder
11
https://github.com/cri-o/cri-o
11
https://github.com/drupal/core
11
https://github.com/spring-projects/spring-security
11
https://github.com/scrapy/scrapy
11
https://github.com/nats-io/nats-server
11
https://github.com/thorsten/phpMyFAQ
11
https://github.com/top-think/framework
11
https://github.com/yiisoft/yii2
11
https://github.com/dpgaspar/Flask-AppBuilder
11
https://github.com/onionshare/onionshare
11
https://github.com/zenml-io/zenml
11
https://github.com/matrix-org/matrix-js-sdk
11
https://github.com/cloudflare/cfrpki
11
https://github.com/Sylius/Sylius
11
https://github.com/dolibarr/dolibarr
11
https://github.com/owen2345/camaleon-cms
11
https://github.com/NodeBB/NodeBB
11
https://github.com/WWBN/AVideo
11
https://github.com/cakephp/cakephp
11
https://github.com/vaadin/flow
11
https://github.com/jenkinsci/git-plugin
10