Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Critical Security Advisories

Loading...
Critical
GSA_kwCzR0hTQS0zNDZoLTc0OWotcjI4d84AA7UE
PHPECC vulnerable to multiple cryptographic side-channel attacks
Ecosystems: packagist
Packages: mdanter/ecc
Source: GitHub Advisory Database
Blast Radius: 24.9
Published: about 5 hours ago
Critical
GSA_kwCzR0hTQS0zZjd3LXA4dnItNHY1Zs4AA7Ss
pyLoad allows upload to arbitrary folder lead to RCE
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 1 day ago
Critical
GSA_kwCzR0hTQS1yN2g3LWNoaDQtNXJ2bc4AA7Sn
Improper Access Control in Gitea
Ecosystems: go
Packages: github.com/go-gitea/gitea
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: 1 day ago
Critical
GSA_kwCzR0hTQS04MjhyLXIyYzgtcmZ3M84AA7Sl
Privilege Escalation in kubevirt
Ecosystems: go
Packages: kubevirt.io/kubevirt
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: 1 day ago
Critical
GSA_kwCzR0hTQS1xaDl3LXI3ZzUtcTkzOc4AA7QZ
Zend Framework SQL injection vulnerability
Ecosystems: packagist
Packages: zendframework/zendframework, zendframework/zend-db, zendframework/zendframework1
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: 2 days ago
Critical
GSA_kwCzR0hTQS0yOTd4LWo5cG0teGpnZ84AA7QY
Drupal Core Remote Code Execution Vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 2 days ago
Critical
GSA_kwCzR0hTQS03dmY0LXg1bTItcjZncs4AA7QP
OpenMetadata vulnerable to SpEL Injection in `PUT /api/v1/policies` (`GHSL-2023-252`)
Ecosystems: maven
Packages: org.open-metadata:openmetadata-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 days ago
Critical
GSA_kwCzR0hTQS00cmNoLTJmaDgtOTR2d84AA7Pp
MySQL2 for Node Arbitrary Code Injection
Ecosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 50.0
Published: 3 days ago
Critical
GSA_kwCzR0hTQS0yOXJjLXZxN2YteDMzNc4AA7O2
Apache HugeGraph-Server: Command execution in gremlin
Ecosystems: maven
Packages: org.apache.hugegraph:hugegraph-core, org.apache.hugegraph:hugegraph-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 days ago
Critical
GSA_kwCzR0hTQS12NnJ3LWhoZ2ctd2M0eM4AA7I5
Evmos vulnerable to DOS and transaction fee expropiation through Authz exploit
Ecosystems: go
Packages: github.com/evmos/evmos/v11
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
Critical
GSA_kwCzR0hTQS1yNmdwLXJmZjItcDNoZs4AA7Ca
llama-index-core Command Injection vulnerability
Ecosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 days ago
Critical
GSA_kwCzR0hTQS1ocTg4LXdnN3EtZ3A0Z84AA7CC
mlflow vulnerable to Path Traversal
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: 10 days ago
Critical
GSA_kwCzR0hTQS1odmo1LW12dzktOTNqM84AA7CZ
Insecure deserialization in BentoML
Ecosystems: pypi
Packages: bentoml
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: 10 days ago
Critical
GSA_kwCzR0hTQS02aDNmLTQzdnEtNTNoas4AA7CV
Directory traversal in zenml
Ecosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: 10 days ago
Critical
GSA_kwCzR0hTQS1mcHc3LWoyaGctNjl2Nc4AA66u
mysql2 Remote Code Execution (RCE) via the readCodeFor function
Ecosystems: npm
Packages: mysql2
Source: GitHub Advisory Database
Blast Radius: 50.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS0zZnA1LTJ4d2gtZnhtNs4AA657
Evmos transaction execution not accounting for all state transition after interaction with precompiles
Ecosystems: go
Packages: github.com/tharsis/evmos/v5, github.com/tharsis/evmos/v4, github.com/tharsis/evmos/v3, github.com/tharsis/evmos/v2, github.com/tharsis/evmos, github.com/evmos/evmos/v5, github.com/evmos/evmos/v6, github.com/evmos/evmos/v7, github.com/evmos/evmos/v16
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 15 days ago
Critical
GSA_kwCzR0hTQS13dnB4LWc0MjctcTl3Y84AA64y
llama-index-core Prompt Injection vulnerability leading to Arbitrary Code Execution
Ecosystems: pypi
Packages: llama-index-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS00NmNtLXBmd3YtY2dmOM4AA64p
LiteLLM has Server-Side Template Injection vulnerability in /completions endpoint
Ecosystems: pypi
Packages: litellm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS13eDQzLWc1NWctMmpmNM4AA64K
LocalAI Command Injection in audioToWav
Ecosystems: go
Packages: github.com/go-skynet/LocalAI
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS1teHZ3LWNqMzctOGcyaM4AA64v
Aim Web API vulnerable to Remote Code Execution
Ecosystems: pypi
Packages: aim
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: 15 days ago
Critical
GSA_kwCzR0hTQS1jMmdnLTRncTQtanY1as4AA630
XWiki Platform remote code execution from account through UIExtension parameters
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-uiextension-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS1oZjQzLTQ3cTQtZmhxNc4AA63z
XWiki Commons missing escaping of `{` in Velocity escapetool allows remote code execution
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-velocity
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: 15 days ago
Critical
GSA_kwCzR0hTQS1yNXZoLWdjM3ItcjI0d84AA63v
XWiki Platform CSRF remote code execution through the realtime HTML Converter API
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-realtime-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS1jdjU1LXY2cnctN3I1ds4AA63u
XWiki Platform remote code execution from account via custom skins support
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS0zN200LWhxeHYtdzI2Z84AA63t
XWiki Platform CSRF remote code execution through scheduler job's document reference
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-scheduler-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS14bTRoLTNqeHItbTNjNs4AA63r
XWiki Platform: Remote code execution through space title and Solr space facet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-solr-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS14eHAyLTljOWctN3dtas4AA63q
XWiki Platform: Remote code execution from edit in multilingual wikis via translations
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-localization-source-wiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS0yODU4LThjZngtNjltOc4AA63p
XWiki Platform: Remote code execution as guest via DatabaseSearch
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS12eHdyLXdwanYtcWpxN84AA63o
XWiki Platform: Privilege escalation (PR) from user registration through PDFClass
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS0zNGZqLXI1Z3EtNzM5Nc4AA63n
XWiki Platform: Remote code execution from account via SearchSuggestSourceSheet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-search-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 15 days ago
Critical
GSA_kwCzR0hTQS02Nmo4LWM4M20tZ2o1Zs4AA6wb
Apache Zeppelin remote code execution by adding malicious JDBC connection string
Ecosystems: maven
Packages: org.apache.zeppelin:zeppelin-jdbc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 16 days ago
Critical
GSA_kwCzR0hTQS1qNDk2LWNyZ2gtMzRteM4AA6qW
ibc-go: Potential Reentrancy using Timeout Callbacks in ibc-hooks
Ecosystems: go
Packages: github.com/cosmos/ibc-go, github.com/cosmos/ibc-go/v2, github.com/cosmos/ibc-go/v3, github.com/cosmos/ibc-go/v8, github.com/cosmos/ibc-go/v7, github.com/cosmos/ibc-go/v6, github.com/cosmos/ibc-go/v5, github.com/cosmos/ibc-go/v4
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: 20 days ago
Critical
GSA_kwCzR0hTQS01Z21tLTZtMzYtcjdqaM4AA6qS
transpose: Buffer overflow due to integer overflow
Ecosystems: cargo
Packages: transpose
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: 20 days ago
Critical
GSA_kwCzR0hTQS12YzZxLWNjajktOXI4Oc4AA6py
MailDev Remote Code Execution
Ecosystems: npm
Packages: maildev
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: 21 days ago
Critical
GSA_kwCzR0hTQS03bXhnLXI3NnAtMzYzZ84AA6kT
Gleez Cms Server Side Request Forgery (SSRF) vulnerability
Ecosystems: packagist
Packages: gleez/cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 23 days ago
Critical
GSA_kwCzR0hTQS13M3ZjLWZ4OXAtd3A0ds4AA6JP
Jupyter Server Proxy's Websocket Proxying does not require authentication
Ecosystems: pypi
Packages: jupyter-server-proxy
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS02aGg3LTQ2cjItdmYyOc4AA6JD
Server crashes on invalid Cloud Function or Cloud Job name
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1qd3Y1LThtcXYtZzM4N84AA6CM
Cross-site scripting on application summary component
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2, github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS00OTRoLTk5MjQteHd3Oc4AA6B3
Pterodactyl Wings vulnerable to improper isolation of server file access
Ecosystems: go
Packages: github.com/pterodactyl/wings
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS04ODMyLTRtbTUteDJyNs4AA6Aa
discordrb OS Command Injection vulnerability
Ecosystems: rubygems
Packages: discordrb
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS0zcTZnLXFtcHgtcnF3NM4AA6AY
Whoogle Search Server-Side Request Forgery vulnerability
Ecosystems: pypi
Packages: whoogle-search
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1xOTdnLWMyOWgteDJwN84AA6Ab
Whoogle Search Path Traversal vulnerability
Ecosystems: pypi
Packages: whoogle-search
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Critical
GSA_kwCzR0hTQS1yajk4LWNyZjQtZzY5d84AA51E
pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user
Ecosystems: pypi
Packages: pgAdmin4
Source: GitHub Advisory Database
Blast Radius: 17.1
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS03NWpwLXZxOHgtaDRjcc4AA501
Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters
Ecosystems: cargo
Packages: wasmi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS0ycnA4LWhmZjktYzV3cs4AA50x
PaddlePaddle Path Traversal vulnerability
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1tcm1tLXFtcmoteGdwNs4AA50i
PaddlePaddle vulnerable to remote code execution
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1xcXYyLTM1cTgtcDJnMs4AA50P
PaddlePaddle command injection in paddle.utils.download._wget_download
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1maDU0LTN2aGctbXBjMs4AA5z7
PaddlePaddle command injection vulnerability
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 31.1
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1mNmcyLWg3cXYtM201ds4AA5zK
Remote Code Execution by uploading a phar file using frontmatter
Ecosystems: packagist
Packages: getgrav/grav
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1jMmY5LTRqbW0tdjQ1bc4AA5zD
Shopware's session is persistent in Cache for 404 pages
Ecosystems: packagist
Packages: shopware/platform, shopware/storefront
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS04NmZjLWY5Z3ItdjUzM84AA5xc
HTTP Handling Vulnerability in the Bare server
Ecosystems: npm
Packages: @tomphttp/bare-server-node
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1mcWc4LXZmdjctOGZqOM4AA5wD
JSONata expression can pollute the "Object" prototype
Ecosystems: npm
Packages: jsonata
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1mZ3h2LWd3NTUtcjVmcc4AA5wB
Authorization Bypass Through User-Controlled Key in go-zero
Ecosystems: go
Packages: github.com/zeromicro/go-zero
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS00ZzJ4LXZxNXAtNXZqNs4AA5sL
Budibase affected by VM2 Constructor Escape Vulnerability
Ecosystems: npm
Packages: @budibase/server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS02OTI3LTN2cjktZnhmMs4AA5sK
ZDI-CAN-19105: Parse Server literalizeRegexPart SQL Injection
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1qMnB3LXZwNTUtZnFxas4AA5l1
Flask-AppBuilder vulnerable to incorrect authentication when using auth type OpenID
Ecosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Blast Radius: 25.2
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS14NXI1LTJxcngtcnFqOM4AA5ik
Transparent TLS may not be applied to Marbles with certain manifest configurations
Ecosystems: go
Packages: github.com/edgelesssys/marblerun
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS04NGMzLWo4cjItbWNtOM4AA5gp
@nfid/embed has compromised private key due to @dfinity/auth-client producing insecure session keys
Ecosystems: npm
Packages: @nfid/embed
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1oeDVxLXY2cGotNTMzcs4AA5go
SAML authentication bypass due to missing validation on unsigned SAML messages
Ecosystems: maven
Packages: com.linecorp.centraldogma:centraldogma-server-auth-saml
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS00bTZqLTIzcDItOGM1NM4AA5gn
Armeria SAML authentication bypass due to missing validation on unsigned SAML messages
Ecosystems: maven
Packages: com.linecorp.armeria:armeria-saml
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: about 2 months ago
Critical
GSA_kwCzR0hTQS1yYzZoLXF3ajktMmM1M84AA5em
Apache DolphinScheduler vulnerable to arbitrary JavaScript execution as root for authenticated users
Ecosystems: maven
Packages: org.apache.dolphinscheduler:dolphinscheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1mbWc0LXg4cHctaGpoZ84AA5dK
Fiber has Insecure CORS Configuration, Allowing Wildcard Origin with Credentials
Ecosystems: go
Packages: github.com/gofiber/fiber/v2
Source: GitHub Advisory Database
Blast Radius: 34.9
Published: 2 months ago
Critical
GSA_kwCzR0hTQS05N20zLTUyd3IteHZ2Ms4AA5dJ
Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE
Ecosystems: packagist
Packages: phenx/php-svg-lib
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 2 months ago
Critical
GSA_kwCzR0hTQS0yNHJwLXEzdzYtdmM1Ns4AA5cA
org.postgresql:postgresql vulnerable to SQL Injection via line comment generation
Ecosystems: maven
Packages: org.postgresql:postgresql
Source: GitHub Advisory Database
Blast Radius: 52.5
Published: 2 months ago
Critical
GSA_kwCzR0hTQS12Z3Y4LTVjcGotcWoyZs4AA5bL
pymatgen vulnerable to arbitrary code execution when parsing a maliciously crafted JonesFaithfulTransformation transformation_string
Ecosystems: pypi
Packages: pymatgen
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1xMmN2LTdqNTgtcmZtas4AA5bF
Liferay Portal Document and Media widget and Liferay DXP vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS00NGpnLWpnangtM3hnNc4AA5aM
Liferay Portal's Dynamic Data Mapping module's DDMForm and Liferay DXP vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1yd2h2LWh2ajItcXJxbc4AA5aN
Liferay Portal Frontend JS module's portlet.js and Liferay DXP vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1yd3hjLTRjbXctN3g3Nc4AA5aL
Liferay Portal and Liferay DXP vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS03M3gzLThtcmctNXI5M84AA5aE
Liferay Portal Language Override edit screen and Liferay DXP vulnerable to reflected Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1wMjh4LTRyNWgtcGg2as4AA5aJ
Liferay Portal Message Board widget and Liferay DXP vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS12MnhxLW0yMnctam1wcs4AA5aH
Liferay Portal and Liferay DXP's Users Admin module vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS00Njh4LWZyY20tZ2h4Ns4AA5aB
Liferay Portal and Liferay DXP vulnerable to reflected Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS14cGpnLTdoeDctd2djeM4AA5aI
Liferay Portal and Liferay DXP vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: 2 months ago
Critical
GSA_kwCzR0hTQS01NHB2LXI2MmotOXFxY84AA5aC
Liferay Portal and Liferay DXP vulnerable to reflected Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1jcjM2LTN2cWYteDV3Nc4AA5aK
Liferay Portal Expando module and Liferay DXP vulnerable to stored Cross-site Scripting
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1jOXZ2LWZoZ3YtY2pjM84AA5aA
agent-js: Insecure Key Generation in `Ed25519KeyIdentity.generate`
Ecosystems: npm
Packages: @dfinity/auth-client, @dfinity/identity
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: 2 months ago
Critical
GSA_kwCzR0hTQS01cndtLTJ4dzgtaGg5cM4AA5X7
Deserialization of Untrusted Data in Torrentpier
Ecosystems: packagist
Packages: torrentpier/torrentpier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Critical
GSA_kwCzR0hTQS02OHc3LTcyamctNnFwcM4AA5RM
NuGet Client Security Feature Bypass Vulnerability
Ecosystems: nuget
Packages: NuGet.Packaging, NuGet.CommandLine
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1nNzRxLTV4dzMtajdxOc4AA5RK
Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Critical
GSA_kwCzR0hTQS1nY2NxLWgzeGotamd2Zs4AA5N1
Pixelfed doesn't check OAuth Scopes in API routes, giving elevated permissions
Ecosystems: packagist
Packages: pixelfed/pixelfed
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Critical
GSA_kwCzR0hTQS01OXFqLWpjanYtNjYyas4AA5Kb
DIRAC's TokenManager does not check permissions on cached tokens
Ecosystems: pypi
Packages: DIRAC
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS1yM2pjLTNxbW0tdzNwd84AA5JJ
SQLAlchemyDA unauthenticated arbitrary SQL query execution
Ecosystems: pypi
Packages: Products.SQLAlchemyDA
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS01MnhxLWo3djktdjR2Ms4AA5JI
Vyper array negative index vulnerability
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 3 months ago
Critical
GSA_kwCzR0hTQS05dmdxLXc1cHYtdjc3cc4AA5JF
Liferay Portal stored cross-site scripting (XSS) vulnerability
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: 3 months ago
Critical
GSA_kwCzR0hTQS1nZnFmLTl3OTgtN2pteM4AA5GB
Stimulsoft Dashboard.JS directory traversal vulnerability
Ecosystems: npm
Packages: stimulsoft-dashboards-js
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 3 months ago
Critical
GSA_kwCzR0hTQS1xNzNmLXczaDctN3djY84AA5Cr
Nervos CKB Transaction which calls syscall load_cell_data_hash has nondeterministic result
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS04NHgyLTJxdjYtcWc1Ns4AA5Ch
Nervos CKB P2P DoS Attacks
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS0zNHEzLXAzNTItYzdxOM4AA5Bm
Central Dogma Authentication Bypass Vulnerability via Session Leakage
Ecosystems: maven
Packages: com.linecorp.centraldogma:centraldogma-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS05Z2g4LTg3N3ItZzQ3N84AA5Ap
Beetl Server-Side Template Injection vulnerability
Ecosystems: maven
Packages: com.ibeetl:beetl-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS05eDdmLWd3eHEtNmYyY84AA4_y
Vyper's bounds check on built-in `slice()` function can be overflowed
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 3 months ago
Critical
GSA_kwCzR0hTQS00djk4LTdxbXctcnFyOM4AA4-r
BuildKit vulnerable to possible host system access from mount stub cleaner
Ecosystems: go
Packages: github.com/moby/buildkit
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: 3 months ago
Critical
GSA_kwCzR0hTQS13cjZ2LTlmNzUtdmgyZ84AA4-q
Buildkit's interactive containers API does not validate entitlements check
Ecosystems: go
Packages: github.com/moby/buildkit
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS1qNnZ2LXZ2MjYtcmg3Y84AA488
HashiCorp Vault Improper Privilege Management
Ecosystems: go
Packages: github.com/hashicorp/vault/vault
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS04eHc2LTloNzgtYzg5as4AA470
Ylianst MeshCentral Missing SSL Certificate Validation
Ecosystems: npm
Packages: meshcentral
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS14dnE5LTR2cHYtMjI3bc4AA47r
Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature
Ecosystems: go
Packages: github.com/0xJacky/Nginx-UI
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS03eG04LXdqcTctODhyNc4AA47X
DeviceFarmer stf uses DES-ECB
Ecosystems: npm
Packages: @devicefarmer/stf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS00OTU3LTd2aHAtN3Y1Oc4AA45N
Deserialization of untrusted data in synthcity
Ecosystems: pypi
Packages: synthcity
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS02ZjlnLWN4d3ItcTVqcs4AA4qu
Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE
Ecosystems: maven
Packages: org.jenkins-ci.main:jenkins-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
GSA_kwCzR0hTQS03cThwLTk5NTMtcHh2cs4AA4ov
Remote Command Execution in SOFARPC
Ecosystems: maven
Packages: com.alipay.sofa:rpc-sofa-boot-starter
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: 3 months ago
Statistics
Advisories: 18,124
Packages: 8,239
Repositories: 1,280
Ecosystems: 12
Filter by Severity
Moderate 7,811 High 6,280 Critical 2,783 Low 966
Filter by Ecosystem
npm 951 maven 823 packagist 452 pypi 351 go 210 cargo 152 rubygems 110 nuget 49 actions 4 hex 4 swift 2
Filter by Package
magento/community-edition 27 com.fasterxml.jackson.core:jackson-databind 24 dolibarr/dolibarr 23 net.mingsoft:ms-mcms 18 org.jenkins-ci.main:jenkins-core 18 moodle/moodle 15 salt 14 com.liferay.portal:release.portal.bom 13 mlflow 12 langchain 12 com.liferay.portal:release.dxp.bom 12 org.apache.dubbo:dubbo 12 topthink/framework 12 org.apache.struts:struts2-core 11 drupal/core 11 magento/core 11 vm2 10 apache-airflow 10 tensorflow 9 phpmyadmin/phpmyadmin 9 org.xwiki.platform:xwiki-platform-oldcore 9 funadmin/funadmin 9 tensorflow-gpu 8 org.xwiki.platform:xwiki-platform-web-templates 8 tensorflow-cpu 8 paddlepaddle 8 rdiffweb 8 shopware/platform 8 drupal/drupal 8 org.jeecgframework.boot:jeecg-boot-common 8 org.xwiki.platform:xwiki-platform-administration-ui 7 sequelize 7 ansible 7 studio-42/elfinder 7 rusqlite 7 froxlor/froxlor 7 gogs.io/gogs 7 symfony/symfony 7 github.com/argoproj/argo-cd 6 ezsystems/ezpublish-kernel 6 thorsten/phpmyfaq 6 parse-server 6 aaptjs 6 github.com/answerdev/answer 6 org.jenkins-ci.plugins:script-security 5 org.apache.tomcat.embed:tomcat-embed-core 5 org.apache.activemq:activemq-client 5 steal 5 org.apache.shiro:shiro-core 5 org.xwiki.platform:xwiki-platform-web 5 safe-eval 5 Pillow 5 org.apache.inlong:manager-pojo 5 ckb 5 Microsoft.ChakraCore 5 org.xwiki.commons:xwiki-commons-xml 5 org.jeecgframework.boot:jeecg-boot-parent 5 shopware/core 5 centreon/centreon 5 zendframework/zendframework 5 nodebb 5 django 5 hermes-engine 4 Django 4 feehi/cms 4 org.cloudfoundry.identity:cloudfoundry-identity-server 4 calibreweb 4 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 4 librenms/librenms 4 org.jeecgframework.boot:jeecg-boot-base-core 4 net.opentsdb:opentsdb 4 apache-airflow-providers-apache-hive 4 github.com/argoproj/argo-cd/v2 4 spree_auth_devise 4 org.apache.tapestry:tapestry-core 4 openssl-src 4 org.apache.openmeetings:openmeetings-parent 4 github.com/usememos/memos 4 nilsteampassnet/teampass 4 org.apache.kylin:kylin-server-base 4 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 4 org.apache.inlong:manager-service 4 safer-eval 4 smallvec 4 org.eclipse.jetty:jetty-server 4 pyload-ng 4 swagger-ui 4 baserproject/basercms 4 nukeviet/nukeviet 4 realms-shim 4 code.gitea.io/gitea 4 messagepack-rs 4 PaddlePaddle 4 github.com/hashicorp/vault 4 prestashop/prestashop 4 org.jenkins-ci.plugins.workflow:workflow-cps 3 org.apache.ignite:ignite-core 3 elefant/cms 3 org.apache.linkis:linkis 3 rubygems-update 3 org.apache.storm:storm 3 ibexa/core 3 id-map 3 pimcore/pimcore 3 com.jflyfox:jflyfox_jfinal 3 strapi 3 github.com/rancher/rancher 3 craftcms/cms 3 github.com/dexidp/dex 3 org.xwiki.platform:xwiki-platform-search-ui 3 modoboa 3 @openzeppelin/contracts-upgradeable 3 phpmailer/phpmailer 3 github.com/hashicorp/nomad 3 mongoose 3 nvflare 3 lmdb 3 org.zenframework.z8.dependencies.commons:log4j-1.2.17 3 browserify-shim 3 org.keycloak:keycloak-core 3 publify_core 3 com.alibaba:dubbo 3 typo3/cms 3 symfony/security-core 3 log4j:log4j 3 edu.stanford.nlp:stanford-corenlp 3 dompdf/dompdf 3 slpjs 3 symfony/security 3 cobbler 3 org.springframework.security:spring-security-core 3 org.apache.dolphinscheduler:dolphinscheduler 3 zendframework/zendframework1 3 showdoc/showdoc 3 tribalsystems/zenario 3 github.com/go-gitea/gitea 3 org.apache.hadoop:hadoop-common 3 org.apache.any23:apache-any23 3 org.apache.ozone:ozone-main 3 handlebars 3 org.xwiki.platform:xwiki-platform-panels-ui 3 jsrsasign 3 impresscms/impresscms 3 org.xwiki.platform:xwiki-platform-flamingo-theme-ui 3 codeigniter4/framework 3 francoisjacquet/rosariosis 3 org.jenkins-ci.plugins:active-directory 3 facade/ignition 3 smarty/smarty 3 codiad/codiad 3 org.apache.logging.log4j:log4j-core 3 slp-validate 3 org.jeecgframework.boot:jeecg-boot-base 3 org.xwiki.platform:xwiki-platform-icon-ui 3 github.com/pterodactyl/wings 3 com.hazelcast:hazelcast 3 actix-web 3 ro.pippo:pippo-core 3 ezsystems/ezplatform-kernel 3 mautic/core 3 org.apache.solr:solr-core 3 ray 3 org.richfaces:richfaces-core 3 org.apache.solr:solr-parent 3 feathers-sequelize 3 org.apache.jmeter:ApacheJMeter 3 org.apache.inlong:manager-web 3 xcb 3 io.undertow:undertow-core 3 nokogiri 3 io.dataease:dataease-plugin-common 3 ezsystems/ezplatform-admin-ui 2 cn.hutool:hutool-json 2 org.noear:solon 2 github.com/fluxcd/flux2 2 org.apache.derby:derby 2 ses 2 pdfkit 2 qcubed/qcubed 2 stack_dst 2 cn.hutool:hutool-core 2 total.js 2 rest-client 2 dns-sync 2 flatbuffers 2 traitobject 2 com.thoughtworks.xstream:xstream 2 github.com/crewjam/saml 2 com.enonic.xp:lib-auth 2 intelliants/subrion 2 adodb/adodb-php 2 typo3/phar-stream-wrapper 2 github.com/russellhaering/goxmldsig 2 nystudio107/craft-seomatic 2 reportlab 2 org.springframework.amqp:spring-amqp 2 python-keystoneclient 2 org.xwiki.platform:xwiki-platform-scheduler-ui 2 github.com/apache/trafficcontrol 2 pandasai 2
Filter by Repository
https://github.com/xwiki/xwiki-platform 81 https://github.com/FasterXML/jackson-databind 24 https://github.com/jenkinsci/jenkins 17 https://github.com/Dolibarr/dolibarr 15 https://github.com/apache/airflow 14 https://github.com/saltstack/salt 13 https://github.com/PaddlePaddle/Paddle 11 https://github.com/mlflow/mlflow 11 https://github.com/patriksimek/vm2 10 https://github.com/ming-soft/MCMS 10 https://github.com/tensorflow/tensorflow 9 https://github.com/jeecgboot/jeecg-boot 9 https://github.com/funadmin/funadmin 9 https://github.com/django/django 8 https://github.com/langchain-ai/langchain 8 https://github.com/ikus060/rdiffweb 8 https://github.com/magento/magento2 8 https://github.com/top-think/framework 8 https://github.com/apache/inlong 8 https://github.com/apache/struts 7 https://github.com/rusqlite/rusqlite 7 https://github.com/Studio-42/elFinder 7 https://github.com/gogs/gogs 7 https://github.com/go-gitea/gitea 7 https://github.com/ansible/ansible 7 https://github.com/python-pillow/Pillow 7 https://github.com/argoproj/argo-cd 7 https://github.com/sequelize/sequelize 7 https://github.com/shopware/platform 6 https://github.com/xwiki/xwiki-commons 6 https://github.com/thorsten/phpmyfaq 6 https://github.com/parse-community/parse-server 6 https://github.com/symfony/symfony 6 https://github.com/answerdev/answer 6 https://github.com/shenzhim/aaptjs 6 https://github.com/keycloak/keycloak 5 https://github.com/froxlor/froxlor 5 https://github.com/apache/tomcat 5 https://github.com/NodeBB/NodeBB 5 https://github.com/moodle/moodle 5 https://github.com/apache/activemq 5 https://github.com/stealjs/steal 5 https://github.com/nervosnetwork/ckb 5 https://github.com/hacksparrow/safe-eval 5 https://github.com/solidusio/solidus_auth_devise 5 https://github.com/swagger-api/swagger-ui 4 https://github.com/janeczku/calibre-web 4 https://github.com/otake84/messagepack-rs 4 https://github.com/dromara/hutool 4 https://github.com/OpenTSDB/opentsdb 4 https://github.com/ezsystems/ezpublish-kernel 4 https://github.com/dompdf/dompdf 4 https://github.com/PrestaShop/PrestaShop 4 https://github.com/pippo-java/pippo 4 https://github.com/CVEProject/cvelist 4 https://github.com/usememos/memos 4 https://github.com/pyload/pyload 4 https://github.com/hwchase17/langchain 4 https://github.com/cloudfoundry/uaa 4 https://github.com/servo/rust-smallvec 4 https://github.com/spring-projects/spring-framework 4 https://github.com/liufee/cms 4 https://github.com/neorazorx/facturascripts 3 https://github.com/github/securitylab 3 https://github.com/dexidp/dex 3 https://github.com/feathersjs-ecosystem/feathers-sequelize 3 https://github.com/apache/shiro 3 https://github.com/baserproject/basercms 3 https://github.com/pterodactyl/wings 3 https://github.com/simpleledger/slpjs 3 https://github.com/phpmyadmin/phpmyadmin 3 https://github.com/smarty-php/smarty 3 https://github.com/cobbler/cobbler 3 https://github.com/opencast/opencast 3 https://github.com/thlorenz/browserify-shim 3 https://github.com/facade/ignition 3 https://github.com/TeamSeri0us/pocs 3 https://github.com/rubygems/rubygems.org 3 https://github.com/facebook/hermes 3 https://github.com/mbechler/marshalsec 3 https://github.com/hazelcast/hazelcast 3 https://github.com/jflyfox/jfinal_cms 3 https://github.com/pimcore/pimcore 3 https://github.com/star7th/showdoc 3 https://github.com/rancher/rancher 3 https://github.com/ImpressCMS/impresscms 3 https://github.com/publify/publify 3 https://github.com/dwisiswant0/advisory 3 https://github.com/centreon/centreon-archived 3 https://github.com/shopware/shopware 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/kjur/jsrsasign 3 https://github.com/chakra-core/ChakraCore 3 https://github.com/dataease/dataease 3 https://github.com/run-llama/llama_index 3 https://github.com/jbroadway/elefant 3 https://github.com/strapi/strapi 3 https://github.com/apache/camel 3 https://github.com/octobercms/october 3 https://github.com/ibexa/core 3 https://github.com/NVIDIA/NVFlare 3 https://github.com/denoland/deno 3 https://github.com/crewjam/saml 3 https://github.com/actix/actix-web 3 https://github.com/nukeviet/nukeviet 3 https://github.com/ezsystems/ezplatform-kernel 3 https://github.com/PHPMailer/PHPMailer 3 https://github.com/twisted/twisted 3 https://github.com/craftcms/cms 3 https://github.com/andrewhickman/id-map 3 https://github.com/modoboa/modoboa 3 https://github.com/rubygems/rubygems 3 https://github.com/js-data/js-data 2 https://github.com/Microsoft/ChakraCore 2 https://github.com/kubernetes/kubernetes 2 https://github.com/web2py/web2py 2 https://github.com/mautic/mautic 2 https://github.com/jenkinsci/script-security-plugin 2 https://github.com/russellhaering/gosaml2 2 https://github.com/ahdinosaur/set-in 2 https://github.com/ibexa/admin-ui 2 https://github.com/centreon/centreon 2 https://github.com/beego/beego 2 https://github.com/ezsystems/ezplatform-admin-ui 2 https://github.com/MrSwitch/hello.js 2 https://github.com/apache/incubator-streampark 2 https://github.com/evmos/evmos 2 https://github.com/moby/buildkit 2 https://github.com/OpenZeppelin/openzeppelin-contracts 2 https://github.com/ADOdb/ADOdb 2 https://github.com/javamelody/javamelody 2 https://github.com/Netflix/security-bulletins 2 https://github.com/folio-org/mod-data-export-spring 2 https://github.com/simpleledger/slp-validate.js 2 https://github.com/drupal/core 2 https://github.com/top-think/thinkphp 2 https://github.com/getgrav/grav 2 https://github.com/SAP/cloud-pysec 2 https://github.com/nats-io/jwt 2 https://github.com/qcubed/qcubed 2 https://github.com/nystudio107/craft-seomatic 2 https://github.com/apache/kylin 2 https://github.com/waycrate/swhkd 2 https://github.com/TribalSystems/Zenario 2 https://github.com/codeigniter4/CodeIgniter4 2 https://github.com/rest-client/rest-client 2 https://github.com/michaelschwarz/Ajax.NET-Professional 2 https://github.com/totaljs/framework 2 https://github.com/HtmlUnit/htmlunit 2 https://github.com/jenkinsci/semantic-versioning-plugin 2 https://github.com/stanfordnlp/corenlp 2 https://github.com/puma/puma 2 https://github.com/sjep/array 2 https://github.com/nodejs/llhttp 2 https://github.com/pytorch/serve 2 https://github.com/benbusby/whoogle-search 2 https://github.com/gventuri/pandas-ai 2 https://github.com/quarkusio/quarkus 2 https://github.com/SAP/cloud-security-services-integration-library 2 https://github.com/SAP/cloud-security-client-go 2 https://github.com/google/flatbuffers 2 https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable 2 https://github.com/dfinity/agent-js 2 https://github.com/vyperlang/vyper 2 https://github.com/jaw187/node-traceroute 2 https://github.com/WWBN/AVideo 2 https://github.com/skoranga/node-dns-sync 2 https://github.com/commenthol/safer-eval 2 https://github.com/actix/actix-net 2 https://github.com/gofiber/fiber 2 https://github.com/markevans/dragonfly 2 https://github.com/line/armeria 2 https://github.com/nilsteampassnet/TeamPass 2 https://github.com/soketi/soketi 2 https://github.com/dominictarr/libnested 2 https://github.com/unshiftio/url-parse 2 https://github.com/fluxcd/flux2 2 https://github.com/grafana/grafana 2 https://github.com/http4s/http4s 2 https://github.com/sidorares/node-mysql2 2 https://github.com/neo4j-contrib/neo4j-apoc-procedures 2 https://github.com/keystonejs/keystone 2 https://github.com/cockpit-hq/cockpit 2 https://github.com/h2database/h2database 2 https://github.com/ionicabizau/parse-url 2 https://github.com/hashicorp/vault 2 https://github.com/noear/solon 2 https://github.com/handlebars-lang/handlebars.js 2 https://github.com/netvl/acc_reader 2 https://github.com/Automattic/mongoose 2 https://github.com/jfinal/jfinal 2 https://github.com/rubyzip/rubyzip 2 https://github.com/jmrozanec/cron-utils 2 https://github.com/zoujingli/ThinkAdmin 2 https://github.com/apache/submarine 2 https://github.com/OpenAPITools/openapi-generator 2 https://github.com/apache/jmeter 2 https://github.com/apache/flume 2 https://github.com/laurent22/joplin 2