Browse Security Advisories
Security Advisories for https://github.com/xwiki/xwiki-platform Clear Filters
Critical
2 months ago
XWiki Platform is vulnerable to HQL injection via wiki and space search REST API
maven
org.xwiki.platform:xwiki-platform-rest-server
Critical
3 months ago
XWiki configuration files can be accessed through jsx and sx endpoints
maven
org.xwiki.platform:xwiki-platform-skin-skinx
Critical
3 months ago
XWiki configuration files can be accessed through the webjars API
maven
org.xwiki.platform:xwiki-platform-webjars-api
Moderate
3 months ago
XWiki PDF export jobs store sensitive cookies unencrypted in job statuses
maven
org.xwiki.platform:xwiki-platform-export-pdf-api
High
4 months ago
XWiki exposes passwords and emails stored in fields not named password/email in xml.vm
maven
org.xwiki.platform:xwiki-platform-legacy-oldcore, org.xwiki.platform:xwiki-platform-oldcore
High
4 months ago
XWiki leaks password hashes and other accessible password properties
maven
org.xwiki.platform:xwiki-platform-legacy-oldcore, org.xwiki.platform:xwiki-platform-oldcore
Moderate
4 months ago
XWiki allows Reflected XSS in two templates
maven
org.xwiki.platform:xwiki-platform-web-templates
High
4 months ago
XWiki Platform vulnerable to SQL injection through XWiki#searchDocuments API
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
4 months ago
XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter
maven
org.xwiki.platform:xwiki-platform-distribution-war
High
6 months ago
XWiki does not require right warnings for XClass definitions
maven
org.xwiki.platform:xwiki-platform-security-requiredrights-default
High
6 months ago
XWiki allows remote code execution through preview of XClass changes in AWM editor
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
6 months ago
XWiki does not require right warnings for notification displayer objects
maven
org.xwiki.platform:xwiki-platform-notifications-notifiers-default
High
6 months ago
XWiki makes title of inaccessible pages available through the class property values REST API
maven
org.xwiki.platform:xwiki-platform-rest-server
Moderate
6 months ago
XWiki provides no warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin right
maven
org.xwiki.platform:xwiki-platform-notifications-notifiers-default
High
6 months ago
XWiki allows remote code execution through default value of wiki macro wiki-type parameters
maven
org.xwiki.platform:xwiki-platform-rendering-wikimacro-store
High
6 months ago
XWiki's required right warnings for macros are incomplete
maven
org.xwiki.platform:xwiki-platform-rendering-macro-context, org.xwiki.platform:xwiki-platform-security-requiredrights-default, org.xwiki.platform:xwiki-platform-rendering-macro-cache, org.xwiki.platform:xwiki-platform-rendering-xwiki
High
6 months ago
XWiki allows privilege escalation through link refactoring
maven
org.xwiki.platform:xwiki-platform-refactoring-default
Critical
6 months ago
XWiki allows SQL injection in query endpoint of REST API with Oracle
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
7 months ago
XWiki Platform Security Authorization Bridge allows users with just edit right can enforce required rights with programming right
maven
org.xwiki.platform:xwiki-platform-security-authorization-bridge
High
7 months ago
Any user with view access to the XWiki space can change the authenticator
maven
org.xwiki.platform:xwiki-platform-security-authentication-ui
Moderate
7 months ago
XWiki missing authorization when accessing the wiki level attachments list and metadata via REST API
maven
org.xwiki.platform:xwiki-platform-rest-server
Critical
7 months ago
org.xwiki.platform:xwiki-platform-security-requiredrights-default required rights analysis doesn't consider TextAreas with default content type
maven
org.xwiki.platform:xwiki-platform-security-requiredrights-default
Critical
7 months ago
org.xwiki.platform:xwiki-platform-component-wiki provides no warning when granting XWiki.ComponentClass programming right
maven
org.xwiki.platform:xwiki-platform-component-wiki
Low
7 months ago
The lesscss script service allows cache clearing without programming right
maven
org.xwiki.platform:xwiki-platform-lesscss-script
Low
7 months ago
Solr script service doesn't take dropped programming right into account
maven
org.xwiki.platform:xwiki-platform-search-solr-api
Moderate
7 months ago
org.xwiki.platform:xwiki-platform-wysiwyg-api Open Redirect vulnerability
maven
org.xwiki.platform:xwiki-platform-wysiwyg-api
Critical
8 months ago
org.xwiki.platform:xwiki-platform-rest-server allows SQL injection in query endpoint of REST API
maven
org.xwiki.platform:xwiki-platform-rest-server
High
8 months ago
org.xwiki.platform:xwiki-platform-oldcore allows SQL injection in short form select requests through the script query API
maven
org.xwiki.platform:xwiki-platform-oldcore
Moderate
8 months ago
Unregistered users can see "public" messages from a closed wiki via notifications from a different wiki
maven
org.xwiki.platform:xwiki-platform-messagestream
High
9 months ago
The WikiManager REST API allows any user to create wikis
maven
org.xwiki.platform:xwiki-platform-wiki-rest-default
High
9 months ago
XWiki allows unregistered users to access private pages information through REST endpoint
maven
org.xwiki.platform:xwiki-platform-rest-server
High
9 months ago
XWiki uses the wrong wiki reference in AuthorizationManager
maven
org.xwiki.platform:xwiki-platform-security-authorization-api
Critical
10 months ago
XWiki Platform allows remote code execution as guest via SolrSearchMacros request
maven
org.xwiki.platform:xwiki-platform-search-solr-ui
Critical
11 months ago
XWiki Realtime WYSIWYG Editor extension allows privilege escalation (PR) through realtime WYSIWYG editing
maven
org.xwiki.platform:xwiki-platform-realtime-wysiwyg-ui
Critical
12 months ago
XWiki allows remote code execution through the extension sheet
maven
org.xwiki.platform:xwiki-platform-repository-server-ui
High
12 months ago
XWiki Platform has an SQL injection in getdocuments.vm with sort parameter
maven
org.xwiki.platform:xwiki-platform-distribution-war
Moderate
12 months ago
XWiki's scheduler in subwiki allows scheduling operations for any main wiki user
maven
org.xwiki.platform:xwiki-platform-scheduler-ui
Critical
12 months ago
XWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList
maven
org.xwiki.platform:xwiki-platform-help-ui
Critical
12 months ago
XWiki allows RCE from script right in configurable sections
maven
org.xwiki.platform:xwiki-platform-administration-ui
Moderate
about 1 year ago
org.xwiki.platform:xwiki-platform-notifications-ui leaks data of notification filters of users
maven
org.xwiki.platform:xwiki-platform-notifications-ui
High
about 1 year ago
org.xwiki.platform:xwiki-platform-notifications-ui is missing checks for notification filter preferences editions
maven
org.xwiki.platform:xwiki-platform-notifications-ui
Moderate
about 1 year ago
XWiki Platform document history including authors of any page exposed to unauthorized actors
maven
org.xwiki.platform:xwiki-platform-rest-server
Critical
over 1 year ago
In XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them
maven
org.xwiki.platform:xwiki-platform-web-templates
Critical
over 1 year ago
XWiki Platform allows XSS through XClass name in string properties
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki Platform vulnerable to Cross-Site Scripting (XSS) through conflict resolution
maven
org.xwiki.platform:xwiki-platform-web-templates
Critical
over 1 year ago
XWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheet
maven
org.xwiki.platform:xwiki-platform-search-ui
High
over 1 year ago
XWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploader
maven
org.xwiki.platform:xwiki-platform-web-war
Moderate
over 1 year ago
XWiki Platform vulnerable to document deletion and overwrite from edit
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki programming rights may be inherited by inclusion
maven
org.xwiki.platform:xwiki-platform-rendering-macro-include
Critical
over 1 year ago
XWiki Platform allows remote code execution from user account
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki Platform remote code execution from account through UIExtension parameters
maven
org.xwiki.platform:xwiki-platform-uiextension-api
Critical
over 1 year ago
XWiki Platform CSRF remote code execution through the realtime HTML Converter API
maven
org.xwiki.platform:xwiki-platform-realtime-ui
Critical
over 1 year ago
XWiki Platform remote code execution from account via custom skins support
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki Platform CSRF remote code execution through scheduler job's document reference
maven
org.xwiki.platform:xwiki-platform-scheduler-ui
Moderate
over 1 year ago
XWiki Platform CSRF in the job scheduler
maven
org.xwiki.platform:xwiki-platform-scheduler-ui
Critical
over 1 year ago
XWiki Platform: Remote code execution through space title and Solr space facet
maven
org.xwiki.platform:xwiki-platform-search-solr-ui
Critical
over 1 year ago
XWiki Platform: Remote code execution from edit in multilingual wikis via translations
maven
org.xwiki.platform:xwiki-platform-localization-source-wiki
Critical
over 1 year ago
XWiki Platform: Remote code execution as guest via DatabaseSearch
maven
org.xwiki.platform:xwiki-platform-search-ui
Critical
over 1 year ago
XWiki Platform: Privilege escalation (PR) from user registration through PDFClass
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 1 year ago
XWiki Platform: Remote code execution from account via SearchSuggestSourceSheet
maven
org.xwiki.platform:xwiki-platform-search-ui
Moderate
over 1 year ago
XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted
maven
org.xwiki.platform:xwiki-platform-oldcore
High
almost 2 years ago
XWiki vulnerable to Denial of Service attack through attachments
maven
org.xwiki.platform:xwiki-platform-distribution-war
Critical
almost 2 years ago
XWiki Remote Code Execution Vulnerability via User Registration
maven
org.xwiki.platform:xwiki-platform-administration-ui
High
almost 2 years ago
XWiki has no right protection on rollback action
maven
org.xwiki.platform:xwiki-platform, org.xwiki.platform:xwiki-platform-oldcore
High
almost 2 years ago
Velocity execution without script right through tree macro
maven
org.xwiki.platform:xwiki-platform-index-tree-macro
Critical
almost 2 years ago
Remote code execution/programming rights with configuration section from any user account
maven
org.xwiki.platform:xwiki-platform-administration-ui
Critical
almost 2 years ago
XSS/CSRF Remote Code Execution in XWiki.ConfigurableClass
maven
org.xwiki.platform:xwiki-platform-administration-ui
Critical
almost 2 years ago
Remote code execution from account through SearchAdmin
maven
org.xwiki.platform:xwiki-platform-search-ui
Moderate
almost 2 years ago
Solr search discloses email addresses of users
maven
org.xwiki.platform:xwiki-platform-search-solr-api
High
almost 2 years ago
Solr search discloses password hashes of all users
maven
org.xwiki.platform:xwiki-platform-search-solr-api
High
about 2 years ago
Whole content of all documents of all wikis exposed to anybody with view right on Solr suggest service
maven
org.xwiki.platform:xwiki-platform-search-solr-query
Critical
about 2 years ago
Cookies are sent to external images in rendered diff (and server side request forgery)
maven
org.xwiki.platform:xwiki-platform-diff-xml
Critical
about 2 years ago
XWiki Platform vulnerable to reflected cross-site scripting through revision parameter in content menu
maven
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
Critical
about 2 years ago
XWiki Platform vulnerable to remote code execution through the section parameter in Administration as guest
maven
org.xwiki.platform:xwiki-platform-administration, org.xwiki.platform:xwiki-platform-administration-ui
Critical
about 2 years ago
XWiki Platform privilege escalation from script right to programming right through title displayer
maven
org.xwiki.platform:xwiki-platform-display-api
High
about 2 years ago
XWiki Platform vulnerable to privilege escalation and remote code execution via the edit action
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
about 2 years ago
XWiki Platform vulnerable to remote code execution via the edit action because it lacks CSRF token
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
about 2 years ago
XWiki Platform vulnerable to XSS with edit right in the create document form for existing pages
maven
org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-web-templates
Critical
about 2 years ago
XWiki Platform web templates vulnerable to reflected XSS in the create document form if name validation is enabled
maven
org.xwiki.platform:xwiki-platform-web-templates
Critical
about 2 years ago
XWiki users can be tricked to execute scripts as the create page action doesn't display the page's title
maven
org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-platform-web-templates
Critical
about 2 years ago
XWiki Platform XSS vulnerability from account in the create page form via template provider
maven
org.xwiki.platform:xwiki-platform-web, org.xwiki.platform:xwiki-web-standard, org.xwiki.platform:xwiki-platform-web-templates
Critical
about 2 years ago
org.xwiki.platform:xwiki-platform-office-importer vulnerable to arbitrary server side file writing from account through office converter
maven
org.xwiki.platform:xwiki-platform-office-importer
Moderate
about 2 years ago
org.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documents
maven
org.xwiki.platform:xwiki-platform-oldcore
High
about 2 years ago
org.xwiki.platform:xwiki-platform-attachment-api vulnerable to Missing Authorization on Attachment Move
maven
org.xwiki.platform:xwiki-platform-attachment-api
High
about 2 years ago
Privilege escalation (PR)/remote code execution from account through Menu.UIExtensionSheet
maven
org.xwiki.platform:xwiki-platform-menu-ui, org.xwiki.platform:xwiki-platform-menu
Moderate
over 2 years ago
Velocity execution without script right through VelocityCode and VelocityWiki property
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 2 years ago
XWiki Platform's Groovy jobs check the wrong author, allowing remote code execution
maven
org.xwiki.platform:xwiki-platform-scheduler-api, com.xpn.xwiki.platform.plugins:xwiki-plugin-scheduler
High
over 2 years ago
XWiki Platform vulnerable to CSRF privilege escalation/RCE via the create action
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 2 years ago
XWiki Platform privilege escalation (PR) from account through AWM content fields
maven
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Moderate
over 2 years ago
XWiki Platform Stored Cross-site Scripting in the user profile via the timezone displayer
maven
org.xwiki.platform:xwiki-platform-web-templates
Critical
over 2 years ago
XWiki Platform privilege escalation (PR)/RCE from account through Invitation subject/message
maven
org.xwiki.platform:xwiki-platform-invitation-ui
Moderate
over 2 years ago
Obfuscated email addresses should not be sorted
maven
org.xwiki.platform:xwiki-platform-livetable-ui
Critical
over 2 years ago
org.xwiki.platform:xwiki-platform-skin-ui Eval Injection vulnerability
maven
org.xwiki.platform:xwiki-platform-skin-ui
Critical
over 2 years ago
XWiki Platform vulnerable to cross-site request forgery (CSRF) via the REST API
maven
org.xwiki.platform:xwiki-platform-rest-server, com.xpn.xwiki.platform:xwiki-rest, com.xpn.xwiki.platform:xwiki-core-rest-server
Critical
over 2 years ago
Upgrading doesn't prevent exploiting vulnerable XWiki documents
maven
org.xwiki.platform:xwiki-platform-oldcore
Critical
over 2 years ago
XWiki Platform vulnerable to Code injection through NotificationRSSService
maven
org.xwiki.platform:xwiki-platform-notifications-ui
Critical
over 2 years ago
XWiki Platform vulnerable to Code Injection in icon themes
maven
org.xwiki.platform:xwiki-platform-icon-ui, org.xwiki.platform:xwiki-platform-icon-default, org.xwiki.platform:xwiki-platform-icon-script
Critical
over 2 years ago
XWiki Platform vulnerable to persistent Cross-site Scripting through CKEditor Configuration pages
maven
org.xwiki.platform:xwiki-platform-ckeditor-ui, org.xwiki.contrib:application-ckeditor-ui
Critical
over 2 years ago
XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in DeleteApplication page
maven
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Critical
over 2 years ago
XWiki Platform vulnerable to reflected cross-site scripting via back and xcontinue parameters in resubmit template
maven
org.xwiki.platform:xwiki-platform-web-templates
Filter by Severity
Filter by Ecosystem
maven
6,940
packagist
5,491
pypi
4,939
npm
4,457
go
3,063
nuget
1,588
cargo
1,130
rubygems
908
hex
40
actions
39
swift
34
pub
10
Filter by Package
tensorflow
433
moodle/moodle
425
tensorflow-cpu
404
tensorflow-gpu
392
magento/community-edition
361
Microsoft.ChakraCore
247
org.jenkins-ci.main:jenkins-core
242
typo3/cms
168
com.liferay.portal:release.portal.bom
151
github.com/mattermost/mattermost/server/v8
146
org.apache.tomcat:tomcat
140
com.liferay.portal:release.dxp.bom
123
pimcore/pimcore
120
magento/project-community-edition
118
dolibarr/dolibarr
117
typo3/cms-core
107
phpmyadmin/phpmyadmin
107
drupal/core
103
microweber/microweber
103
github.com/mattermost/mattermost-server
96
Django
91
silverstripe/framework
90
librenms/librenms
89
apache-airflow
89
thorsten/phpmyfaq
75
drupal/drupal
72
github.com/usememos/memos
69
com.fasterxml.jackson.core:jackson-databind
69
concrete5/concrete5
67
ansible
65
salt
65
shopware/platform
63
apache-superset
61
symfony/symfony
59
actionpack
58
github.com/grafana/grafana
57
org.apache.struts:struts2-core
57
mlflow
55
Plone
54
craftcms/cms
53
shopware/core
52
github.com/hashicorp/vault
51
github.com/rancher/rancher
50
getgrav/grav
50
org.keycloak:keycloak-core
50
mautic/core
48
nova
48
django
48
baserproject/basercms
47
org.keycloak:keycloak-services
45
mantisbt/mantisbt
45
nokogiri
45
vyper
44
gradio
44
org.xwiki.platform:xwiki-platform-oldcore
43
directus
43
org.elasticsearch:elasticsearch
43
matrix-synapse
43
nilsteampassnet/teampass
42
rdiffweb
42
snipe/snipe-it
41
k8s.io/kubernetes
41
plone
41
showdoc/showdoc
41
intelliants/subrion
40
froxlor/froxlor
40
org.apache.tomcat.embed:tomcat-embed-core
40
picklescan
39
net.mingsoft:ms-mcms
38
com.thoughtworks.xstream:xstream
37
github.com/mattermost/mattermost-server/v6
37
com.jfinal:jfinal
36
github.com/argoproj/argo-cd/v2
36
io.undertow:undertow-core
35
parse-server
35
moin
35
rack
35
github.com/answerdev/answer
34
org.jenkins-ci.plugins:script-security
33
flowise
33
github.com/cilium/cilium
32
zendframework/zendframework1
32
keystone
32
vllm
32
gogs.io/gogs
32
shopware/shopware
31
contao/core-bundle
31
opencv-python
31
github.com/hashicorp/consul
31
github.com/hashicorp/nomad
31
github.com/argoproj/argo-cd
30
next
30
opencv-contrib-python
30
open-webui
29
github.com/docker/docker
29
electron
28
DotNetNuke.Core
28
Pillow
28
pillow
28
mediawiki/core
28
prestashop/prestashop
27
org.springframework.security:spring-security-core
27
centreon/centreon
27
org.opencms:opencms-core
27
org.apache.solr:solr-core
27
rubygems-update
25
openssl-src
25
pocketmine/pocketmine-mp
25
org.eclipse.jetty:jetty-server
25
getkirby/cms
25
org.apache.tomcat:tomcat-catalina
24
github.com/traefik/traefik/v2
24
org.keycloak:keycloak-parent
24
pyload-ng
24
surrealdb
24
simplesamlphp/simplesamlphp
23
grumpydictator/firefly-iii
23
remdex/livehelperchat
23
puppet
23
laravel/framework
23
magento/core
23
deno
22
activerecord
22
zendframework/zendframework
22
wasmtime
22
org.apache.openmeetings:openmeetings-parent
22
tribalsystems/zenario
22
phpoffice/phpspreadsheet
22
ckb
22
glance
21
@openzeppelin/contracts
21
github.com/zitadel/zitadel
21
github.com/goharbor/harbor
21
org.bouncycastle:bcprov-jdk14
21
org.apache.nifi:nifi
21
github.com/ethereum/go-ethereum
21
org.xwiki.platform:xwiki-platform-web-templates
20
helm.sh/helm/v3
20
ethyca-fides
20
aim
20
cockpit-hq/cockpit
20
@openzeppelin/contracts-upgradeable
20
org.cloudfoundry.identity:cloudfoundry-identity-server
20
funadmin/funadmin
20
code.gitea.io/gitea
20
topthink/framework
19
Microsoft.AspNetCore.App.Runtime.win-x86
19
transformers
19
Microsoft.AspNetCore.App.Runtime.win-x64
19
langchain
19
typo3/cms-backend
19
contao/contao
19
neutron
19
mercurial
18
calibreweb
18
github.com/openfga/openfga
18
golang.org/x/net
18
org.springframework:spring-core
18
cobbler
18
forkcms/forkcms
18
genix/cms
18
com.liferay.portal:com.liferay.portal.impl
18
mindsdb
18
org.apache.jspwiki:jspwiki-main
18
openmage/magento-lts
18
com.vaadin:vaadin-bom
18
ezsystems/ezpublish-kernel
17
cryptography
17
org.apache.inlong:manager-pojo
17
org.apache.geode:geode-core
17
francoisjacquet/rosariosis
17
github.com/containerd/containerd
17
yetiforce/yetiforce-crm
17
Microsoft.AspNetCore.App.Runtime.win-arm64
17
OctoPrint
17
Microsoft.AspNetCore.App.Runtime.win-arm
17
cakephp/cakephp
17
notebook
17
opencart/opencart
17
pgadmin4
16
urllib3
16
Microsoft.NetCore.App.Runtime.win-arm64
16
Microsoft.AspNetCore.App.Runtime.linux-x64
16
vite
16
lollms
16
phpbb/phpbb
16
tinymce
16
ghost
16
org.apache.activemq:activemq-client
16
paddlepaddle
16
PaddlePaddle
16
sequelize
16
rusqlite
16
org.apache.ranger:ranger
16
org.apache.dubbo:dubbo
16
Microsoft.AspNetCore.App.Runtime.linux-arm64
16
github.com/opencontainers/runc
16
Microsoft.NetCore.App.Runtime.win-arm
16
github.com/traefik/traefik/v3
16
Microsoft.AspNetCore.App.Runtime.linux-arm
16
Filter by Repository
https://github.com/tensorflow/tensorflow
433
https://github.com/moodle/moodle
250
https://github.com/xwiki/xwiki-platform
222
https://github.com/chakra-core/ChakraCore
214
https://github.com/jenkinsci/jenkins
178
https://github.com/liferay/liferay-portal
170
https://github.com/django/django
121
https://github.com/apache/tomcat
118
https://github.com/pimcore/pimcore
116
https://github.com/apache/airflow
105
https://github.com/TYPO3/typo3
94
https://github.com/microweber/microweber
90
https://github.com/keycloak/keycloak
90
https://github.com/librenms/librenms
77
https://github.com/rails/rails
70
https://github.com/FasterXML/jackson-databind
70
https://github.com/thorsten/phpmyfaq
69
https://github.com/silverstripe/silverstripe-framework
68
https://github.com/usememos/memos
68
https://github.com/kubernetes/kubernetes
66
https://github.com/symfony/symfony
64
https://github.com/Dolibarr/dolibarr
60
https://github.com/ansible/ansible
59
https://github.com/mattermost/mattermost
59
https://github.com/python-pillow/Pillow
52
https://github.com/spring-projects/spring-framework
51
https://github.com/argoproj/argo-cd
50
https://github.com/grafana/grafana
47
https://github.com/apache/struts
47
https://github.com/mautic/mautic
46
https://github.com/rancher/rancher
46
https://github.com/phpmyadmin/phpmyadmin
45
https://github.com/vyperlang/vyper
44
https://github.com/concretecms/concretecms
44
https://github.com/shopware/platform
43
https://github.com/mantisbt/mantisbt
42
https://github.com/ikus060/rdiffweb
42
https://github.com/saltstack/salt
42
https://github.com/craftcms/cms
41
https://github.com/directus/directus
41
https://github.com/shopware/shopware
40
https://github.com/gradio-app/gradio
39
https://github.com/star7th/showdoc
39
https://github.com/mmaitre314/picklescan
39
https://github.com/magento/magento2
38
https://github.com/openstack/nova
38
https://github.com/dotnet/runtime
38
https://github.com/x-stream/xstream
37
https://github.com/plone/Products.CMFPlone
37
https://github.com/mlflow/mlflow
36
https://github.com/octobercms/october
36
https://github.com/umbraco/Umbraco-CMS
35
https://github.com/sparklemotion/nokogiri
35
https://github.com/apache/activemq
34
https://github.com/parse-community/parse-server
34
https://github.com/answerdev/answer
34
https://github.com/go-gitea/gitea
32
https://github.com/matrix-org/synapse
32
https://github.com/opencv/opencv
32
https://github.com/PaddlePaddle/Paddle
31
https://github.com/cilium/cilium
31
https://github.com/apache/inlong
31
https://github.com/snipe/snipe-it
30
https://github.com/contao/contao
30
https://github.com/strapi/strapi
29
https://github.com/rack/rack
29
https://github.com/CVEProject/cvelist
28
https://github.com/electron/electron
28
https://github.com/FlowiseAI/Flowise
28
https://github.com/gogs/gogs
28
https://github.com/openstack/keystone
28
https://github.com/netty/netty
27
https://github.com/github/advisory-database
26
https://github.com/apache/nifi
26
https://github.com/froxlor/froxlor
26
https://github.com/geoserver/geoserver
26
https://github.com/baserproject/basercms
26
https://github.com/zitadel/zitadel
26
https://github.com/vllm-project/vllm
25
https://github.com/surrealdb/surrealdb
25
https://github.com/vercel/next.js
25
https://github.com/langchain-ai/langchain
25
https://github.com/pmmp/PocketMine-MP
25
https://github.com/traefik/traefik
25
https://github.com/denoland/deno
25
https://github.com/bcgit/bc-java
25
https://github.com/pyload/pyload
24
https://github.com/run-llama/llama_index
24
https://github.com/apache/cxf
24
https://github.com/hashicorp/consul
24
https://github.com/getgrav/grav
24
https://github.com/bytecodealliance/wasmtime
23
https://github.com/nilsteampassnet/TeamPass
23
https://github.com/TYPO3/TYPO3.CMS
23
https://github.com/livehelperchat/livehelperchat
23
https://github.com/moby/moby
23
https://github.com/dnnsoftware/Dnn.Platform
23
https://github.com/PrestaShop/PrestaShop
23
https://github.com/eclipse/jetty.project
23
https://github.com/firefly-iii/firefly-iii
23
https://github.com/getkirby/kirby
22
https://github.com/PHPOffice/PhpSpreadsheet
22
https://github.com/jenkinsci/script-security-plugin
22
https://github.com/nervosnetwork/ckb
22
https://github.com/helm/helm
22
https://github.com/OpenZeppelin/openzeppelin-contracts
21
https://github.com/hashicorp/vault
21
https://github.com/undertow-io/undertow
21
https://github.com/laravel/framework
21
https://github.com/goharbor/harbor
21
https://github.com/jeecgboot/jeecg-boot
20
https://github.com/funadmin/funadmin
20
https://github.com/opencast/opencast
20
https://github.com/ethyca/fides
20
https://github.com/OpenNMS/opennms
20
https://github.com/simplesamlphp/simplesamlphp
20
https://github.com/huggingface/transformers
19
https://github.com/nilsteampassnet/teampass
19
https://github.com/intelliants/subrion
19
https://github.com/cloudfoundry/uaa
19
https://github.com/alkacon/opencms-core
19
https://github.com/backstage/backstage
19
https://github.com/TYPO3-CMS/core
19
https://github.com/containerd/containerd
19
https://github.com/apache/camel
18
https://github.com/opencontainers/runc
18
https://github.com/rubygems/rubygems
18
https://github.com/OpenMage/magento-lts
18
https://github.com/vaadin/platform
18
https://github.com/vantage6/vantage6
17
https://github.com/ethereum/go-ethereum
17
https://github.com/mindsdb/mindsdb
17
https://github.com/apache/kylin
17
https://github.com/openfga/openfga
17
https://github.com/liufee/cms
17
https://github.com/vitejs/vite
16
https://github.com/pyca/cryptography
16
https://github.com/dotnet/aspnetcore
16
https://github.com/forkcms/forkcms
16
https://github.com/etcd-io/etcd
16
https://github.com/hashicorp/nomad
16
https://github.com/yetiforcecompany/yetiforcecrm
16
https://github.com/sequelize/sequelize
16
https://github.com/rusqlite/rusqlite
16
https://github.com/tinymce/tinymce
16
https://github.com/quarkusio/quarkus
16
https://github.com/PHPMailer/PHPMailer
15
https://github.com/MobSF/Mobile-Security-Framework-MobSF
15
https://github.com/aio-libs/aiohttp
15
https://github.com/dompdf/dompdf
15
https://github.com/nodejs/undici
15
https://github.com/ckeditor/ckeditor4
15
https://github.com/containers/podman
15
https://github.com/cobbler/cobbler
15
https://github.com/zendframework/zendframework
15
https://github.com/OPCFoundation/UA-.NETStandard
15
https://github.com/xuxueli/xxl-job
15
https://github.com/decidim/decidim
15
https://github.com/puppetlabs/puppet
15
https://github.com/centreon/centreon
15
https://github.com/thorsten/phpMyFAQ
15
https://github.com/drupal/core
15
https://github.com/spring-projects/spring-security
15
https://github.com/janeczku/calibre-web
14
https://github.com/dpgaspar/Flask-AppBuilder
14
https://github.com/pimcore/admin-ui-classic-bundle
14
https://github.com/TryGhost/Ghost
14
https://github.com/urllib3/urllib3
14
https://github.com/pgadmin-org/pgadmin4
14
https://github.com/rails/rails-html-sanitizer
14
https://github.com/golang/go
14
https://github.com/apache/zeppelin
14
https://github.com/publify/publify
14
https://github.com/cosmos/cosmos-sdk
14
https://github.com/ming-soft/MCMS
14
https://github.com/twisted/twisted
14
https://github.com/ImageMagick/ImageMagick
14
https://github.com/Graylog2/graylog2-server
14
https://github.com/apache/superset
14
https://github.com/cockpit-hq/cockpit
14
https://github.com/modoboa/modoboa
13
https://github.com/h2oai/h2o-3
13
https://github.com/OctoPrint/OctoPrint
13
https://github.com/dromara/hutool
13
https://github.com/apache/dolphinscheduler
13
https://github.com/zenml-io/zenml
13
https://github.com/laurent22/joplin
13
https://github.com/swagger-api/swagger-ui
13
https://github.com/OpenRefine/OpenRefine
13
https://github.com/openbao/openbao
13
https://github.com/1Panel-dev/1Panel
13
https://github.com/n8n-io/n8n
12
https://github.com/DSpace/DSpace
12
https://github.com/NodeBB/NodeBB
12
https://github.com/patriksimek/vm2
12
https://github.com/igniterealtime/Openfire
12
https://github.com/yiisoft/yii2
12
https://github.com/codeigniter4/CodeIgniter4
12
https://github.com/puma/puma
12