Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: maven
Packages: org.springframework.cloud:spring-cloud-skipper
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: 1 day ago
GSA_kwCzR0hTQS1wNTI4LTNtdmYtZ3I4N84AA-Hu
Remote code execution in Spring Cloud Data FlowEcosystems: maven
Packages: org.springframework.cloud:spring-cloud-skipper
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: 1 day ago
Critical
Ecosystems: pypi
Packages: anki
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: 4 days ago
GSA_kwCzR0hTQS05Z3E3LXA1dzktdzg5Oc4AA-FD
Ankitects Anki arbitrary script execution vulnerabilityEcosystems: pypi
Packages: anki
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: 4 days ago
Critical
Ecosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
GSA_kwCzR0hTQS01Z3J4LXY3MjctcW1xNs4AA9_l
1Panel has an SQL injection issue related to the orderBy clauseEcosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 days ago
Critical
Ecosystems: pypi
Packages: fiona
Source: GitHub Advisory Database
Blast Radius: 32.1
Published: 10 days ago
GSA_kwCzR0hTQS1xNWZtLTU1YzItdjZqOc4AA98E
Fiona affected by CVE-2023-45853 related to MiniZip madler-zlibEcosystems: pypi
Packages: fiona
Source: GitHub Advisory Database
Blast Radius: 32.1
Published: 10 days ago
Critical
Ecosystems: packagist
Packages: torrentpier/torrentpier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 days ago
GSA_kwCzR0hTQS1mZzg2LTRjMnItN3d4d84AA95b
TorrentPier Deserialization of Untrusted Data vulnerabilityEcosystems: packagist
Packages: torrentpier/torrentpier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 days ago
Critical
Ecosystems: npm
Packages: hfs
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: 22 days ago
GSA_kwCzR0hTQS01ZjR4LWh3djItdzl3Ms4AA9l_
rejetto HFS vulnerable to OS Command Execution by remote authenticated usersEcosystems: npm
Packages: hfs
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: 22 days ago
Critical
Ecosystems: go
Packages: github.com/gogs/gogs
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: 22 days ago
GSA_kwCzR0hTQS1oZjI5LTloZmgtdzYzas4AA9lz
Gogs allows argument injection during the previewing of changesEcosystems: go
Packages: github.com/gogs/gogs
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: 22 days ago
Critical
Ecosystems: go
Packages: github.com/gogs/gogs
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: 22 days ago
GSA_kwCzR0hTQS1wNjlyLXYzaDQtcmo0Zs4AA9l1
github.com/gogs/gogs affected by CVE-2024-39930Ecosystems: go
Packages: github.com/gogs/gogs
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: 22 days ago
Critical
Ecosystems: go
Packages: github.com/gogs/gogs
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: 22 days ago
GSA_kwCzR0hTQS0ydmdqLTNwdmcteGg0d84AA9lx
Gogs allows deletion of internal filesEcosystems: go
Packages: github.com/gogs/gogs
Source: GitHub Advisory Database
Blast Radius: 17.4
Published: 22 days ago
Critical
Ecosystems: pypi
Packages: Gradio
Source: GitHub Advisory Database
Blast Radius: 39.9
Published: 25 days ago
GSA_kwCzR0hTQS05djJmLTZ2Y2ctM2hnds4AA9cz
Gradio was discovered to contain a code injection vulnerability via the component /gradio/component_meta.pyEcosystems: pypi
Packages: Gradio
Source: GitHub Advisory Database
Blast Radius: 39.9
Published: 25 days ago
Critical
Ecosystems: go
Packages: github.com/gofiber/fiber/v2/middleware/session, github.com/gofiber/fiber/v2, github.com/gofiber/fiber
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: 25 days ago
GSA_kwCzR0hTQS05OGoyLTNqM3AtZncyds4AA9cs
Session Middleware Token Injection VulnerabilityEcosystems: go
Packages: github.com/gofiber/fiber/v2/middleware/session, github.com/gofiber/fiber/v2, github.com/gofiber/fiber
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: 25 days ago
Critical
Ecosystems: maven
Packages: org.geoserver:gs-wms, org.geoserver:gs-wfs, org.geoserver.web:gs-web-app
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 25 days ago
GSA_kwCzR0hTQS02amo2LWdtN3AtZmN2ds4AA9cr
Remote Code Execution (RCE) vulnerability in geoserverEcosystems: maven
Packages: org.geoserver:gs-wms, org.geoserver:gs-wfs, org.geoserver.web:gs-web-app
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 25 days ago
Critical
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: 25 days ago
GSA_kwCzR0hTQS1jMmhyLWNxZzYtOGo2cs4AA9co
ZDI-CAN-23894: Parse Server literalizeRegexPart SQL Injection Authentication Bypass VulnerabilityEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: 25 days ago
Critical
Ecosystems: npm
Packages: ag-grid-community, ag-grid-enterprise
Source: GitHub Advisory Database
Blast Radius: 36.4
Published: 25 days ago
GSA_kwCzR0hTQS04NzZwLWM3N20teDJoY84AA9bu
Prototype pollution in ag-grid-community via the _.mergeDeep functionEcosystems: npm
Packages: ag-grid-community, ag-grid-enterprise
Source: GitHub Advisory Database
Blast Radius: 36.4
Published: 25 days ago
Critical
Ecosystems: pypi
Packages: vanna
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 29 days ago
GSA_kwCzR0hTQS1ycnFxLWZ2Nm0tNjkybc4AA9Zq
vanna vulnerable to remote code execution caused by prompt injectionEcosystems: pypi
Packages: vanna
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 29 days ago
Critical
Ecosystems: pypi
Packages: litellm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 29 days ago
GSA_kwCzR0hTQS1ncHBnLWdxdzgtd2g5Z84AA9Z3
litellm vulnerable to remote code execution based on using eval unsafelyEcosystems: pypi
Packages: litellm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 29 days ago
Critical
Ecosystems: pypi
Packages: lightning
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: 29 days ago
GSA_kwCzR0hTQS1tcjdoLXcycWMtZmZjMs4AA9ZU
pytorch-lightning vulnerable to Arbitrary File Write via /v1/runs API endpointEcosystems: pypi
Packages: lightning
Source: GitHub Advisory Database
Blast Radius: 26.9
Published: 29 days ago
Critical
Ecosystems: packagist
Packages: craftcms/cms
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: about 1 month ago
GSA_kwCzR0hTQS1ocTRmLW12M3EtOHdjds4AA9We
Craft CMS SQL injection vulnerability via the GraphQL API endpointEcosystems: packagist
Packages: craftcms/cms
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: about 1 month ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-macro-include
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS1xY2ozLXdwZ20tcXB4aM4AA9UF
XWiki programming rights may be inherited by inclusionEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-macro-include
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
Ecosystems: maven
Packages: org.apache.streampipes:streampipes-resource-management
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: about 1 month ago
GSA_kwCzR0hTQS1jZjNxLXZnOHctbXc4NM4AA9Tl
Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token GenerationEcosystems: maven
Packages: org.apache.streampipes:streampipes-resource-management
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: lollms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 month ago
GSA_kwCzR0hTQS1tdnJtLWZoOHEtNndyMs4AA9S_
Remote Code Execution via path traversal bypass in lollmsEcosystems: pypi
Packages: lollms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 month ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS1qNTg0LWoydmotM2Y5M84AA9Pv
XWiki Platform allows remote code execution from user accountEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Critical
Ecosystems: go
Packages: github.com/rancher/rke
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: about 1 month ago
GSA_kwCzR0hTQS02Z3I0LTUydzYtdm1xeM4AA9I5
rke's credentials are stored in the RKE1 Cluster state ConfigMapEcosystems: go
Packages: github.com/rancher/rke
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: about 1 month ago
Critical
Ecosystems: maven
Packages: ai.djl:api
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 1 month ago
GSA_kwCzR0hTQS13ODc3LWpmdzctNDZyas4AA9Ik
DeepJavaLibrary API absolute path traversalEcosystems: maven
Packages: ai.djl:api
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 1 month ago
Critical
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 1 month ago
GSA_kwCzR0hTQS1tOGNqLTN2NjgtM2N4as4AA9CN
Magento Open Source affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerabilityEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 1 month ago
Critical
Ecosystems: maven
Packages: org.apache.submarine:submarine-server-core
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: about 1 month ago
GSA_kwCzR0hTQS02cTk3LTh2M2ctcnB4d84AA8-X
Apache Submarine Server Core Incorrect Authorization vulnerabilityEcosystems: maven
Packages: org.apache.submarine:submarine-server-core
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: lollms
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 1 month ago
GSA_kwCzR0hTQS12cXdyLXE2Y2MtYzI0Ms4AA89T
parisneo/lollms Local File Inclusion (LFI) attackEcosystems: pypi
Packages: lollms
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 1 month ago
Critical
Ecosystems: pypi
Packages: jupyter-server-proxy
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: about 2 months ago
GSA_kwCzR0hTQS1mdmNxLTR4NjQtaHF4cs4AA880
Jupyter Server Proxy has a reflected XSS issue in host parameterEcosystems: pypi
Packages: jupyter-server-proxy
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: document-merge-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS12NWdmLXI3OGgtNTVxNs4AA88z
document-merge-service vulnerable to Remote Code Execution via Server-Side Template InjectionEcosystems: pypi
Packages: document-merge-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: lunary
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS0zbXdjLTJjajctZ3g4Y84AA83Q
lunary-ai/lunary Access Control Vulnerability in Prompt Variation ManagementEcosystems: pypi
Packages: lunary
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Critical
Ecosystems: npm
Packages: lunary
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS13NXhtLW14NDctdjdjOM4AA81m
lunary-ai/lunary allows users unauthorized access to projectsEcosystems: npm
Packages: lunary
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: about 2 months ago
GSA_kwCzR0hTQS02ZnF3LWozdm0tN2Y2Ns4AA80W
Zendframework1 Potential SQL injection in ORDER and GROUP functionsEcosystems: packagist
Packages: zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: about 2 months ago
GSA_kwCzR0hTQS12NDJnLTdxMngtY3czMs4AA80T
Zendframework1 potential SQL injection vector using null byte for PDO (MsSql, SQLite)Ecosystems: packagist
Packages: zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: about 2 months ago
GSA_kwCzR0hTQS0yeDM2LXFoeDMtN201Zs4AA80R
ZendFramework1 Potential SQL injection in the ORDER implementation of Zend_Db_SelectEcosystems: packagist
Packages: zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: willdurand/js-translation-bundle
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: about 2 months ago
GSA_kwCzR0hTQS14ODZ4LXFoZjgtZjM3d84AA80P
willdurand/js-translation-bundle potential path traversal attack and remote code injectionEcosystems: packagist
Packages: willdurand/js-translation-bundle
Source: GitHub Advisory Database
Blast Radius: 24.1
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: zendframework/zend-json
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: about 2 months ago
GSA_kwCzR0hTQS04eDJ2LXBjZzctOTRmNM4AA80C
Zend-JSON vulnerable to XXE/XEE attacksEcosystems: packagist
Packages: zendframework/zend-json
Source: GitHub Advisory Database
Blast Radius: 40.0
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: ebookmeta
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: about 2 months ago
GSA_kwCzR0hTQS1oeDU0LXBmMjgtN3hjaM4AA8z8
ebookmeta XML External Entity vulnerabilityEcosystems: pypi
Packages: ebookmeta
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: about 2 months ago
GSA_kwCzR0hTQS1taHB4LTNydjgtd3Jqbc4AA8zv
ZendFramework potential XML eXternal Entity injection vectorsEcosystems: packagist
Packages: zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: about 2 months ago
GSA_kwCzR0hTQS1xZjM2LWZ4OWYtMjMyeM4AA8zs
ZendFramework potential SQL Injection Vector When Using PDO_MySqlEcosystems: packagist
Packages: zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: zendframework/zend-xmlrpc
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: about 2 months ago
GSA_kwCzR0hTQS1mNGZqLXE2bTQtY2M1Ms4AA8zq
ZendFramework vulnerable to XXE/XEE attacksEcosystems: packagist
Packages: zendframework/zend-xmlrpc
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: zendframework/zendframework
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: about 2 months ago
GSA_kwCzR0hTQS1xYzd3LTQ1NjctODR3ds4AA8zh
Zendframework vulnerable to XXE/XEE attacksEcosystems: packagist
Packages: zendframework/zendframework
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: dtale
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: about 2 months ago
GSA_kwCzR0hTQS12OXE2LWZtNDgtcng3NM4AA8xv
Authentication bypass in dtaleEcosystems: pypi
Packages: dtale
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 2 months ago
GSA_kwCzR0hTQS01cTZjLWZmdmcteGNtOc4AA8xf
Remote code execution in mlflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: lightning
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: about 2 months ago
GSA_kwCzR0hTQS1jZ3djLXF2cngtcmY3Zs4AA8wc
Remote code execution in pytorch lightningEcosystems: pypi
Packages: lightning
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: about 2 months ago
GSA_kwCzR0hTQS02N3dnLTZqN3ItbXFoOM4AA8uB
Arbitrary Code Execution in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 26.1
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: about 2 months ago
GSA_kwCzR0hTQS1nd2Z4LXA3bXItZjkyds4AA8t6
Missing Access Check in TYPO3 CMSEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: about 2 months ago
Critical
Ecosystems: go
Packages: github.com/projectdiscovery/interactsh
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: about 2 months ago
GSA_kwCzR0hTQS1xNW1nLXBjN3Itcjhjcs4AA8tY
Files or Directories Accessible to External Parties in ProjectDiscoveryEcosystems: go
Packages: github.com/projectdiscovery/interactsh
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: about 2 months ago
Critical
Ecosystems: npm
Packages: @janhq/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS04NzhoLXJxY3EtbXYzeM4AA8s7
Jan path traversal vulnerabilityEcosystems: npm
Packages: @janhq/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Critical
Ecosystems: npm
Packages: @janhq/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS1xZmpoLW12cTYtYzVwOM4AA8s6
Jan path traversal vulnerabilityEcosystems: npm
Packages: @janhq/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Critical
Ecosystems: cargo
Packages: nano-id
Source: GitHub Advisory Database
Blast Radius: 2.8
Published: about 2 months ago
GSA_kwCzR0hTQS05aGM3LTZ3OXItd2o5NM4AA8sy
Unable to generate the correct character setEcosystems: cargo
Packages: nano-id
Source: GitHub Advisory Database
Blast Radius: 2.8
Published: about 2 months ago
Critical
Ecosystems: cargo
Packages: nano-id
Source: GitHub Advisory Database
Blast Radius: 2.8
Published: about 2 months ago
GSA_kwCzR0hTQS0yaGZ3LXc3MzktcDd4Nc4AA8su
nano-id reduced entropy due to inadequate character set usageEcosystems: cargo
Packages: nano-id
Source: GitHub Advisory Database
Blast Radius: 2.8
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: qdrant-client
Source: GitHub Advisory Database
Blast Radius: 32.0
Published: about 2 months ago
GSA_kwCzR0hTQS03bTc1LXgyN3ctcjUycs4AA8nb
qdrant input validation failureEcosystems: pypi
Packages: qdrant-client
Source: GitHub Advisory Database
Blast Radius: 32.0
Published: about 2 months ago
Critical
Ecosystems: maven
Packages: org.silverpeas.core:silverpeas-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS00dzU0LXd3YzkteDYyY84AA8m1
Silverpeas authentication bypassEcosystems: maven
Packages: org.silverpeas.core:silverpeas-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Critical
Ecosystems: cargo
Packages: qdrant
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS14Y3IyLWg4aHYtNjIyN84AA8mS
qdrant is vulnerable to path traversal due to improper input validation in the `/collections/{name}/snapshots/upload` endpointEcosystems: cargo
Packages: qdrant
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: about 2 months ago
GSA_kwCzR0hTQS1jYzk3LWc5Mnctam02Nc4AA8jt
TYPO3 CMS Insecure Deserialization & Arbitrary Code ExecutionEcosystems: packagist
Packages: typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 35.1
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: titon/framework
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 2 months ago
GSA_kwCzR0hTQS1xM2ptLXYyN3EtamZ3d84AA8jq
titon/framework vulnerable to Remote Code Execution via Chosen-Ciphertext AttackEcosystems: packagist
Packages: titon/framework
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: terminal42/contao-tablelookupwizard
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: about 2 months ago
GSA_kwCzR0hTQS03ZnBqLXdjOHYtOWNnY84AA8jm
terminal42/contao-tablelookupwizard possible SQL injection in widget field valueEcosystems: packagist
Packages: terminal42/contao-tablelookupwizard
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: about 2 months ago
GSA_kwCzR0hTQS1tbWN2LWZ2cTgtcjl4M84AA8jg
Symfony XML decoding attack vector through external entitiesEcosystems: packagist
Packages: symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: symfony/serializer
Source: GitHub Advisory Database
Blast Radius: 46.0
Published: about 2 months ago
GSA_kwCzR0hTQS1qNjh3LXBnNDktZjZ2eM4AA8je
Symfony XML decoding attack vector through external entitiesEcosystems: packagist
Packages: symfony/serializer
Source: GitHub Advisory Database
Blast Radius: 46.0
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: swiftmailer/swiftmailer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS00cXBqLWd4eGctanFnNM4AA8jN
Swiftmailer Sendmail transport arbitrary shell executionEcosystems: packagist
Packages: swiftmailer/swiftmailer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Critical
Ecosystems: pypi
Packages: mocodo
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 2 months ago
GSA_kwCzR0hTQS1qNmN2LTk4angtbXJ3cs4AA8jD
Mocodo vulnerable to SQL injection in `/web/generate.php`Ecosystems: pypi
Packages: mocodo
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1manIyLXIybXAtNDg0cM4AA8jC
SimpleSAMLphp signature validation bypassEcosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Critical
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: 2 months ago
GSA_kwCzR0hTQS1xOHg3LWpjM2gtcDh4Y84AA8iU
Dolibarr vulnerable to SQL InjectionEcosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: 2 months ago
GSA_kwCzR0hTQS1jM2g5LXEzangtdzdmY84AA8iT
Dolibarr vulnerable to SQL InjectionEcosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: 2 months ago
GSA_kwCzR0hTQS04djZtLTdmNXYtaGh4Ns4AA8iN
Silverstripe Brute force bypass on default adminEcosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: vufind/vufind
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS13eDI0LXZxcmctbTZtNc4AA8gT
VuFind Server-Side Request Forgery (SSRF) vulnerabilityEcosystems: packagist
Packages: vufind/vufind
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: vufind/vufind
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS1md2hjLW1tOXEtbXFxOM4AA8gN
VuFind Server-Side Request Forgery (SSRF) vulnerabilityEcosystems: packagist
Packages: vufind/vufind
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: pypi
Packages: ait-core
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: 2 months ago
GSA_kwCzR0hTQS1qcWZmLThnMnYtNjQyaM4AA8db
NASA AIT-Core vulnerable to remote code executionEcosystems: pypi
Packages: ait-core
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: shopware/shopware
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: 2 months ago
GSA_kwCzR0hTQS04M2p2LTRwcm0tMzRnN84AA8da
Shopware Remote Code Execution VulnerabilityEcosystems: packagist
Packages: shopware/shopware
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: shopware/shopware
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: 2 months ago
GSA_kwCzR0hTQS03MzM2LWdoaHAtZjJxas4AA8dZ
Shopware Remote Code Execution VulnerabilityEcosystems: packagist
Packages: shopware/shopware
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: shopware/shopware
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: 2 months ago
GSA_kwCzR0hTQS1xM2c0LTJ2dzkteHYyN84AA8dX
Shopware Remote Code Execution VulnerabilityEcosystems: packagist
Packages: shopware/shopware
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: 2 months ago
Critical
Ecosystems: pypi
Packages: pymysql
Source: GitHub Advisory Database
Blast Radius: 40.6
Published: 2 months ago
GSA_kwCzR0hTQS12OWhmLTVqODMtNnhwcM4AA8dB
PyMySQL SQL Injection vulnerabilityEcosystems: pypi
Packages: pymysql
Source: GitHub Advisory Database
Blast Radius: 40.6
Published: 2 months ago
Critical
Ecosystems: go
Packages: github.com/argoproj/argo-cd, github.com/argoproj/argo-cd/v2
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: 2 months ago
GSA_kwCzR0hTQS05NzY2LTUyNzctajVocs4AA8aY
ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis CacheEcosystems: go
Packages: github.com/argoproj/argo-cd, github.com/argoproj/argo-cd/v2
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: 2 months ago
Critical
Ecosystems: npm
Packages: @blackprint/engine
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 2 months ago
GSA_kwCzR0hTQS1nM3EyLXZjanEtcmdyY84AA8V-
Blackprint @blackprint/engine Prototype Pollution issueEcosystems: npm
Packages: @blackprint/engine
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: propel/propel1
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: 2 months ago
GSA_kwCzR0hTQS03ZzdjLXFoZjMteDU5cM4AA8V0
propel/propel1 SQL injection possible with limit() on MySQLEcosystems: packagist
Packages: propel/propel1
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: propel/propel
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: 2 months ago
GSA_kwCzR0hTQS03dnc3LXF4MzgtMzd2cs4AA8Vz
Propel2 SQL injection possible with limit() on MySQLEcosystems: packagist
Packages: propel/propel
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: neos/swiftmailer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS1ycTZxLWhqdmgtNW13aM4AA8Rv
Flow Swift Mailer package Remote code executionEcosystems: packagist
Packages: neos/swiftmailer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: namshi/jose
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS00cnI2LWdmNTktZ2d3Nc4AA8Rn
namshi/jose - Verification bypassEcosystems: packagist
Packages: namshi/jose
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: pypi
Packages: consoleme
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
GSA_kwCzR0hTQS0zNzgzLTYydmMtanI3eM4AA8K_
ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git commandEcosystems: pypi
Packages: consoleme
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS04ajdjLTY4MngtcjlmMs4AA8I2
Magento RCE,XSS and other vulnerabilitiesEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS01Z21oLTg1eDgtNWN4N84AA8I0
Magento remote code execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilitiesEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS1jdjI1LTNweHItNHE3eM4AA8Iz
Magento Open Source Security Advisory: Patch SUPEE-10975Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS0yNmhxLTcyODYtbWc4Zs4AA8Iy
Magento Patch SUPEE-9652 - Remote Code Execution using mail vulnerabilityEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS02d200LTNyamotYzh4eM4AA8Ix
Magento Security enhancements that help close RCE,XSS,CSRF and other vulnerabilitiesEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS1wcnBmLWNqODctaHd2cs4AA8Iw
Magento Patch SUPEE-10752 - Multiple security enhancements vulnerabilitiesEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: laravel/framework
Source: GitHub Advisory Database
Blast Radius: 56.8
Published: 2 months ago
GSA_kwCzR0hTQS1xbTVjLW03NnItMmhmcs4AA8Ip
Laravel RCE vulnerability in "cookie" session driverEcosystems: packagist
Packages: laravel/framework
Source: GitHub Advisory Database
Blast Radius: 56.8
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: illuminate/cookie
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS0yZmZ2LXI0cjktcjh4cs4AA8Ie
Laravel RCE vulnerability in "cookie" session driverEcosystems: packagist
Packages: illuminate/cookie
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: gree/jose
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS05Z3h2LXg3cnAtcjJoY84AA8Ib
gree/jose - "None" Algorithm treated as valid in tokensEcosystems: packagist
Packages: gree/jose
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: firebase/php-jwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS1oNTMzLTV2MjItOHZjcM4AA8IT
firebase/php-jwt: "None" Algorithm treated as valid on tokensEcosystems: packagist
Packages: firebase/php-jwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS1qZjhjLTM2dnctOTh4NM4AA8HT
Drupal core Remote Code ExecutionEcosystems: packagist
Packages: drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS1qang3LTg0NjItdzRtNM4AA8HS
Drupal Core Insufficient Contextual Links validation leads to Remote Code ExecutionEcosystems: packagist
Packages: drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS03djY4LTNwcjUtaDNjcs4AA8HF
Drupal Core Insufficient Contextual Links validation leads to Remote Code ExecutionEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS02bWdwLXY1Y20tZ2hnNc4AA8HE
Drupal core Remote Code ExecutionEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: doctrine/orm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS02cTl2LTRocTYtNW02N84AA8G_
Doctrine SQL injection vulnerabilityEcosystems: packagist
Packages: doctrine/orm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: contao/core
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: 2 months ago
GSA_kwCzR0hTQS13eHh3LTVncTYtajJnNc4AA8G5
contao/core Insufficient input validation allows for code injection and remote executionEcosystems: packagist
Packages: contao/core
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: codeigniter/framework
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: 2 months ago
GSA_kwCzR0hTQS0yN3FyLTYzNm0td3hnMs4AA8GR
codeigniter/framework SQL injection in ODBC database driverEcosystems: packagist
Packages: codeigniter/framework
Source: GitHub Advisory Database
Blast Radius: 27.1
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: adodb/adodb-php
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS1oNjNjLXh2cGYtMjY0as4AA8GG
ADOdb SQL injection vulnerabilityEcosystems: packagist
Packages: adodb/adodb-php
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Critical
Ecosystems: packagist
Packages: mautic/core
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 2 months ago
GSA_kwCzR0hTQS00MnE3LTk1ajctdzYybc4AA8GE
Mautic is vulnerable to XSS vulnerabilityEcosystems: packagist
Packages: mautic/core
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 2 months ago
Critical
Ecosystems: maven
Packages: com.amazon.redshift:redshift-jdbc42
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: 2 months ago
GSA_kwCzR0hTQS14M3dtLWhmZnItY2h3bc4AA8GB
Amazon JDBC Driver for Redshift SQL Injection via line comment generationEcosystems: maven
Packages: com.amazon.redshift:redshift-jdbc42
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: 2 months ago
Critical
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 2 months ago
GSA_kwCzR0hTQS12cWM0LW1wajgtanhjaM4AA8Er
Grafana Race condition allowing privilege escalationEcosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 2 months ago
Statistics
Advisories: 19,584
Packages: 8,642
Repositories: 1,336
Ecosystems: 12
Packages: 8,642
Repositories: 1,336
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
35
dolibarr/dolibarr
25
com.fasterxml.jackson.core:jackson-databind
24
net.mingsoft:ms-mcms
18
org.jenkins-ci.main:jenkins-core
18
salt
17
moodle/moodle
15
drupal/core
14
com.liferay.portal:release.portal.bom
13
mlflow
13
topthink/framework
13
langchain
12
com.liferay.portal:release.dxp.bom
12
org.apache.dubbo:dubbo
12
org.apache.struts:struts2-core
11
magento/core
11
vm2
10
apache-airflow
10
drupal/drupal
10
org.xwiki.platform:xwiki-platform-oldcore
10
funadmin/funadmin
9
phpmyadmin/phpmyadmin
9
tensorflow
9
tensorflow-cpu
8
paddlepaddle
8
zendframework/zendframework1
8
froxlor/froxlor
8
tensorflow-gpu
8
org.xwiki.platform:xwiki-platform-web-templates
8
symfony/symfony
8
shopware/platform
8
org.jeecgframework.boot:jeecg-boot-common
8
rdiffweb
8
github.com/argoproj/argo-cd
7
studio-42/elfinder
7
rusqlite
7
ansible
7
parse-server
7
sequelize
7
org.xwiki.platform:xwiki-platform-administration-ui
7
gogs.io/gogs
7
zendframework/zendframework
6
github.com/answerdev/answer
6
thorsten/phpmyfaq
6
org.apache.shiro:shiro-core
6
ezsystems/ezpublish-kernel
6
aaptjs
6
org.apache.inlong:manager-pojo
5
typo3/cms
5
org.jeecgframework.boot:jeecg-boot-parent
5
safe-eval
5
nodebb
5
centreon/centreon
5
org.apache.activemq:activemq-client
5
org.xwiki.commons:xwiki-commons-xml
5
org.xwiki.platform:xwiki-platform-web
5
shopware/core
5
django
5
Microsoft.ChakraCore
5
steal
5
ckb
5
org.jenkins-ci.plugins:script-security
5
github.com/argoproj/argo-cd/v2
5
Pillow
5
mautic/core
5
prestashop/prestashop
5
mercurial
5
spree_auth_devise
4
contao/core-bundle
4
simplesamlphp/simplesamlphp
4
shopware/shopware
4
org.apache.tapestry:tapestry-core
4
org.jeecgframework.boot:jeecg-boot-base-core
4
safer-eval
4
openssl-src
4
feehi/cms
4
librenms/librenms
4
calibreweb
4
swagger-ui
4
contao/contao
4
craftcms/cms
4
github.com/hashicorp/vault
4
code.gitea.io/gitea
4
github.com/grafana/grafana
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
org.apache.kylin:kylin-server-base
4
baserproject/basercms
4
org.cloudfoundry.identity:cloudfoundry-identity-server
4
realms-shim
4
org.eclipse.jetty:jetty-server
4
nukeviet/nukeviet
4
nilsteampassnet/teampass
4
org.apache.openmeetings:openmeetings-parent
4
net.opentsdb:opentsdb
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
PaddlePaddle
4
Django
4
github.com/usememos/memos
4
apache-airflow-providers-apache-hive
4
pyload-ng
4
hermes-engine
4
org.apache.tomcat.embed:tomcat-embed-core
4
smallvec
4
messagepack-rs
4
tribalsystems/zenario
4
org.apache.inlong:manager-service
4
org.keycloak:keycloak-core
3
mongoose
3
silverstripe/framework
3
ezsystems/ezplatform-kernel
3
edu.stanford.nlp:stanford-corenlp
3
slpjs
3
dompdf/dompdf
3
browserify-shim
3
phpmailer/phpmailer
3
nvflare
3
handlebars
3
rubygems-update
3
ray
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
log4j:log4j
3
showdoc/showdoc
3
strapi
3
slp-validate
3
org.jeecgframework.boot:jeecg-boot-base
3
github.com/rancher/rancher
3
github.com/dexidp/dex
3
org.apache.logging.log4j:log4j-core
3
org.apache.hadoop:hadoop-common
3
org.apache.ignite:ignite-core
3
facade/ignition
3
codeigniter/framework
3
modoboa
3
codeigniter4/framework
3
org.springframework.security:spring-security-core
3
symfony/security
3
symfony/security-core
3
github.com/gofiber/fiber/v2
3
com.alibaba:dubbo
3
com.jflyfox:jflyfox_jfinal
3
com.hazelcast:hazelcast
3
org.xwiki.platform:xwiki-platform-search-ui
3
org.apache.inlong:manager-web
3
jsrsasign
3
id-map
3
ro.pippo:pippo-core
3
org.apache.storm:storm
3
lmdb
3
@openzeppelin/contracts-upgradeable
3
publify_core
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
pimcore/pimcore
3
smarty/smarty
3
org.richfaces:richfaces-core
3
org.apache.solr:solr-parent
3
org.apache.any23:apache-any23
3
io.undertow:undertow-core
3
org.apache.linkis:linkis
3
adodb/adodb-php
3
elefant/cms
3
codiad/codiad
3
github.com/go-gitea/gitea
3
francoisjacquet/rosariosis
3
org.xwiki.platform:xwiki-platform-panels-ui
3
github.com/hashicorp/nomad
3
impresscms/impresscms
3
nokogiri
3
org.jenkins-ci.plugins:active-directory
3
io.dataease:dataease-plugin-common
3
org.apache.jmeter:ApacheJMeter
3
xcb
3
org.xwiki.platform:xwiki-platform-icon-ui
3
actix-web
3
github.com/pterodactyl/wings
3
org.apache.solr:solr-core
3
cobbler
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
feathers-sequelize
3
ibexa/core
3
github.com/gogs/gogs
3
org.apache.ozone:ozone-main
3
pandasai
2
pagekit/pagekit
2
@soketi/soketi
2
org.xwiki.platform:xwiki-platform-scheduler-ui
2
com.sap.cloud.security.xsuaa:spring-xsuaa
2
org.xwiki.platform:xwiki-platform-notifications-ui
2
facturascripts/facturascripts
2
cockpit-hq/cockpit
2
org.xwiki.contrib:application-ckeditor-ui
2
scalyr-agent-2
2
badaso/core
2
org.apache.inlong:manager-dao
2
pyrocms/pyrocms
2
python-keystoneclient
2
puma
2
org.xwiki.platform:xwiki-platform-administration
2
failure
2
llama-index-core
2
Simple-Wayland-HotKey-Daemon
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
83
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/saltstack/salt
14
https://github.com/apache/airflow
14
https://github.com/mlflow/mlflow
12
https://github.com/PaddlePaddle/Paddle
11
https://github.com/gogs/gogs
10
https://github.com/patriksimek/vm2
10
https://github.com/ming-soft/MCMS
10
https://github.com/magento/magento2
9
https://github.com/top-think/framework
9
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/django/django
9
https://github.com/tensorflow/tensorflow
9
https://github.com/funadmin/funadmin
9
https://github.com/ikus060/rdiffweb
8
https://github.com/argoproj/argo-cd
8
https://github.com/langchain-ai/langchain
8
https://github.com/apache/inlong
8
https://github.com/Studio-42/elFinder
7
https://github.com/sequelize/sequelize
7
https://github.com/rusqlite/rusqlite
7
https://github.com/symfony/symfony
7
https://github.com/parse-community/parse-server
7
https://github.com/apache/struts
7
https://github.com/ansible/ansible
7
https://github.com/go-gitea/gitea
7
https://github.com/python-pillow/Pillow
7
https://github.com/xwiki/xwiki-commons
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/answerdev/answer
6
https://github.com/shopware/platform
6
https://github.com/shenzhim/aaptjs
6
https://github.com/nervosnetwork/ckb
5
https://github.com/keycloak/keycloak
5
https://github.com/dromara/hutool
5
https://github.com/froxlor/froxlor
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/PrestaShop/PrestaShop
5
https://github.com/apache/tomcat
5
https://github.com/NodeBB/NodeBB
5
https://github.com/moodle/moodle
5
https://github.com/stealjs/steal
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/apache/activemq
5
https://github.com/usememos/memos
4
https://github.com/swagger-api/swagger-ui
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/spring-projects/spring-framework
4
https://github.com/pippo-java/pippo
4
https://github.com/liufee/cms
4
https://github.com/dompdf/dompdf
4
https://github.com/CVEProject/cvelist
4
https://github.com/pyload/pyload
4
https://github.com/janeczku/calibre-web
4
https://github.com/cloudfoundry/uaa
4
https://github.com/servo/rust-smallvec
4
https://github.com/otake84/messagepack-rs
4
https://github.com/grafana/grafana
4
https://github.com/hwchase17/langchain
4
https://github.com/contao/contao
4
https://github.com/jflyfox/jfinal_cms
3
https://github.com/ADOdb/ADOdb
3
https://github.com/octobercms/october
3
https://github.com/opencast/opencast
3
https://github.com/apache/camel
3
https://github.com/publify/publify
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/rancher/rancher
3
https://github.com/baserproject/basercms
3
https://github.com/modoboa/modoboa
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/star7th/showdoc
3
https://github.com/dataease/dataease
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/simpleledger/slpjs
3
https://github.com/pterodactyl/wings
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/cobbler/cobbler
3
https://github.com/smarty-php/smarty
3
https://github.com/run-llama/llama_index
3
https://github.com/rubygems/rubygems.org
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/simplesamlphp/simplesamlphp
3
https://github.com/dexidp/dex
3
https://github.com/denoland/deno
3
https://github.com/mautic/mautic
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/neorazorx/facturascripts
3
https://github.com/shopware5/shopware
3
https://github.com/craftcms/cms
3
https://github.com/nukeviet/nukeviet
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/gofiber/fiber
3
https://github.com/github/securitylab
3
https://github.com/dwisiswant0/advisory
3
https://github.com/twisted/twisted
3
https://github.com/actix/actix-web
3
https://github.com/facade/ignition
3
https://github.com/centreon/centreon-archived
3
https://github.com/rubygems/rubygems
3
https://github.com/mbechler/marshalsec
3
https://github.com/TribalSystems/Zenario
3
https://github.com/apache/shiro
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/ibexa/core
3
https://github.com/hazelcast/hazelcast
3
https://github.com/pimcore/pimcore
3
https://github.com/facebook/hermes
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/shopware/shopware
3
https://github.com/kjur/jsrsasign
3
https://github.com/crewjam/saml
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/andrewhickman/id-map
3
https://github.com/rust-lang-nursery/failure
2
https://github.com/jmrozanec/cron-utils
2
https://github.com/josdejong/mathjs
2
https://github.com/BerriAI/litellm
2
https://github.com/uasoft-indonesia/badaso
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/graphite-project/graphite-web
2
https://github.com/jfinal/jfinal
2
https://github.com/Automattic/mongoose
2
https://github.com/javamelody/javamelody
2
https://github.com/apache/jmeter
2
https://github.com/IceWhaleTech/CasaOS
2
https://github.com/rochacbruno/quokka
2
https://github.com/intelliants/subrion
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/http4s/http4s
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jenkinsci/script-security-plugin
2
https://github.com/ahdinosaur/set-in
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/kubernetes/kubernetes
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/unshiftio/url-parse
2
https://github.com/scalyr/scalyr-agent-2
2
https://github.com/puma/puma
2
https://github.com/web2py/web2py
2
https://github.com/moby/buildkit
2
https://github.com/Kozea/Radicale
2
https://github.com/MrSwitch/hello.js
2
https://github.com/ibexa/admin-ui
2
https://github.com/evmos/evmos
2
https://github.com/viz-rs/nano-id
2
https://github.com/beego/beego
2
https://github.com/fluxcd/flux2
2
https://github.com/dominictarr/libnested
2
https://github.com/js-data/js-data
2
https://github.com/rubyzip/rubyzip
2
https://github.com/top-think/thinkphp
2
https://github.com/netvl/acc_reader
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/qcubed/qcubed
2
https://github.com/SAP/cloud-pysec
2
https://github.com/keystonejs/keystone
2
https://github.com/hashicorp/vault
2
https://github.com/firebase/php-jwt
2
https://github.com/getgrav/grav
2
https://github.com/nats-io/jwt
2
https://github.com/ionicabizau/parse-url
2
https://github.com/apache/kylin
2
https://github.com/h2database/h2database
2
https://github.com/hashicorp/go-getter
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/rest-client/rest-client
2
https://github.com/vufind-org/vufind
2
https://github.com/noear/solon
2
https://github.com/totaljs/framework
2
https://github.com/neo4j-contrib/neo4j-apoc-procedures
2
https://github.com/sidorares/node-mysql2
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/nystudio107/craft-seomatic
2
https://github.com/parisneo/lollms
2
https://github.com/dominictarr/event-stream
2
https://github.com/folio-org/mod-data-export-spring
2
https://github.com/gnzlbg/slice_deque
2
https://github.com/drupal/core
2
https://github.com/Netflix/security-bulletins
2
https://gitlab.com/francoisjacquet/rosariosis
2
https://github.com/WWBN/AVideo
2
https://github.com/sparklemotion/nokogiri
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/apache/dolphinscheduler
2
https://github.com/jaw187/node-traceroute
2
https://github.com/omrilotan/async-git
2
https://github.com/apache/karaf
2
https://github.com/dfinity/agent-js
2
https://github.com/benbusby/whoogle-search
2
https://github.com/laurent22/joplin
2
https://github.com/Codiad/Codiad
2