Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories

Browse all Security Advisories for

Loading...
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03MzQtcjRnNi0zNGY5
NoSQL Injection in loopback-connector-mongodb
Ecosystems: npm
Packages: loopback-connector-mongodb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhtN2YteDR3eC13bWd2
Out-of-bounds Read in byte
Ecosystems: npm
Packages: byte
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW04ZnctNTM0di14bTg1
Cross-Site Scripting (XSS) in cloudcmd
Ecosystems: npm
Packages: cloudcmd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnY3ItN3dtNC1tY3Y2
Sensitive Data Exposure in pem
Ecosystems: npm
Packages: pem
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNwOTItODg2Zy1xeHBx
Remote Memory Exposure in floody
Ecosystems: npm
Packages: floody
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhnZ3gtZng2dy12N2No
Improper Neutralization of Wildcards or Matching Symbols
Ecosystems: maven
Packages: org.springframework.data:spring-data-jpa
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmYzUtOXg5bS12cWM0
Privilege Escalation in express-cart
Ecosystems: npm
Packages: express-cart
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmZjQtcnJxNi1oNzh3
Command Injection in command-exists
Ecosystems: npm
Packages: command-exists
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5eDItNXJtNy14NGdt
Insecure Comparison in secure-compare
Ecosystems: npm
Packages: secure-compare
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdydzktbTc3OC1nNm1j
Memory Exposure in bl
Ecosystems: npm
Packages: bl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY3cjMtcDg2Ni1xOXFy
ircdkit vulnerable to Denial of Service due to unhandled connection end event
Ecosystems: npm
Packages: ircdkit
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc3NHItZmZ2ci01cTlm
Memory Exposure in concat-stream
Ecosystems: npm
Packages: concat-stream
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjN3Ytd3hjdy1qNDcy
Memory Exposure in tunnel-agent
Ecosystems: npm
Packages: tunnel-agent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh4cXItNGNwbS13eDdn
Cross-Site Scripting in react-svg
Ecosystems: npm
Packages: react-svg
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo0bXItOXh3My1jOWp4
Out-of-bounds Read in base64-url
Ecosystems: npm
Packages: base64-url
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdqZmgtMnhjOS1jY3Y3
Cross-Site Scripting in public
Ecosystems: npm
Packages: public
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZtaHctZmhqNi1tM2c1
Path Traversal in angular-http-server
Ecosystems: npm
Packages: angular-http-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhybXAtOTl3ai1wNmpj
Prototype Pollution in deap
Ecosystems: npm
Packages: deap
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhtMjgtZncyeC1mcXYy
Denial of Service in foreman
Ecosystems: npm
Packages: foreman
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM3cHctcXc0Ny00anht
Privilege escalation vulnerability in Apache Hadoop
Ecosystems: maven
Packages: org.apache.hadoop:hadoop-main
Source: GitHub Advisory Database
Blast Radius: 7.9
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpqNmctN2o4cC03Z2Yy
Cross-Site Scripting in bracket-template
Ecosystems: npm
Packages: bracket-template
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo1OWYtNm00cS02Mmg2
Improper Key Verification in ipns
Ecosystems: npm
Packages: ipns
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: over 5 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3djctcWhmdi1ycXE4
Insecure Credential Storage in web3
Ecosystems: npm
Packages: web3
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3bWctaDVyMy1odzg4
Cross-Site Scripting in bootbox
Ecosystems: npm
Packages: bootbox
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmN3ctcjQ1My1tNTZj
Arbitrary File Overwrite in fstream
Ecosystems: npm
Packages: fstream
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZxaDUtd3gzOC1xOTJn
Directory Traversal in ltt.js
Ecosystems: npm
Packages: ltt.js
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpqcHEtZ3A1cS04cTZ3
Cross-site scripting in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJod3AtZzRnNy1td3dq
Reflected Cross-Site Scripting in jquery.terminal
Ecosystems: npm
Packages: jquery.terminal
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA3MnAtcmpyMi1yNDM5
Server-Side Request Forgery in terriajs-server
Ecosystems: npm
Packages: terriajs-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFyMzItajRqNi0zbTdy
Command Injection in fs-git
Ecosystems: npm
Packages: fs-git
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4djMtaDc2Mi1jY3h2
Out-of-bounds Read in concat-with-sourcemaps
Ecosystems: npm
Packages: concat-with-sourcemaps
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd3NHgtcndxNi1xcGdm
OmniAuth Ruby gem Cross-site Request Forgery in request phase
Ecosystems: rubygems
Packages: omniauth
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJodzItNjJjcC1wOXA3
Access control bypass in Apache ZooKeeper
Ecosystems: maven
Packages: org.apache.zookeeper:zookeeper
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc4NnAtaGd4NS0ycGZo
Improper Authentication in Buildbot
Ecosystems: pypi
Packages: buildbot
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdoNGctM2dtOS01d3Jx
Cross-Site Scripting in shave
Ecosystems: npm
Packages: shave
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg4OTYtbXg5eC1nMzJn
XML External Entity injection in Apache Camel
Ecosystems: maven
Packages: org.apache.camel:camel-xmljson, org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzZ2otMzY4aC05MnBx
Path Traversal in DKPro Core
Ecosystems: maven
Packages: de.tudarmstadt.ukp.dkpro.core:de.tudarmstadt.ukp.dkpro.core.api.datasets-asl
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1NTQteDIyMi13Z2Y3
Command Injection in Xstream
Ecosystems: maven
Packages: com.thoughtworks.xstream:xstream
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM2bTQtNnY2bS00dnBy
Cross-site Scripting in remarkable
Ecosystems: npm
Packages: remarkable
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQyeHctMnh2Yy1xeDht
Denial of Service in axios
Ecosystems: npm
Packages: axios
Source: GitHub Advisory Database
Blast Radius: 42.4
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc4ajUtZ2NtZi12cWM4
Cross-Site Scripting (XSS) in Verdaccio
Ecosystems: npm
Packages: verdaccio
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3dzktajgzbS1xN3F4
Information exposure in FasterXML jackson-databind
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 40.4
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZxcWYtdnZjci03cXJ2
Cryptographically Weak PRNG in generate-password
Ecosystems: npm
Packages: generate-password
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmN20tbW1wYy1xaGg0
mysql Node.JS Module Vulnerable to Remote Memory Exposure
Ecosystems: npm
Packages: mysql
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBncjgtamc2aC04Z3c2
Cross-Site Scripting in webpack-bundle-analyzer
Ecosystems: npm
Packages: webpack-bundle-analyzer
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR4NDktdzYydi03NnE3
Path Traversal in Spring Cloud Config
Ecosystems: maven
Packages: org.springframework.cloud:spring-cloud-config-server
Source: GitHub Advisory Database
Blast Radius: 27.2
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd2NjctOWpxNy04cjY5
Improper Input Validation and Buffer Over-read in mqtt-packet
Ecosystems: npm
Packages: mqtt-packet
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpnbXItd3J3eC1tZ2Zq
Exposure of Sensitive Information to an Unauthorized Actor and SQL Injection in Spring Data JPA
Ecosystems: maven
Packages: org.springframework.data:spring-data-jpa
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5Z2otcnFydy14NGZx
Server Side Request Forgery in Apache Axis
Ecosystems: maven
Packages: axis:axis, org.apache.axis:axis
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 5 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0bWctdmdycC1td3g5
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Ratpack
Ecosystems: maven
Packages: io.ratpack:ratpack-groovy, io.ratpack:ratpack-java, io.ratpack:ratpack-session
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2NjcteDhxNS0zeDNn
Cross-Site Scripting in simditor
Ecosystems: npm
Packages: simditor
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJqeDktMjkzNi05ZmZ4
Improper Input Validation in Apache Sanselan
Ecosystems: maven
Packages: org.apache.sanselan:sanselan
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5OW0tM200Ni00Z205
Infinite Loop in Apache Sanselan
Ecosystems: maven
Packages: org.apache.sanselan:sanselan
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZtNTktMzI5cS1wNDY4
Cross-site Scripting in Apache UIMA
Ecosystems: maven
Packages: org.apache.uima:uima-ducc-web
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNxY2YtNGc0aC1yZ2hm
Cross-site scripting in Apache Archiva
Ecosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp4Z20tOWY1OC13NHhw
Improper Input Validation in Apache Archiva
Ecosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3anEtNjlyYy04d2Nw
Path Traversal in Apache Camel
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 29.5
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo0NG0tcW02cC1ocDdt
Arbitrary File Overwrite in tar
Ecosystems: npm
Packages: tar
Source: GitHub Advisory Database
Blast Radius: 48.8
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgybWMtOGZnai0zd21y
Improper Input Validation in tar-fs
Ecosystems: npm
Packages: tar-fs
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcyZnYtcWdqNi0ydzJw
Cross-site Scripting in NodeBB
Ecosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF4MnYtajQ0NS1nMzU0
Improper Input Validation in Google TensorFlow
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0OTItZjdnci0yN3Jw
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdjNTIteGo2cC05cHhw
Exposure of Sensitive Information to an Unauthorized Actor in Keycloak
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1mZzcteDVtNy02cDh3
NULL Pointer Dereference in Google TensorFlow
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW13NnYtY3JoOC04NTMz
Integer Overflow or Wraparound in Google TensorFlow
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 47.7
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZjM2otYzY0bS1xaGdx
XSS in jQuery as used in Drupal, Backdrop CMS, and other products
Ecosystems: packagist, maven, nuget, npm, pypi, rubygems
Packages: maximebf/debugbar, org.webjars.npm:jquery, jQuery, jquery, django, jquery-rails
Source: GitHub Advisory Database
Blast Radius: 163.1
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyeHgtMm0zMy02d2Ny
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 42.8
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpmcTItcmo3Zi05Z3Zm
Null pointer dereference in TensorFlow leads to exploitation
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIydjUtNXZjci1oM3Zx
Cross-site Scripting in Apache Zeppelin
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1MzgtOTI0Zy05OXE0
Session Fixation in Apache Zeppelin
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl4MmgtaHZnNi00cjVw
Improper Authentication in Apache Zeppelin
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIyOG0tZzZqOS1yMmg1
Information Exposure vulnerability in Eclipse Jetty
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjNjctaGp4Ni1jZ2c2
Installation information leak in Eclipse Jetty
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd2eDkteGpoci1ydzZo
Cross-site Scripting in Eclipse Jetty
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc0eHctODJ2Ny1obXJt
Improper Input Validation in python-dbusmock
Ecosystems: pypi
Packages: python-dbusmock
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg0cDItdmY1OC14aHh2
Billion laughs attack in c3p0
Ecosystems: maven
Packages: com.mchange:c3p0
Source: GitHub Advisory Database
Blast Radius: 31.8
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJjajItdnZqeC04N3Bt
Missing Encryption of Sensitive Data in arrow-kt Arrow
Ecosystems: maven
Packages: io.arrow-kt:arrow-ank-gradle
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1oMzMtN3JycS02NjJ3
Improper Certificate Validation in urllib3
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 42.2
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwdngtZ3BxbS1nOThq
Critical severity vulnerability that affects Auth0-WCF-Service-JWT
Ecosystems: nuget
Packages: Auth0-WCF-Service-JWT
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ2eDMtZzYyNy1waG0y
Server-Side Request Forgery (SSRF) in com.ctrip.framework.apollo:apollo
Ecosystems: maven
Packages: com.ctrip.framework.apollo:apollo
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc2ajQtM2doMi05ZjVq
Apache Airflow vulnerable to CSRF Attacks
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2bXgtcW1jaC1tcHFn
Apache Tomcat OS Command Injection vulnerability
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 33.6
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg4N3ctNDVycS12eGdm
SQLAlchemy vulnerable to SQL Injection via order_by parameter
Ecosystems: pypi
Packages: SQLAlchemy
Source: GitHub Advisory Database
Blast Radius: 46.3
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM4ZmMtOXhxdi03Zjdx
SQLAlchemy is vulnerable to SQL Injection via group_by parameter
Ecosystems: pypi
Packages: SQLAlchemy
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYycjItN3FtNy1qajZ2
Spring Security uses insufficiently random values
Ecosystems: maven
Packages: org.springframework.security:spring-security-core
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp3cW0tYzlmMi0yY3Ez
Cleartext Transmission of Sensitive Information, Inclusion of Functionality from Untrusted Control Sphere , and Download of Code Without Integrity Check in Eclipse hawkBit
Ecosystems: maven
Packages: org.eclipse.hawkbit:hawkbit-boot-starter-ddi-api, org.eclipse.hawkbit:hawkbit-boot-starter-dmf-api, org.eclipse.hawkbit:hawkbit-boot-starter-mgmt-api, org.eclipse.hawkbit:hawkbit-boot-starter-mgmt-ui, org.eclipse.hawkbit:hawkbit-update-server, org.eclipse.hawkbit:hawkbit-boot-starter, org.eclipse.hawkbit:hawkbit-starters, org.eclipse.hawkbit:hawkbit-parent, org.eclipse.hawkbit:hawkbit-ui, org.eclipse.hawkbit:hawkbit-autoconfigure
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 5 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc0dnEtaDRxOC14Nmp2
Ansible Path Traversal vulnerability
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThwN3YtMmp2ai12NTRy
Apache Airflow vulnerable to Stored XSS
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI3NzctMnZxOC1jNHY0
SQL Injection in sequelize
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY2ZjItcHdyai02NGgz
Tryton Improper Access Control
Ecosystems: pypi
Packages: trytond
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ2Mnctdjk3ci00bTQ1
Jinja2 sandbox escape via string formatting
Ecosystems: pypi
Packages: Jinja2
Source: GitHub Advisory Database
Blast Radius: 44.1
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhqMmotNzd4bS1tYzV2
Jinja2 sandbox escape vulnerability
Ecosystems: pypi
Packages: Jinja2
Source: GitHub Advisory Database
Blast Radius: 44.1
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFqM2YtOWdtcS1md3Y1
Cross-Site Scripting in simple-markdown
Ecosystems: npm
Packages: simple-markdown
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJjeDItbTdqcC1wOXdq
Jupyter Notebook open redirect vulnerability
Ecosystems: pypi
Packages: notebook
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkyNnEtd3hyNi0zY3Jx
Moderate severity vulnerability that affects roundup
Ecosystems: pypi
Packages: roundup
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk4ZjctcDVyYy1qeDY3
Materialize-css vulnerable to Cross-site Scripting in tooltip component
Ecosystems: npm
Packages: @materializecss/materialize, materialize-css
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3NTItZjRnZi05NGdj
Materialize-css vulnerable to Cross-site Scripting in autocomplete component
Ecosystems: npm
Packages: @materializecss/materialize, materialize-css
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJnM3EtanhtcC1wdmpq
Materialize-css vulnerable to Improper Neutralization of Input During Web Page Generation
Ecosystems: npm
Packages: @materializecss/materialize, materialize-css
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZqZjUtcm1odi0zOGN3
High severity vulnerability that affects Microsoft.ChakraCore
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqcGotZjZyOC01NnJt
High severity vulnerability that affects Microsoft.ChakraCore
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Statistics
Advisories: 20,795
Packages: 9,103
Repositories: 5,559
Ecosystems: 12
Filter by Severity
Moderate 8,881 High 7,321 Critical 3,078 Low 1,157
Filter by Ecosystem
maven 5,892 packagist 4,649 pypi 4,409 npm 3,830 go 2,315 nuget 1,553 cargo 891 rubygems 885 swift 33 hex 32 actions 21 pub 9
Filter by Package
tensorflow 433 tensorflow-gpu 427 tensorflow-cpu 423 moodle/moodle 367 Microsoft.ChakraCore 247 magento/community-edition 235 org.jenkins-ci.main:jenkins-core 193 typo3/cms 174 org.apache.tomcat:tomcat 132 pimcore/pimcore 118 dolibarr/dolibarr 113 typo3/cms-core 106 Django 100 microweber/microweber 94 drupal/core 92 phpmyadmin/phpmyadmin 92 apache-airflow 85 silverstripe/framework 85 drupal/drupal 78 librenms/librenms 74 Plone 72 thorsten/phpmyfaq 70 symfony/symfony 69 com.fasterxml.jackson.core:jackson-databind 69 github.com/usememos/memos 64 ansible 63 github.com/mattermost/mattermost/server/v8 61 actionpack 60 concrete5/concrete5 60 salt 56 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 52 shopware/platform 52 apache-superset 51 github.com/grafana/grafana 49 nova 47 mlflow 47 baserproject/basercms 47 craftcms/cms 46 com.liferay.portal:release.portal.bom 46 django 44 nokogiri 43 rdiffweb 42 matrix-synapse 41 plone 41 shopware/core 40 showdoc/showdoc 40 intelliants/subrion 39 froxlor/froxlor 38 github.com/rancher/rancher 38 vyper 38 org.apache.tomcat.embed:tomcat-embed-core 38 github.com/mattermost/mattermost-server/v6 37 org.xwiki.platform:xwiki-platform-oldcore 37 github.com/hashicorp/vault 37 com.thoughtworks.xstream:xstream 37 mautic/core 37 org.keycloak:keycloak-services 37 nilsteampassnet/teampass 37 org.elasticsearch:elasticsearch 36 com.jfinal:jfinal 36 k8s.io/kubernetes 36 net.mingsoft:ms-mcms 35 snipe/snipe-it 35 moin 35 gradio 34 zendframework/zendframework1 34 io.undertow:undertow-core 34 github.com/answerdev/answer 34 org.jenkins-ci.plugins:script-security 33 keystone 32 opencv-contrib-python 31 github.com/argoproj/argo-cd 31 parse-server 31 Pillow 31 opencv-python 31 shopware/shopware 30 github.com/hashicorp/consul 29 github.com/docker/docker 29 getgrav/grav 29 github.com/hashicorp/nomad 28 mediawiki/core 28 github.com/argoproj/argo-cd/v2 27 centreon/centreon 27 pillow 26 github.com/cilium/cilium 26 electron 26 openssl-src 26 prestashop/prestashop 26 directus 26 org.apache.solr:solr-core 25 rubygems-update 25 gogs.io/gogs 25 org.keycloak:keycloak-parent 25 magento/core 24 simplesamlphp/simplesamlphp 24 contao/core-bundle 24 org.springframework.security:spring-security-core 24 org.eclipse.jetty:jetty-server 24 remdex/livehelperchat 23 zendframework/zendframework 23 pocketmine/pocketmine-mp 23 puppet 23 rack 23 grumpydictator/firefly-iii 23 tribalsystems/zenario 22 org.bouncycastle:bcprov-jdk14 22 getkirby/cms 22 ckb 22 activerecord 21 glance 21 org.apache.openmeetings:openmeetings-parent 21 @openzeppelin/contracts-upgradeable 21 Microsoft.AspNetCore.App.Runtime.win-x86 21 Microsoft.AspNetCore.App.Runtime.win-x64 21 org.apache.nifi:nifi 21 org.springframework:spring-core 20 langchain 20 code.gitea.io/gitea 20 laravel/framework 20 github.com/ethereum/go-ethereum 20 @openzeppelin/contracts 20 funadmin/funadmin 20 Microsoft.AspNetCore.App.Runtime.win-arm 20 org.cloudfoundry.identity:cloudfoundry-identity-server 20 github.com/goharbor/harbor 19 contao/contao 19 wasmtime 19 github.com/traefik/traefik/v2 19 DotNetNuke.Core 19 org.xwiki.platform:xwiki-platform-web-templates 19 forkcms/forkcms 18 golang.org/x/net 18 com.liferay.portal:release.dxp.bom 18 cobbler 18 com.vaadin:vaadin-bom 18 mindsdb 18 Microsoft.AspNetCore.App.Runtime.win-arm64 18 mercurial 18 cockpit-hq/cockpit 18 Microsoft.AspNetCore.App.Runtime.osx-x64 18 Microsoft.AspNetCore.App.Runtime.linux-x64 18 topthink/framework 18 next 18 Microsoft.AspNetCore.App.Runtime.linux-arm 18 Microsoft.AspNetCore.App.Runtime.linux-arm64 18 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 18 opencart/opencart 17 genix/cms 17 francoisjacquet/rosariosis 17 symfony/security 17 helm.sh/helm/v3 17 neutron 17 cakephp/cakephp 17 ezsystems/ezpublish-kernel 17 org.apache.geode:geode-core 17 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 17 notebook 17 cryptography 16 org.bouncycastle:bcprov-jdk15 16 paddlepaddle 16 openmage/magento-lts 16 yetiforce/yetiforce-crm 16 github.com/zitadel/zitadel 16 ethyca-fides 16 sequelize 16 org.apache.activemq:activemq-client 16 org.apache.dubbo:dubbo 16 org.apache.jspwiki:jspwiki-main 16 tinymce 16 phpbb/phpbb 16 typo3/cms-backend 16 rusqlite 16 PaddlePaddle 16 pyload-ng 16 org.apache.struts.xwork:xwork-core 15 surrealdb 15 ec-cube/ec-cube 15 ckeditor4 15 smarty/smarty 15 calibreweb 15 october/system 15 OctoPrint 15 symfony/security-http 15 ghost 15 bolt/bolt 14 github.com/containerd/containerd 14 org.apache.tomcat:tomcat-coyote 14 phpmailer/phpmailer 14 modoboa 14 aiohttp 14 github.com/nats-io/nats-server/v2 14 org.apache.inlong:manager-pojo 14 feehi/cms 14 camaleon_cms 14 publify_core 14 org.xwiki.platform:xwiki-platform-web 14 dompdf/dompdf 14 activesupport 14 lollms 14
Filter by Repository
https://github.com/tensorflow/tensorflow 433 https://github.com/moodle/moodle 218 https://github.com/chakra-core/ChakraCore 214 https://github.com/xwiki/xwiki-platform 183 https://github.com/jenkinsci/jenkins 150 https://github.com/django/django 113 https://github.com/pimcore/pimcore 113 https://github.com/apache/tomcat 101 https://github.com/apache/airflow 100 https://github.com/microweber/microweber 88 https://github.com/keycloak/keycloak 79 https://github.com/TYPO3/typo3 75 https://github.com/FasterXML/jackson-databind 70 https://github.com/thorsten/phpmyfaq 69 https://github.com/librenms/librenms 66 https://github.com/silverstripe/silverstripe-framework 64 https://github.com/usememos/memos 64 https://github.com/symfony/symfony 64 https://github.com/rails/rails 59 https://github.com/ansible/ansible 58 https://github.com/Dolibarr/dolibarr 56 https://github.com/kubernetes/kubernetes 53 https://github.com/python-pillow/Pillow 52 https://github.com/apache/struts 46 https://github.com/spring-projects/spring-framework 46 https://github.com/shopware/platform 43 https://github.com/argoproj/argo-cd 42 https://github.com/ikus060/rdiffweb 42 https://github.com/concretecms/concretecms 41 https://github.com/grafana/grafana 41 https://github.com/magento/magento2 38 https://github.com/vyperlang/vyper 38 https://github.com/phpmyadmin/phpmyadmin 38 https://github.com/star7th/showdoc 38 https://github.com/plone/Products.CMFPlone 37 https://github.com/x-stream/xstream 37 https://github.com/openstack/nova 37 https://github.com/octobercms/october 35 https://github.com/mautic/mautic 35 https://github.com/rancher/rancher 34 https://github.com/craftcms/cms 34 https://github.com/saltstack/salt 34 https://github.com/answerdev/answer 34 https://github.com/apache/activemq 33 https://github.com/dotnet/runtime 33 https://github.com/sparklemotion/nokogiri 32 https://github.com/opencv/opencv 32 https://github.com/go-gitea/gitea 32 https://github.com/matrix-org/synapse 32 https://github.com/parse-community/parse-server 31 https://github.com/PaddlePaddle/Paddle 31 https://github.com/gradio-app/gradio 31 https://github.com/mlflow/mlflow 31 https://github.com/snipe/snipe-it 30 https://github.com/CVEProject/cvelist 28 https://github.com/shopware/shopware 28 https://github.com/openstack/keystone 28 https://github.com/apache/inlong 27 https://github.com/cilium/cilium 26 https://github.com/baserproject/basercms 26 https://github.com/froxlor/froxlor 26 https://github.com/umbraco/Umbraco-CMS 25 https://github.com/github/advisory-database 25 https://github.com/contao/contao 25 https://github.com/directus/directus 25 https://github.com/electron/electron 25 https://github.com/getgrav/grav 24 https://github.com/gogs/gogs 24 https://github.com/strapi/strapi 24 https://github.com/livehelperchat/livehelperchat 23 https://github.com/pmmp/PocketMine-MP 23 https://github.com/apache/nifi 23 https://github.com/TYPO3/TYPO3.CMS 23 https://github.com/eclipse/jetty.project 23 https://github.com/firefly-iii/firefly-iii 23 https://github.com/hashicorp/consul 22 https://github.com/nervosnetwork/ckb 22 https://github.com/netty/netty 22 https://github.com/PrestaShop/PrestaShop 22 https://github.com/langchain-ai/langchain 22 https://github.com/jenkinsci/script-security-plugin 21 https://github.com/simplesamlphp/simplesamlphp 21 https://github.com/apache/cxf 21 https://github.com/undertow-io/undertow 20 https://github.com/funadmin/funadmin 20 https://github.com/OpenZeppelin/openzeppelin-contracts 20 https://github.com/bytecodealliance/wasmtime 20 https://github.com/OpenNMS/opennms 20 https://github.com/jeecgboot/jeecg-boot 20 https://github.com/traefik/traefik 19 https://github.com/bcgit/bc-java 19 https://github.com/nilsteampassnet/teampass 19 https://github.com/moby/moby 19 https://github.com/cloudfoundry/uaa 19 https://github.com/getkirby/kirby 19 https://github.com/zitadel/zitadel 19 https://github.com/goharbor/harbor 19 https://github.com/rack/rack 18 https://github.com/nilsteampassnet/TeamPass 18 https://github.com/rubygems/rubygems 18 https://github.com/intelliants/subrion 18 https://github.com/geoserver/geoserver 18 https://github.com/helm/helm 18 https://github.com/backstage/backstage 17 https://github.com/opencast/opencast 17 https://github.com/vaadin/platform 17 https://github.com/mindsdb/mindsdb 17 https://github.com/hashicorp/vault 17 https://github.com/liufee/cms 17 https://github.com/ethereum/go-ethereum 16 https://github.com/laravel/framework 16 https://github.com/rusqlite/rusqlite 16 https://github.com/sequelize/sequelize 16 https://github.com/OpenMage/magento-lts 16 https://github.com/mattermost/mattermost 16 https://github.com/pyload/pyload 16 https://github.com/TYPO3-CMS/core 16 https://github.com/tinymce/tinymce 16 https://github.com/etcd-io/etcd 16 https://github.com/forkcms/forkcms 16 https://github.com/denoland/deno 16 https://github.com/yetiforcecompany/yetiforcecrm 16 https://github.com/ethyca/fides 16 https://github.com/surrealdb/surrealdb 15 https://github.com/cobbler/cobbler 15 https://github.com/centreon/centreon 15 https://github.com/decidim/decidim 15 https://github.com/dompdf/dompdf 15 https://github.com/pyca/cryptography 15 https://github.com/vantage6/vantage6 15 https://github.com/zendframework/zendframework 15 https://github.com/PHPMailer/PHPMailer 15 https://github.com/apache/camel 15 https://github.com/puppetlabs/puppet 15 https://github.com/xuxueli/xxl-job 14 https://github.com/containerd/containerd 14 https://github.com/cockpit-hq/cockpit 14 https://github.com/ckeditor/ckeditor4 14 https://github.com/vercel/next.js 14 https://github.com/twisted/twisted 14 https://github.com/janeczku/calibre-web 14 https://github.com/dotnet/aspnetcore 14 https://github.com/aio-libs/aiohttp 14 https://github.com/rails/rails-html-sanitizer 14 https://github.com/hashicorp/nomad 14 https://github.com/publify/publify 13 https://github.com/dromara/hutool 13 https://github.com/apache/dolphinscheduler 13 https://github.com/golang/go 13 https://github.com/quarkusio/quarkus 13 https://github.com/TryGhost/Ghost 13 https://github.com/OpenRefine/OpenRefine 13 https://github.com/ming-soft/MCMS 13 https://github.com/laurent22/joplin 13 https://github.com/modoboa/modoboa 13 https://github.com/swagger-api/swagger-ui 13 https://github.com/OPCFoundation/UA-.NETStandard 13 https://github.com/nodejs/undici 13 https://github.com/openfga/openfga 12 https://github.com/centreon/centreon-archived 12 https://github.com/openstack/glance 12 https://github.com/pimcore/admin-ui-classic-bundle 12 https://github.com/puma/puma 12 https://github.com/smarty-php/smarty 12 https://github.com/1Panel-dev/1Panel 12 https://github.com/containers/podman 12 https://github.com/opencontainers/runc 12 https://github.com/PHPOffice/PhpSpreadsheet 12 https://github.com/apache/kylin 12 https://github.com/patriksimek/vm2 12 https://github.com/urllib3/urllib3 12 https://github.com/wagtail/wagtail 12 https://github.com/igniterealtime/Openfire 11 https://github.com/Pylons/waitress 11 https://github.com/pomerium/pomerium 11 https://github.com/ezsystems/ezpublish-kernel 11 https://github.com/getsentry/sentry 11 https://github.com/Studio-42/elFinder 11 https://github.com/cri-o/cri-o 11 https://github.com/drupal/core 11 https://github.com/spring-projects/spring-security 11 https://github.com/scrapy/scrapy 11 https://github.com/nats-io/nats-server 11 https://github.com/thorsten/phpMyFAQ 11 https://github.com/top-think/framework 11 https://github.com/yiisoft/yii2 11 https://github.com/dpgaspar/Flask-AppBuilder 11 https://github.com/onionshare/onionshare 11 https://github.com/zenml-io/zenml 11 https://github.com/matrix-org/matrix-js-sdk 11 https://github.com/cloudflare/cfrpki 11 https://github.com/Sylius/Sylius 11 https://github.com/dolibarr/dolibarr 11 https://github.com/owen2345/camaleon-cms 11 https://github.com/NodeBB/NodeBB 11 https://github.com/cakephp/cakephp 11 https://github.com/WWBN/AVideo 11 https://github.com/vaadin/flow 11 https://github.com/jenkinsci/git-plugin 10