Browse Security Advisories
Security Advisories for https://github.com/liferay/liferay-portal Clear Filters
Moderate
about 1 month ago
Liferay Portal and DXP do not check permissions of images in a blog entry
maven
com.liferay:com.liferay.blogs.item.selector.web
Moderate
about 1 month ago
Liferay Portal and DXP use an incorrect cache-control header
maven
com.liferay.portal:com.liferay.portal.impl, com.liferay:com.liferay.adaptive.media.web
Moderate
about 1 month ago
Liferay Portal vulnerable to password enumeration
maven
com.liferay.portal:release.portal.bom
High
about 1 month ago
Liferay Portal Vulnerable to DoS via Crafted Headless API Request
maven
com.liferay.portal:release.portal.bom
Moderate
about 1 month ago
Liferay Portal Stores Password Reset Tokens in Plain Text
maven
com.liferay.portal:com.liferay.portal.impl, com.liferay.portal:release.portal.bom
Moderate
about 1 month ago
Liferay Portal Vulnerable to Information Exposure Through a Log File Vulnerability in LDAP Import Feature
maven
com.liferay:com.liferay.portal.security.ldap.impl
Moderate
about 1 month ago
Liferay Portal Vulnerable to Open Redirect via the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_redirect parameter
maven
com.liferay:com.liferay.layout.admin.web
Moderate
about 1 month ago
Liferay Portal Vulnerable to Cross-Site Scripting
maven
com.liferay:com.liferay.account.admin.web
Moderate
about 1 month ago
Liferay Portal ComboServlet denial of service via large file combination
maven
com.liferay.portal:com.liferay.portal.impl
Low
about 1 month ago
Liferay Portal Self Cross-site scripting (XSS) vulnerability on the edit Knowledge Base article page
maven
com.liferay:com.liferay.knowledge.base.web
Moderate
about 1 month ago
Liferay Portal and DXP do not properly restrict access to OpenAPI
maven
com.liferay:com.liferay.portal.security.auth.verifier
Low
about 1 month ago
Liferay Portal and DXP are Missing Authorization in Collection Provider
maven
com.liferay:com.liferay.search.experiences.service
Moderate
about 1 month ago
Liferay Portal and Liferay DXP vulnerable to reflected cross-site scripting (XSS)
maven
com.liferay:com.liferay.dynamic.data.mapping.web
Moderate
about 1 month ago
Liferay Portal reflected cross-site scripting (XSS) vulnerability in the google_gaget
maven
com.liferay.portal:com.liferay.portal.impl
Moderate
about 2 months ago
Liferay has Incorrect Permission Assignment for Critical Resource
maven
com.liferay:com.liferay.site.navigation.menu.item.asset.vocabulary
Moderate
about 2 months ago
Liferay Commerce Order Content Web is Vulnerable to Authorization Bypass Through User-Controlled Key
maven
com.liferay.commerce:com.liferay.commerce.order.content.web
Moderate
about 2 months ago
Liferay is Vulnerable to Authorization Bypass Through User-Controlled Key
maven
com.liferay.portal:com.liferay.portal.impl
Moderate
about 2 months ago
Liferay Account Admin Web vulnerable to Authorization Bypass Through User-Controlled Key
maven
com.liferay:com.liferay.change.tracking.web
Moderate
about 2 months ago
Liferay Mentions Web is Vulnerable to Cross-site Scripting
maven
com.liferay:com.liferay.mentions.web
Moderate
about 2 months ago
Liferay Publications is vulnerable to Incorrect Authorization
maven
com.liferay:com.liferay.change.tracking.web
Moderate
about 2 months ago
Liferay Publications vulnerable to Authorization Bypass Through User-Controlled Key
maven
com.liferay:com.liferay.change.tracking.web
Moderate
about 2 months ago
Liferay Portal is vulnerable to CSRF through publication comments
maven
com.liferay:com.liferay.change.tracking.web
Moderate
about 2 months ago
Liferay Portal is vulnerable to XSS through its workflow process builder
maven
com.liferay:com.liferay.portal.workflow.kaleo.designer.web
Moderate
about 2 months ago
Liferay Portal Commerce is vulnerable to XSS through account "name" field
maven
com.liferay.commerce:com.liferay.commerce.order.web
Moderate
about 2 months ago
Liferay Portal's Membership page is vulnerable to XSS through “name“ text field
maven
com.liferay:com.liferay.account.admin.web
Moderate
about 2 months ago
Liferay Portal is vulnerable to XSS through its Calendar Events parameters
maven
com.liferay:com.liferay.calendar.web
Moderate
about 2 months ago
Liferay Portal Notifications Widget has multiple XSS vulnerabilities through various text fields
maven
com.liferay:com.liferay.flags.web
Moderate
about 2 months ago
Liferay Portal Commerce Shop is vulnerable to Stored XSS through SVG file
maven
com.liferay.commerce:com.liferay.commerce.shop.by.diagram.web
Moderate
about 2 months ago
Liferay Portal is vulnerable to XXS through its Commerce Product's Name text field
maven
com.liferay.commerce:com.liferay.commerce.product.service
Moderate
2 months ago
Liferay Portal exposes sensitive user data through its Freemarker template
maven
com.liferay:com.liferay.portal.template.freemarker
Moderate
2 months ago
Liferay Portal Vulnerable to IDOR via audit events
maven
com.liferay:com.liferay.portal.security.audit.storage.service, com.liferay:com.liferay.portal.security.audit.web
Moderate
2 months ago
Liferay Portal vulnerable to reflected cross-site scripting via the `redirect` parameter
maven
com.liferay.portal:release.portal.bom
Moderate
2 months ago
Liferay Portal vulnerable to cross-site scripting in the web content template
maven
com.liferay:com.liferay.journal.web, com.liferay.portal:release.portal.bom
Moderate
2 months ago
Liferay Portal vulnerable to cross-site scripting in the related asset selector
maven
com.liferay:com.liferay.item.selector.web
Moderate
2 months ago
Liferay Portal vulnerable to path traversal and denial-of-service in the ComboServlet
maven
com.liferay.portal:com.liferay.portal.impl, com.liferay.portal:release.portal.bom
Moderate
2 months ago
Liferay Portal vulnerable to reflected cross-site scripting on the page configuration page
maven
com.liferay:com.liferay.product.navigation.control.menu.web
Moderate
2 months ago
Liferay Portal vulnerable to cross-site scripting in the Calendar widget
maven
com.liferay:com.liferay.calendar.web
Moderate
2 months ago
Liferay Portal and DXP does not properly expire sessions
maven
com.liferay:com.liferay.saml.impl
Moderate
2 months ago
Liferay Portal and DXP audit events record password reminder answers
maven
com.liferay:com.liferay.portal.security.audit.event.generators.user.management
Moderate
2 months ago
Liferay Portal and DXP allows users to add a note to a different virtual instance
maven
com.liferay.commerce:com.liferay.commerce.service
Moderate
2 months ago
Liferay has a stored cross-site scripting (XSS) vulnerability via a a publication’s “Name” text field
maven
com.liferay:com.liferay.change.tracking.service
Moderate
3 months ago
Liferay search widget vulnerable to Cross-site Scripting
maven
com.liferay:com.liferay.portal.search
Low
3 months ago
Liferay DXP Missing Critical Step in Authentication
maven
com.liferay:com.liferay.multi.factor.authentication.timebased.otp.web
Moderate
3 months ago
Liferay Portal's System, Instance and Site Settings are vulnerable to Open Redirect
maven
com.liferay:com.liferay.site.admin.web, com.liferay:com.liferay.configuration.admin.web
High
3 months ago
Liferay Portal: Missing Rate Limiting in GraphQL Endpoint Enables Resource Exhaustion Attack
maven
com.liferay:com.liferay.portal.vulcan.impl, com.liferay:com.liferay.portal.vulcan.api
Moderate
3 months ago
Liferay Portal's selection modal is vulnerable to XSS
maven
com.liferay:com.liferay.users.admin.web
Moderate
3 months ago
Liferay Portal's Organization Selector exposes organization data to remote authenticated users
maven
com.liferay:com.liferay.organizations.item.selector.web
Low
3 months ago
Liferay Portal JSON Web Services Direct Class Invocation Enables Service Access Policy Execution
maven
com.liferay:com.liferay.comment.web
High
3 months ago
Liferay Portal is vulnerable to Insecure Direct Object Reference (IDOR) attack through Authentication Bypass
maven
com.liferay:com.liferay.object.service
Moderate
3 months ago
Liferay Portal API Allows Authenticated Users to Access Workflow Definitions by Name
maven
com.liferay:com.liferay.portal.workflow.kaleo.runtime.integration.impl
Moderate
3 months ago
Liferay Portal's Incorrect Authorization vulnerability can lead to guest users to obtaining sensitive data
maven
com.liferay:com.liferay.headless.builder.impl
Moderate
3 months ago
Liferay Portal is vulnerable to Reflected XSS attack through get_editor path
maven
com.liferay:com.liferay.frontend.editor.ckeditor.web
Moderate
3 months ago
Liferay Portal and Liferay DXP vulnerable to Stored Cross-site Scripting
maven
com.liferay:com.liferay.portal.workflow.task.web, com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Moderate
3 months ago
Liferay Portal exposes ERC which can lead to exploit the time response attack
maven
com.liferay:com.liferay.portal.workflow.api, com.liferay:com.liferay.headless.admin.workflow.impl, com.liferay:com.liferay.portal.vulcan.impl
Moderate
3 months ago
Liferay Portal is vulnerable to XSS attack through its search bar portlet
maven
com.liferay:com.liferay.portal.search.web
Moderate
3 months ago
Liferay Portal is vulnerable to XSS attacks via its remote app title field
maven
com.liferay:com.liferay.client.extension.web
Moderate
3 months ago
Liferay Portal exposes 500 status when attempting login with a deleted client secret
maven
com.liferay:com.liferay.portal.security.sso.openid.connect.impl
Moderate
3 months ago
Liferay Portal is vulnerable to XSS attack through fieldset name in Kaleo Forms Admin
maven
com.liferay:com.liferay.portal.workflow.kaleo.forms.web
Low
3 months ago
Liferay Portal is vulnerable to XSS attack through its Style Book theme
maven
com.liferay:com.liferay.frontend.taglib.clay
Moderate
3 months ago
Liferay Portal is vulnerable to SSRF through custom object attachment fields
maven
com.liferay:com.liferay.object.service
High
3 months ago
Liferay Portal Vulnerable to Denial of Service in Kaleo Forms Admin
maven
com.liferay:com.liferay.portal.workflow.kaleo.forms.web
Moderate
3 months ago
Liferay Portal allows improper access through the expandoTableLocalService
maven
com.liferay:com.liferay.portal.workflow.kaleo.runtime.impl
Moderate
3 months ago
Liferay Portal allows unrestricted upload of file in the style books component
maven
com.liferay:com.liferay.style.book.web
Moderate
3 months ago
Liferay Portal stored cross-site scripting in text field of the web content structure
maven
com.liferay:com.liferay.journal.service
Moderate
3 months ago
Liferay Portal ReDoS with Role Name search in KaleoDesignerPortlet
maven
com.liferay:com.liferay.portal.workflow.kaleo.designer.web
Moderate
3 months ago
Liferay Portal allows open redirect in /c/portal/edit_info_item parameter redirect
maven
com.liferay:com.liferay.info.impl
Moderate
3 months ago
Liferay Portal vulnerable to Reflected XSS with the referer and forward parameter
maven
com.liferay.portal:com.liferay.portal.kernel
Moderate
3 months ago
Liferay Portal vulnerable to Stored XSS in Components portlet
maven
com.liferay:com.liferay.plugins.admin.web
Moderate
3 months ago
Liferay Portal JSONWS API endpoint shares sensitive information
maven
com.liferay.portal:com.liferay.portal.impl
Moderate
3 months ago
Liferay Portal users can upload an unlimited amount of files
maven
com.liferay:com.liferay.dynamic.data.mapping.form.field.type, com.liferay:com.liferay.dynamic.data.mapping.form.web
Moderate
3 months ago
Liferay Portal Reflected XSS in CKeditor 4.21.0 endpoint
npm, maven
liferay-ckeditor, com.liferay:com.liferay.frontend.js.dependencies.web, com.liferay:com.liferay.frontend.editor.ckeditor.web
Moderate
3 months ago
Liferay Portal users are able to add system admin portlets to pages
maven
com.liferay:com.liferay.layout.impl
Moderate
3 months ago
Liferay Portal's unauthenticated users can access loaded files via URL before submitting the object entry
maven
com.liferay:com.liferay.object.web, com.liferay:com.liferay.object.dynamic.data.mapping.form.field.type, com.liferay:com.liferay.frontend.js.web
Moderate
3 months ago
Liferay Portal Reflected Cross-Site Scripting Vulnerability via PortalUtil.escapeRedirect
maven
com.liferay.portal:release.portal.bom
Moderate
3 months ago
Liferay Portal User Enumeration Vulnerability via the Create Account Page
maven
com.liferay:com.liferay.login.web
Moderate
3 months ago
Liferay Portal's Unlimited File Upload Could Result in DoS
maven
com.liferay.portal:release.portal.bom
Low
3 months ago
Liferay Portal Reflected Cross-Site Scripting Vulnerability via Form Container
maven
com.liferay:com.liferay.layout.taglib
Moderate
3 months ago
Liferay Portal Username Enumeration Vulnerability
maven
com.liferay.portal:release.portal.bom
Moderate
3 months ago
Liferay Portal Stored Cross-Site Scripting Vulnerability via GroupPagesPortlet_type Parameter
maven
com.liferay:com.liferay.layout.admin.web
Moderate
3 months ago
Liferay Portal Reflected Cross-Site Scripting Vulnerability via snippet Parameter
maven
com.liferay.portal:release.portal.bom
Moderate
4 months ago
Liferay Portal Vulnerable to Cross-Site Scripting via DDMPortlet_definition Parameter
maven
com.liferay.portal:release.portal.bom
Moderate
4 months ago
Liferay Portal Vulnerable to Cross-Site Scripting in Dynamic Data Mapping
maven
com.liferay.portal:release.portal.bom
Moderate
4 months ago
Liferay Portal Unvalidated File Upload
maven
com.liferay:com.liferay.dynamic.data.mapping.form.web
Moderate
4 months ago
Liferay Portal Unauthenticated File Access via URL
maven
com.liferay.portal:release.portal.bom
Moderate
4 months ago
Liferay Portal Vulnerable to Cross-Site Scripting via assetTagNames Parameter
maven
com.liferay.portal:release.portal.bom
Moderate
4 months ago
Liferay Portal Vulnerable to Cross-Site Scripting through URLs
maven
com.liferay:com.liferay.layout.type.controller.display.page
Moderate
4 months ago
Liferay Portal Vulnerable to Cross-Site Scripting via DDM Structure Field Labels
maven
com.liferay.portal:release.portal.bom
Moderate
4 months ago
Liferay Portal Enumeration Discrepancy in Calendars
maven
com.liferay.portal:release.portal.bom
Moderate
4 months ago
Liferay Portal Vulnerable to Cross-Site Scripting via backURL Paramter
maven
com.liferay:com.liferay.journal.web
Moderate
4 months ago
Liferay Portal CSRF Vulnerability via Endpoint Parameter
maven
com.liferay.portal:release.portal.bom
Moderate
4 months ago
Liferay Portal Reflected Cross-Site Scripting Vulnerability in displayType Parameter
maven
com.liferay:com.liferay.expando.web
Moderate
4 months ago
Liferay Portal Email Modification Vulnerability via Calendar Portlet
maven
com.liferay:com.liferay.calendar.service
Moderate
4 months ago
Liferay Portal has Stored Cross-Site Scripting Vulnerability via Message Boards Feature
maven
com.liferay.portal:release.portal.bom
Moderate
4 months ago
Liferay Portal Vulnerable to Cross-Site Scripting
maven
com.liferay.portal:release.portal.bom
Low
4 months ago
Liferay Portal Login Bypass Vulnerability
maven
com.liferay.portal:release.portal.bom
Low
4 months ago
Liferay Portal Vulnerable to Cross-Site Scripting
maven
com.liferay:com.liferay.layout.taglib
Moderate
4 months ago
Liferay Portal Vulnerable to Insecure Direct Object Reference
maven
com.liferay:com.liferay.roles.selector.web
Moderate
4 months ago
Liferay Portal 7.4.0 and Liferay DXP have a reflected cross-site scripting (XSS) vulnerability
maven
com.liferay:com.liferay.frontend.taglib.clay, com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Moderate
4 months ago
Liferay Portal and Liferay DXP have a reflected cross-site scripting vulnerability
maven
com.liferay.portal:com.liferay.portal.impl, com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Moderate
4 months ago
Liferay Portal and Liferay DXP have a Denial Of Service via File Upload (DOS) vulnerability
maven
com.liferay:com.liferay.account.admin.web, com.liferay:com.liferay.users.admin.web, com.liferay:com.liferay.image.uploader.web, com.liferay:com.liferay.frontend.taglib, com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Filter by Severity
Filter by Ecosystem
maven
6,936
packagist
5,496
pypi
4,938
npm
4,466
go
3,038
nuget
1,625
cargo
1,126
rubygems
908
hex
40
actions
39
swift
34
pub
10
Filter by Package
tensorflow
433
moodle/moodle
425
tensorflow-cpu
407
tensorflow-gpu
393
magento/community-edition
358
Microsoft.ChakraCore
247
org.jenkins-ci.main:jenkins-core
242
typo3/cms
168
com.liferay.portal:release.portal.bom
151
github.com/mattermost/mattermost/server/v8
146
org.apache.tomcat:tomcat
140
com.liferay.portal:release.dxp.bom
124
pimcore/pimcore
120
magento/project-community-edition
117
dolibarr/dolibarr
117
typo3/cms-core
107
phpmyadmin/phpmyadmin
107
microweber/microweber
103
drupal/core
103
Django
91
silverstripe/framework
90
apache-airflow
89
librenms/librenms
89
github.com/mattermost/mattermost-server
83
thorsten/phpmyfaq
75
drupal/drupal
72
github.com/usememos/memos
69
com.fasterxml.jackson.core:jackson-databind
69
concrete5/concrete5
67
salt
65
ansible
64
shopware/platform
63
symfony/symfony
62
apache-superset
61
actionpack
58
github.com/grafana/grafana
57
org.apache.struts:struts2-core
57
mlflow
55
Plone
54
craftcms/cms
53
shopware/core
52
github.com/hashicorp/vault
51
org.keycloak:keycloak-core
50
getgrav/grav
50
github.com/rancher/rancher
50
django
48
nova
48
mautic/core
48
baserproject/basercms
47
org.keycloak:keycloak-services
45
nokogiri
45
mantisbt/mantisbt
45
gradio
44
vyper
44
org.elasticsearch:elasticsearch
43
org.xwiki.platform:xwiki-platform-oldcore
43
directus
43
matrix-synapse
43
nilsteampassnet/teampass
42
rdiffweb
42
showdoc/showdoc
41
k8s.io/kubernetes
41
snipe/snipe-it
41
plone
41
froxlor/froxlor
40
org.apache.tomcat.embed:tomcat-embed-core
40
intelliants/subrion
40
picklescan
39
github.com/mattermost/mattermost-server/v6
38
net.mingsoft:ms-mcms
38
com.thoughtworks.xstream:xstream
37
github.com/argoproj/argo-cd/v2
36
com.jfinal:jfinal
36
parse-server
35
io.undertow:undertow-core
35
rack
35
moin
35
github.com/answerdev/answer
34
org.jenkins-ci.plugins:script-security
33
flowise
33
keystone
32
github.com/cilium/cilium
32
vllm
32
gogs.io/gogs
32
zendframework/zendframework1
32
opencv-python
31
contao/core-bundle
31
github.com/hashicorp/nomad
31
shopware/shopware
31
github.com/hashicorp/consul
31
next
30
github.com/argoproj/argo-cd
30
opencv-contrib-python
30
github.com/docker/docker
29
DotNetNuke.Core
28
Pillow
28
mediawiki/core
28
pillow
28
electron
28
centreon/centreon
27
prestashop/prestashop
27
org.springframework.security:spring-security-core
27
org.opencms:opencms-core
27
open-webui
27
org.apache.solr:solr-core
27
pocketmine/pocketmine-mp
25
getkirby/cms
25
rubygems-update
25
openssl-src
25
org.eclipse.jetty:jetty-server
25
org.apache.tomcat:tomcat-catalina
25
surrealdb
24
magento/core
24
github.com/traefik/traefik/v2
24
org.keycloak:keycloak-parent
24
pyload-ng
24
laravel/framework
23
puppet
23
simplesamlphp/simplesamlphp
23
grumpydictator/firefly-iii
23
remdex/livehelperchat
23
deno
22
zendframework/zendframework
22
phpoffice/phpspreadsheet
22
tribalsystems/zenario
22
activerecord
22
ckb
22
org.apache.openmeetings:openmeetings-parent
22
github.com/ethereum/go-ethereum
21
@openzeppelin/contracts
21
glance
21
@openzeppelin/contracts-upgradeable
21
org.apache.nifi:nifi
21
org.bouncycastle:bcprov-jdk14
21
github.com/goharbor/harbor
21
github.com/zitadel/zitadel
21
wasmtime
21
org.xwiki.platform:xwiki-platform-web-templates
20
typo3/cms-backend
20
ethyca-fides
20
cockpit-hq/cockpit
20
org.cloudfoundry.identity:cloudfoundry-identity-server
20
aim
20
code.gitea.io/gitea
20
helm.sh/helm/v3
20
funadmin/funadmin
20
neutron
19
topthink/framework
19
contao/contao
19
langchain
19
transformers
19
mercurial
18
golang.org/x/net
18
forkcms/forkcms
18
com.vaadin:vaadin-bom
18
cobbler
18
Microsoft.AspNetCore.App.Runtime.win-x64
18
openmage/magento-lts
18
calibreweb
18
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
18
org.springframework:spring-core
18
com.liferay.portal:com.liferay.portal.impl
18
Microsoft.AspNetCore.App.Runtime.linux-arm
18
mindsdb
18
Microsoft.AspNetCore.App.Runtime.win-x86
18
org.apache.jspwiki:jspwiki-main
18
github.com/openfga/openfga
18
Microsoft.AspNetCore.App.Runtime.linux-x64
18
genix/cms
18
Microsoft.AspNetCore.App.Runtime.win-arm
18
Microsoft.AspNetCore.App.Runtime.linux-arm64
18
opencart/opencart
17
github.com/containerd/containerd
17
yetiforce/yetiforce-crm
17
cryptography
17
ezsystems/ezpublish-kernel
17
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
17
github.com/traefik/traefik/v3
17
cakephp/cakephp
17
OctoPrint
17
notebook
17
francoisjacquet/rosariosis
17
Microsoft.AspNetCore.App.Runtime.win-arm64
17
org.apache.geode:geode-core
17
org.apache.inlong:manager-pojo
17
rusqlite
16
ghost
16
PaddlePaddle
16
sequelize
16
github.com/opencontainers/runc
16
org.apache.activemq:activemq-client
16
org.apache.dubbo:dubbo
16
lollms
16
vite
16
tinymce
16
pgadmin4
16
phpbb/phpbb
16
org.apache.ranger:ranger
16
paddlepaddle
16
Microsoft.AspNetCore.App.Runtime.osx-x64
16
Filter by Repository
https://github.com/tensorflow/tensorflow
433
https://github.com/moodle/moodle
250
https://github.com/xwiki/xwiki-platform
222
https://github.com/chakra-core/ChakraCore
214
https://github.com/jenkinsci/jenkins
178
https://github.com/liferay/liferay-portal
170
https://github.com/django/django
121
https://github.com/apache/tomcat
118
https://github.com/pimcore/pimcore
116
https://github.com/apache/airflow
105
https://github.com/TYPO3/typo3
94
https://github.com/keycloak/keycloak
90
https://github.com/microweber/microweber
90
https://github.com/librenms/librenms
77
https://github.com/FasterXML/jackson-databind
70
https://github.com/rails/rails
70
https://github.com/thorsten/phpmyfaq
69
https://github.com/usememos/memos
68
https://github.com/silverstripe/silverstripe-framework
68
https://github.com/kubernetes/kubernetes
66
https://github.com/symfony/symfony
64
https://github.com/Dolibarr/dolibarr
60
https://github.com/ansible/ansible
59
https://github.com/mattermost/mattermost
59
https://github.com/python-pillow/Pillow
52
https://github.com/spring-projects/spring-framework
51
https://github.com/argoproj/argo-cd
50
https://github.com/apache/struts
47
https://github.com/grafana/grafana
47
https://github.com/rancher/rancher
46
https://github.com/mautic/mautic
46
https://github.com/phpmyadmin/phpmyadmin
45
https://github.com/concretecms/concretecms
44
https://github.com/vyperlang/vyper
44
https://github.com/shopware/platform
43
https://github.com/mantisbt/mantisbt
42
https://github.com/saltstack/salt
42
https://github.com/ikus060/rdiffweb
42
https://github.com/directus/directus
41
https://github.com/craftcms/cms
41
https://github.com/shopware/shopware
40
https://github.com/star7th/showdoc
39
https://github.com/mmaitre314/picklescan
39
https://github.com/gradio-app/gradio
39
https://github.com/dotnet/runtime
38
https://github.com/magento/magento2
38
https://github.com/openstack/nova
38
https://github.com/x-stream/xstream
37
https://github.com/plone/Products.CMFPlone
37
https://github.com/octobercms/october
36
https://github.com/mlflow/mlflow
36
https://github.com/sparklemotion/nokogiri
35
https://github.com/umbraco/Umbraco-CMS
35
https://github.com/parse-community/parse-server
34
https://github.com/apache/activemq
34
https://github.com/answerdev/answer
34
https://github.com/go-gitea/gitea
32
https://github.com/matrix-org/synapse
32
https://github.com/opencv/opencv
32
https://github.com/apache/inlong
31
https://github.com/PaddlePaddle/Paddle
31
https://github.com/cilium/cilium
31
https://github.com/snipe/snipe-it
30
https://github.com/contao/contao
30
https://github.com/rack/rack
29
https://github.com/strapi/strapi
29
https://github.com/electron/electron
28
https://github.com/openstack/keystone
28
https://github.com/gogs/gogs
28
https://github.com/CVEProject/cvelist
28
https://github.com/FlowiseAI/Flowise
28
https://github.com/netty/netty
27
https://github.com/zitadel/zitadel
26
https://github.com/froxlor/froxlor
26
https://github.com/apache/nifi
26
https://github.com/baserproject/basercms
26
https://github.com/geoserver/geoserver
26
https://github.com/github/advisory-database
26
https://github.com/langchain-ai/langchain
25
https://github.com/pmmp/PocketMine-MP
25
https://github.com/bcgit/bc-java
25
https://github.com/vllm-project/vllm
25
https://github.com/denoland/deno
25
https://github.com/traefik/traefik
25
https://github.com/surrealdb/surrealdb
25
https://github.com/vercel/next.js
25
https://github.com/hashicorp/consul
24
https://github.com/pyload/pyload
24
https://github.com/apache/cxf
24
https://github.com/getgrav/grav
24
https://github.com/run-llama/llama_index
24
https://github.com/PrestaShop/PrestaShop
23
https://github.com/firefly-iii/firefly-iii
23
https://github.com/livehelperchat/livehelperchat
23
https://github.com/eclipse/jetty.project
23
https://github.com/nilsteampassnet/TeamPass
23
https://github.com/bytecodealliance/wasmtime
23
https://github.com/moby/moby
23
https://github.com/dnnsoftware/Dnn.Platform
23
https://github.com/TYPO3/TYPO3.CMS
23
https://github.com/nervosnetwork/ckb
22
https://github.com/PHPOffice/PhpSpreadsheet
22
https://github.com/getkirby/kirby
22
https://github.com/jenkinsci/script-security-plugin
22
https://github.com/helm/helm
22
https://github.com/hashicorp/vault
21
https://github.com/OpenZeppelin/openzeppelin-contracts
21
https://github.com/undertow-io/undertow
21
https://github.com/laravel/framework
21
https://github.com/goharbor/harbor
21
https://github.com/funadmin/funadmin
20
https://github.com/OpenNMS/opennms
20
https://github.com/jeecgboot/jeecg-boot
20
https://github.com/ethyca/fides
20
https://github.com/simplesamlphp/simplesamlphp
20
https://github.com/opencast/opencast
20
https://github.com/huggingface/transformers
19
https://github.com/intelliants/subrion
19
https://github.com/nilsteampassnet/teampass
19
https://github.com/TYPO3-CMS/core
19
https://github.com/alkacon/opencms-core
19
https://github.com/cloudfoundry/uaa
19
https://github.com/containerd/containerd
19
https://github.com/backstage/backstage
19
https://github.com/vaadin/platform
18
https://github.com/rubygems/rubygems
18
https://github.com/opencontainers/runc
18
https://github.com/apache/camel
18
https://github.com/OpenMage/magento-lts
18
https://github.com/mindsdb/mindsdb
17
https://github.com/apache/kylin
17
https://github.com/ethereum/go-ethereum
17
https://github.com/liufee/cms
17
https://github.com/openfga/openfga
17
https://github.com/vantage6/vantage6
17
https://github.com/pyca/cryptography
16
https://github.com/sequelize/sequelize
16
https://github.com/rusqlite/rusqlite
16
https://github.com/forkcms/forkcms
16
https://github.com/dotnet/aspnetcore
16
https://github.com/tinymce/tinymce
16
https://github.com/etcd-io/etcd
16
https://github.com/yetiforcecompany/yetiforcecrm
16
https://github.com/vitejs/vite
16
https://github.com/hashicorp/nomad
16
https://github.com/quarkusio/quarkus
16
https://github.com/dompdf/dompdf
15
https://github.com/decidim/decidim
15
https://github.com/aio-libs/aiohttp
15
https://github.com/OPCFoundation/UA-.NETStandard
15
https://github.com/spring-projects/spring-security
15
https://github.com/thorsten/phpMyFAQ
15
https://github.com/ckeditor/ckeditor4
15
https://github.com/PHPMailer/PHPMailer
15
https://github.com/containers/podman
15
https://github.com/nodejs/undici
15
https://github.com/zendframework/zendframework
15
https://github.com/xuxueli/xxl-job
15
https://github.com/puppetlabs/puppet
15
https://github.com/cobbler/cobbler
15
https://github.com/MobSF/Mobile-Security-Framework-MobSF
15
https://github.com/centreon/centreon
15
https://github.com/drupal/core
15
https://github.com/publify/publify
14
https://github.com/urllib3/urllib3
14
https://github.com/cosmos/cosmos-sdk
14
https://github.com/Graylog2/graylog2-server
14
https://github.com/cockpit-hq/cockpit
14
https://github.com/apache/zeppelin
14
https://github.com/pimcore/admin-ui-classic-bundle
14
https://github.com/ImageMagick/ImageMagick
14
https://github.com/dpgaspar/Flask-AppBuilder
14
https://github.com/TryGhost/Ghost
14
https://github.com/pgadmin-org/pgadmin4
14
https://github.com/twisted/twisted
14
https://github.com/janeczku/calibre-web
14
https://github.com/golang/go
14
https://github.com/ming-soft/MCMS
14
https://github.com/rails/rails-html-sanitizer
14
https://github.com/apache/superset
14
https://github.com/openbao/openbao
13
https://github.com/dromara/hutool
13
https://github.com/zenml-io/zenml
13
https://github.com/h2oai/h2o-3
13
https://github.com/1Panel-dev/1Panel
13
https://github.com/OctoPrint/OctoPrint
13
https://github.com/modoboa/modoboa
13
https://github.com/apache/dolphinscheduler
13
https://github.com/OpenRefine/OpenRefine
13
https://github.com/swagger-api/swagger-ui
13
https://github.com/laurent22/joplin
13
https://github.com/puma/puma
12
https://github.com/igniterealtime/Openfire
12
https://github.com/DSpace/DSpace
12
https://github.com/smarty-php/smarty
12
https://github.com/nautobot/nautobot
12
https://github.com/getsentry/sentry
12
https://sourceforge.net/projects/phpmyadmin.sourceforge.net
12
https://github.com/openstack/glance
12