Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: pypi
Packages: APKLeaks
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS04NDM0LXY3eHctOG05eM0loA
Improper Neutralization of Argument Delimiters in a Decompiling Package Process in APKLeaksEcosystems: pypi
Packages: APKLeaks
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 52.7
Published: over 2 years ago
GSA_kwCzR0hTQS1mN3ZoLXF3cDMteDM3bc0kWQ
Deserialization of Untrusted Data in Apache Log4jEcosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 52.7
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: over 2 years ago
GSA_kwCzR0hTQS03bWhjLXByZ3YtcjNxNM0j-w
Access of Resource Using Incompatible Type in HermesEcosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 52.3
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 2 years ago
GSA_kwCzR0hTQS1xNGo3LXYyN3ItZmdjeM0h4w
Prototype Pollution in realms-shimEcosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 2 years ago
GSA_kwCzR0hTQS1wd203LXFyNmotM3ZqZ80h4Q
Prototype Pollution in realms-shimEcosystems: npm
Packages: realms-shim
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.dubbo:dubbo
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 2 years ago
GSA_kwCzR0hTQS12cDV4LTN2OHItcXByd80hYA
Deserialization of Untrusted Data in DubboEcosystems: maven
Packages: org.apache.dubbo:dubbo
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: @soketi/soketi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS0ydzhnLW01ajgtN204N80hSQ
Zalgo-like output that crashes the serverEcosystems: npm
Packages: @soketi/soketi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: over 2 years ago
GSA_kwCzR0hTQS04dmoyLXZ4eDMtNjY3d80hfA
Arbitrary expression injection in PillowEcosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: diskusage-ng
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMyNjkteDRwdy12ZmZn
OS Command Injection in diskusage-ngEcosystems: npm
Packages: diskusage-ng
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: node-mpv
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNxcjIteGhnNi1wMjY4
OS Command Injection in node-mpvEcosystems: npm
Packages: node-mpv
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: com.h2database:h2
Source: GitHub Advisory Database
Blast Radius: 53.2
Published: over 2 years ago
GSA_kwCzR0hTQS1oMzc2LWoyNjItdmhxNs0g_w
RCE in H2 ConsoleEcosystems: maven
Packages: com.h2database:h2
Source: GitHub Advisory Database
Blast Radius: 53.2
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: drupal/core, drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: over 2 years ago
GSA_kwCzR0hTQS04Y3c1LXJ2OTgtNWM0Ns0g-A
Arbitrary PHP code execution in DrupalEcosystems: packagist
Packages: drupal/core, drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: actix-web
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: over 2 years ago
GSA_kwCzR0hTQS05cWo2LTRyZnEtdm04NM0frg
Out-of-bounds Write in actix-webEcosystems: cargo
Packages: actix-web
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: actix-web
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: over 2 years ago
GSA_kwCzR0hTQS03eDM2LWg2Mnctdnc2Nc0frA
Out-of-bounds Write in actix-webEcosystems: cargo
Packages: actix-web
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: actix-web
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: over 2 years ago
GSA_kwCzR0hTQS1mZ2ZtLWhxanctMzI2Nc0frQ
Out-of-bounds Write in actix-webEcosystems: cargo
Packages: actix-web
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: flumedb
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
GSA_kwCzR0hTQS1wNDZjLXc5bTMtN3FyMs0fqg
Use of Uninitialized Resource in flumedb.Ecosystems: cargo
Packages: flumedb
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: acc_reader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS03OTlmLXI3OHAtZ3E5Y80fow
Use of Uninitialized Resource in acc_reader.Ecosystems: cargo
Packages: acc_reader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: acc_reader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1wNGNyLTY0eDQtZjkyZs0fpA
Use of Uninitialized Resource in acc_reader.Ecosystems: cargo
Packages: acc_reader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: buffoon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS12OTM4LXFjYzktcnd2OM0fpQ
Use of Uninitialized Resource in buffoon.Ecosystems: cargo
Packages: buffoon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: bronzedb-protocol
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qdjJyLWp4NnEtODlqZ80foA
Use of Uninitialized Resource in bronzedb-protocol.Ecosystems: cargo
Packages: bronzedb-protocol
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: binjs_io
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1jdzRqLWNmNmMtbW1mds0fnw
Use of Uninitialized Resource in binjs_io.Ecosystems: cargo
Packages: binjs_io
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: csv-sniffer
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
GSA_kwCzR0hTQS05NzgzLTQycG0teDVqcc0fnA
Use of Uninitialized Resource in csv-sniffer.Ecosystems: cargo
Packages: csv-sniffer
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: columnar
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS05bXA3LTQ1cWgtcjhqOM0fnQ
columnar: Read on uninitialized buffer may cause UB (ColumnarReadExt::read_typed_vec())Ecosystems: cargo
Packages: columnar
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: raw-cpuid
Source: GitHub Advisory Database
Blast Radius: 33.5
Published: over 2 years ago
GSA_kwCzR0hTQS13NDI4LWY2NXItaDRxMs0fmw
Deserialization of Untrusted Data in rust-cpuidEcosystems: cargo
Packages: raw-cpuid
Source: GitHub Advisory Database
Blast Radius: 33.5
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: ash
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: over 2 years ago
GSA_kwCzR0hTQS02NHd2LTh2d3AteGd3Ms0fmg
Use of Uninitialized Resource in ash.Ecosystems: cargo
Packages: ash
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: messagepack-rs
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qcWpqLXI0cXAteDJnaM0flQ
Use of Uninitialized Resource in messagepack-rs.Ecosystems: cargo
Packages: messagepack-rs
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: messagepack-rs
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qd2ZoLWo2MjMtbTk3aM0flg
Use of Uninitialized Resource in messagepack-rsEcosystems: cargo
Packages: messagepack-rs
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: messagepack-rs
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
GSA_kwCzR0hTQS1ocjUyLWY5dnAtNTgyY80flw
Use of Uninitialized Resource in messagepack-rs.Ecosystems: cargo
Packages: messagepack-rs
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: gfx-auxil
Source: GitHub Advisory Database
Blast Radius: 27.2
Published: over 2 years ago
GSA_kwCzR0hTQS1mZjJyLXhwd3EtNndoas0fmA
Use of Uninitialized Resource in gfx-auxilEcosystems: cargo
Packages: gfx-auxil
Source: GitHub Advisory Database
Blast Radius: 27.2
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: messagepack-rs
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
GSA_kwCzR0hTQS12dzVtLXF3MnItbTkyM80fmQ
Use of Uninitialized Resource in messagepack-rs.Ecosystems: cargo
Packages: messagepack-rs
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: mopa
Source: GitHub Advisory Database
Blast Radius: 27.3
Published: over 2 years ago
GSA_kwCzR0hTQS0yZ3hqLXFycDItNTNqds0flA
Incorrect reliance on Trait memory layout in mopaEcosystems: cargo
Packages: mopa
Source: GitHub Advisory Database
Blast Radius: 27.3
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS04Z2ptLWgzeGotbXA2d80fkQ
RPC call failure in ckbEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: molecule
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 2 years ago
GSA_kwCzR0hTQS02cDNjLXY4dmMtYzI0NM0fkg
The `total_size` function for partial read the length of any `FixVec` is incorrect in molecule.Ecosystems: cargo
Packages: molecule
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: sha2
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 2 years ago
GSA_kwCzR0hTQS1mYzd4LTJjbWMtOGoyZ80fkw
Incorrect hash in sha2Ecosystems: cargo
Packages: sha2
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: tremor-script
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: over 2 years ago
GSA_kwCzR0hTQS1xMng1LTZxN3Etcjg3Ms0fjg
Use After Free in tremor-scriptEcosystems: cargo
Packages: tremor-script
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: tectonic_xdv
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: over 2 years ago
GSA_kwCzR0hTQS1xd3Z4LWM4ajctNWc3Nc0fjA
Use of Uninitialized Resource in tectonic_xdvEcosystems: cargo
Packages: tectonic_xdv
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: nanorand
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: over 2 years ago
GSA_kwCzR0hTQS1yNTdyLWo5OGctNTg3Zs0fig
Pointer dereference in nanorandEcosystems: cargo
Packages: nanorand
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: zeroize_derive
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: over 2 years ago
GSA_kwCzR0hTQS1jNWh4LXc5NDUtajRwcc0fiQ
Memory flaw in zeroize_deriveEcosystems: cargo
Packages: zeroize_derive
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: crypto2
Source: GitHub Advisory Database
Blast Radius: 12.8
Published: over 2 years ago
GSA_kwCzR0hTQS05aGZnLXB4cjYtcTR2cM0fhQ
Use of a Broken or Risky Cryptographic Algorithm in crypto2Ecosystems: cargo
Packages: crypto2
Source: GitHub Advisory Database
Blast Radius: 12.8
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: js-data
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 2 years ago
GSA_kwCzR0hTQS1jNmg0LWdjM2YtaGdqcc0eZw
Prototype Pollution in js-dataEcosystems: npm
Packages: js-data
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.solr:solr-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1wY2NyLXE3djktNWYyN80eMw
Apache Solr Improper Input Validation and Path TraversalEcosystems: maven
Packages: org.apache.solr:solr-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: latte/latte
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: over 2 years ago
GSA_kwCzR0hTQS02cGoyLTVmcXEteHZqY80c2g
Incorrect Authorization in latte/latteEcosystems: packagist
Packages: latte/latte
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.powernukkit:powernukkit
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 2 years ago
GSA_kwCzR0hTQS0zcXBtLWg5Y2gtcHgzY80gtg
Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j libraryEcosystems: maven
Packages: org.powernukkit:powernukkit
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: over 2 years ago
Critical
Ecosystems: go
Packages: github.com/keep-network/keep-ecdsa
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1ncDZqLXZ4NTQtNXBtZs0guA
Incorrect validation of parties IDs leaks secret keys in Secret-sharing schemeEcosystems: go
Packages: github.com/keep-network/keep-ecdsa
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: gerapy
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 2 years ago
GSA_kwCzR0hTQS05dzdmLW00ajQtajN4d80g4g
Gerapy < 0.9.8 may cause remote code executionEcosystems: pypi
Packages: gerapy
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: node-windows
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: over 2 years ago
GSA_kwCzR0hTQS01M3h2LWMyaHgtNXc2cc0d_Q
Command Injection in node-windowsEcosystems: npm
Packages: node-windows
Source: GitHub Advisory Database
Blast Radius: 29.0
Published: over 2 years ago
Critical
Ecosystems: go
Packages: github.com/concourse/dex, github.com/concourse/concourse
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYyN3AtcnI3OC05OXJq
GitLab auth uses full name instead of username as user ID, allowing impersonationEcosystems: go
Packages: github.com/concourse/dex, github.com/concourse/concourse
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: over 2 years ago
Critical
Ecosystems: go
Packages: github.com/russellhaering/goxmldsig, github.com/dexidp/dex
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW05aHAtN3I5OS05NGg1
Critical security issues in XML encoding in github.com/dexidp/dexEcosystems: go
Packages: github.com/russellhaering/goxmldsig, github.com/dexidp/dex
Source: GitHub Advisory Database
Blast Radius: 29.6
Published: over 2 years ago
Critical
Ecosystems: go
Packages: github.com/dexidp/dex
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4MzItam05NS0yY3B4
Authentication Bypass in dexEcosystems: go
Packages: github.com/dexidp/dex
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: npm-groovy-lint
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xYzIyLXF3bTktajhyeM0dGQ
Remote Code Execution in npm-groovy-lintEcosystems: npm
Packages: npm-groovy-lint
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: go
Packages: github.com/openshift/origin
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zZm0taDVqcC1xNzlw
Authorization bypass in OpenshiftEcosystems: go
Packages: github.com/openshift/origin
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: over 2 years ago
Critical
Ecosystems: go
Packages: github.com/authelia/authelia/v4
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4d20tcGZqZi13cXA2
Authelia vulnerable to an authentication bypassed with malformed request URI on nginxEcosystems: go
Packages: github.com/authelia/authelia/v4
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 2 years ago
GSA_kwCzR0hTQS1xODY4LWM0dnctcWp4M80czw
ThinkPHP5 SQL Injection vulnerabilityEcosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: de.averbis.textanalysis:pear-archetype
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qN2MzLTk2cmYtanJycM0cpw
Critical vulnerability in log4j may affect generated PEAR projectsEcosystems: maven
Packages: de.averbis.textanalysis:pear-archetype
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS03NHI2LWdyajktOHJxNs0ZEw
Remote Code Execution in AjaxNetProfessionalEcosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.craftercms:crafter-search
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS0yd3IyLThxanEtZ2g1Nc0ZDA
Exposure of Resource to Wrong Sphere in org.craftercms:crafter-searchEcosystems: maven
Packages: org.craftercms:crafter-search
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: md-to-pdf
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 2 years ago
GSA_kwCzR0hTQS14OTQ5LTdjbTYtZm02cM0avQ
Code Injection in md-to-pdf.Ecosystems: npm
Packages: md-to-pdf
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: com.itextpdf:itextpdf, com.itextpdf:itext7-core
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: over 2 years ago
GSA_kwCzR0hTQS1ndjg3LXE2NmgtNDI3N80ckg
Command injection in itext7-coreEcosystems: maven
Packages: com.itextpdf:itextpdf, com.itextpdf:itext7-core
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: com.splunk.logging:splunk-library-javalogging
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05NGc3LWhwdjgtaDlxbc0bRQ
Remote code injection in Log4jEcosystems: maven
Packages: com.splunk.logging:splunk-library-javalogging
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.opencastproject:opencast-ingest-service-impl
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS01OWc0LWhwZzMtM2djcM0bQw
Files Accessible to External Parties in OpencastEcosystems: maven
Packages: org.opencastproject:opencast-ingest-service-impl
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: cgi
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: over 2 years ago
GSA_kwCzR0hTQS01Y3FtLWNyeG0tNnFwds0bSA
Buffer overrun in CGI.escape_htmlEcosystems: rubygems
Packages: cgi
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.opencastproject:opencast-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1tZjRmLWo1ODgtNXhtOM0bPQ
Apache Log4j Remote Code ExecutionEcosystems: maven
Packages: org.opencastproject:opencast-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 2 years ago
GSA_kwCzR0hTQS03cmpyLTNxNTUtdnYzM80bQA
Incomplete fix for Apache Log4j vulnerabilityEcosystems: maven
Packages: org.apache.logging.log4j:log4j-core
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: github-todos
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS03OTJqLTl3ajMtajYzNM0Z9w
Command injection in github-todosEcosystems: npm
Packages: github-todos
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 2 years ago
GSA_kwCzR0hTQS0zM2djLTZjdzktdzNnNM0ZXg
Deserialization of Untrusted Data in topthink/frameworkEcosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
GSA_kwCzR0hTQS03Mjg5LWNod2otN2g4Ns0ZMg
Path traversal in librenms/librenmsEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.ops4j.pax.logging:pax-logging-log4j2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS14eGZoLXg5OHAtajhmcs0atA
Remote code injection in Log4j (through pax-logging-log4j2)Ecosystems: maven
Packages: org.ops4j.pax.logging:pax-logging-log4j2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: node-rules
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY3OGYtMzUzbS1jZjRq
Code Injection in node-rulesEcosystems: npm
Packages: node-rules
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: just-safe-set
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYyNnctZ2N4aC12NHI3
Prototype polluation in just-safe-setEcosystems: npm
Packages: just-safe-set
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: total4
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc3bXEtcmZqMi0yNXdx
Code Injection in total4Ecosystems: npm
Packages: total4
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: total.js
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmbTYtZ3hxZy0ycHdy
Code Injection in total.jsEcosystems: npm
Packages: total.js
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: putil-merge
Source: GitHub Advisory Database
Blast Radius: 16.5
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl4N20tOWhwZy14eG13
Prototype Pollution in putil-mergeEcosystems: npm
Packages: putil-merge
Source: GitHub Advisory Database
Blast Radius: 16.5
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: field
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtODItcXI0NS1oN213
Prototype Pollution in fieldEcosystems: npm
Packages: field
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core, uk.co.nichesolutions.logging.log4j:log4j-core, org.xbib.elasticsearch:log4j, com.guicedee.services:log4j-core
Source: GitHub Advisory Database
Blast Radius: 49.2
Published: over 2 years ago
GSA_kwCzR0hTQS1qZmg4LWMyanAtNXYzcc0asw
Remote code injection in Log4jEcosystems: maven
Packages: org.apache.logging.log4j:log4j-core, uk.co.nichesolutions.logging.log4j:log4j-core, org.xbib.elasticsearch:log4j, com.guicedee.services:log4j-core
Source: GitHub Advisory Database
Blast Radius: 49.2
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: adb-driver
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtNnEtcnhobS02NzV3
OS Command Injection in adb-driverEcosystems: npm
Packages: adb-driver
Source: GitHub Advisory Database
Blast Radius: 26.7
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: heroku-addonpool
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNxOXgtdzUzcC1qZzUz
OS Command Injection in heroku-addonpoolEcosystems: npm
Packages: heroku-addonpool
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: compass-compile
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxOWYteDZybS1xbXhy
Command Injection in compass-compileEcosystems: npm
Packages: compass-compile
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: git-it-electron
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS13anFjLWo1Mzctajlnas0Z-A
Command injection in git-it-electronEcosystems: npm
Packages: git-it-electron
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS02cjdjLTZ3OTYtOHB2d80ZPw
Remote Code Execution in AjaxNetProfessionalEcosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 2 years ago
GSA_kwCzR0hTQS1xcnZqLTI3NGgtaGZjZ80ZRw
Deserialization of Untrusted Data in topthink/frameworkEcosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: matyhtf/framework
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 2 years ago
GSA_kwCzR0hTQS1taDlqLXY2bXEtcGZjaM0ZMQ
Path manipulation in matyhtf/frameworkEcosystems: packagist
Packages: matyhtf/framework
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS13ZjVwLWY1eHItYzRqas0YRg
SQL Injection in rosariosisEcosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 30.6
Published: over 2 years ago
GSA_kwCzR0hTQS1wZm13LXZqNzQtcGg4Z80YjQ
HashiCorp Vault Incorrect Permission Assignment for Critical ResourceEcosystems: go
Packages: github.com/hashicorp/vault
Source: GitHub Advisory Database
Blast Radius: 30.6
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
GSA_kwCzR0hTQS13cDRoLXB2Z3ctNTcyN80Y7Q
Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache StrutsEcosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: over 2 years ago
GSA_kwCzR0hTQS03cnBjLTltODgtY2Y5d80YPQ
OS Command Injection Vulnerability and Potential Zip Slip Vulnerability in baserCMSEcosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 2 years ago
GSA_kwCzR0hTQS1oZjJtLWo5OHItNGZxd80YdA
API token verification can be bypassed in NodeBBEcosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: over 2 years ago
GSA_kwCzR0hTQS13eDY5LXJ2ZzMteDdmY80YdQ
XSS via prototype pollution in NodeBBEcosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.jspwiki:jspwiki-main
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: over 2 years ago
GSA_kwCzR0hTQS04Z3c2LXc1cnctNGc1Y80YMA
Incorrect Default Permissions in Apache JSPWikiEcosystems: maven
Packages: org.apache.jspwiki:jspwiki-main
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: shopware/platform, shopware/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1yNjRtLXFjaGotaHJqcM0YFg
Webcache Poisoning in shopware/platform and shopware/coreEcosystems: packagist
Packages: shopware/platform, shopware/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: algoliasearch-helper
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: over 2 years ago
GSA_kwCzR0hTQS12cGY1LTgyYzgtOXYzNs0XwA
Prototype Pollution in algoliasearch-helperEcosystems: npm
Packages: algoliasearch-helper
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS0zdzVoLXg0cmgtaGMyOM0Xmg
Exposure of sensitive information in Apache OzoneEcosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS0zM3hoLXhjaDktcDZoas0XrQ
Incorrect Authorization in Apache OzoneEcosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS04NmZoLWo1OG0tN3BmNc0XvA
Improper Privilege Management in Apache OzoneEcosystems: maven
Packages: org.apache.ozone:ozone-main
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 2 years ago
GSA_kwCzR0hTQS04amhwLTJnY3ItcXc5Ns0Xzg
Moodle vulnerable to RCE via unsafe deserializationEcosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: over 2 years ago
Critical
Ecosystems: pypi
Packages: onionshare-cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS03ZzQ3LXh4ZmYtOXA4Nc0WIA
Remote unauthenticated attackers able to upload files in OnionshareEcosystems: pypi
Packages: onionshare-cli
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: facade/ignition
Source: GitHub Advisory Database
Blast Radius: 52.2
Published: over 2 years ago
GSA_kwCzR0hTQS12aHJwLThxeDQtdnI2Y80XYA
Incorrect Access Control in IgnitionEcosystems: packagist
Packages: facade/ignition
Source: GitHub Advisory Database
Blast Radius: 52.2
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: json-schema
Source: GitHub Advisory Database
Blast Radius: 60.7
Published: over 2 years ago
GSA_kwCzR0hTQS04OTZyLWYyN3ItNTVtd80XPA
json-schema is vulnerable to Prototype PollutionEcosystems: npm
Packages: json-schema
Source: GitHub Advisory Database
Blast Radius: 60.7
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: spree_auth_devise
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: over 2 years ago
GSA_kwCzR0hTQS1ncHFjLTRwcDctNTk1NM0XVQ
Authentication Bypass by CSRF WeaknessEcosystems: rubygems
Packages: spree_auth_devise
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: spree_auth_devise
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: over 2 years ago
GSA_kwCzR0hTQS04eGZ3LTVxODItMzY1Ms0XVA
Authentication Bypass by CSRF WeaknessEcosystems: rubygems
Packages: spree_auth_devise
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: spree_auth_devise
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: over 2 years ago
GSA_kwCzR0hTQS02bXFyLXE4NnEtNmd3cs0XUw
Authentication Bypass by CSRF WeaknessEcosystems: rubygems
Packages: spree_auth_devise
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: over 2 years ago
Statistics
Advisories: 18,752
Packages: 8,375
Repositories: 1,301
Ecosystems: 12
Packages: 8,375
Repositories: 1,301
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
34
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
org.jenkins-ci.main:jenkins-core
18
net.mingsoft:ms-mcms
18
salt
17
moodle/moodle
15
drupal/core
14
topthink/framework
13
com.liferay.portal:release.portal.bom
13
langchain
12
com.liferay.portal:release.dxp.bom
12
mlflow
12
org.apache.dubbo:dubbo
12
magento/core
11
org.apache.struts:struts2-core
11
apache-airflow
10
drupal/drupal
10
vm2
10
funadmin/funadmin
9
phpmyadmin/phpmyadmin
9
tensorflow
9
org.xwiki.platform:xwiki-platform-oldcore
9
froxlor/froxlor
8
paddlepaddle
8
org.jeecgframework.boot:jeecg-boot-common
8
rdiffweb
8
tensorflow-cpu
8
tensorflow-gpu
8
org.xwiki.platform:xwiki-platform-web-templates
8
shopware/platform
8
studio-42/elfinder
7
rusqlite
7
sequelize
7
ansible
7
gogs.io/gogs
7
symfony/symfony
7
org.xwiki.platform:xwiki-platform-administration-ui
7
github.com/argoproj/argo-cd
6
parse-server
6
thorsten/phpmyfaq
6
ezsystems/ezpublish-kernel
6
aaptjs
6
github.com/answerdev/answer
6
mercurial
5
centreon/centreon
5
shopware/core
5
org.jeecgframework.boot:jeecg-boot-parent
5
org.apache.shiro:shiro-core
5
org.jenkins-ci.plugins:script-security
5
org.apache.activemq:activemq-client
5
steal
5
Microsoft.ChakraCore
5
mautic/core
5
org.xwiki.commons:xwiki-commons-xml
5
nodebb
5
org.xwiki.platform:xwiki-platform-web
5
prestashop/prestashop
5
safe-eval
5
ckb
5
zendframework/zendframework
5
Pillow
5
django
5
org.apache.inlong:manager-pojo
5
realms-shim
4
calibreweb
4
github.com/grafana/grafana
4
hermes-engine
4
contao/core-bundle
4
org.apache.tomcat.embed:tomcat-embed-core
4
spree_auth_devise
4
pyload-ng
4
feehi/cms
4
librenms/librenms
4
PaddlePaddle
4
org.apache.openmeetings:openmeetings-parent
4
contao/contao
4
smallvec
4
code.gitea.io/gitea
4
org.cloudfoundry.identity:cloudfoundry-identity-server
4
Django
4
github.com/hashicorp/vault
4
nilsteampassnet/teampass
4
net.opentsdb:opentsdb
4
apache-airflow-providers-apache-hive
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
org.apache.inlong:manager-service
4
org.eclipse.jetty:jetty-server
4
org.jeecgframework.boot:jeecg-boot-base-core
4
swagger-ui
4
org.apache.kylin:kylin-server-base
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
github.com/usememos/memos
4
baserproject/basercms
4
openssl-src
4
safer-eval
4
nukeviet/nukeviet
4
org.apache.tapestry:tapestry-core
4
github.com/argoproj/argo-cd/v2
4
messagepack-rs
4
org.apache.solr:solr-parent
3
pimcore/pimcore
3
lmdb
3
org.richfaces:richfaces-core
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
org.xwiki.platform:xwiki-platform-panels-ui
3
github.com/hashicorp/nomad
3
publify_core
3
nvflare
3
org.jenkins-ci.plugins:active-directory
3
org.apache.logging.log4j:log4j-core
3
zendframework/zendframework1
3
showdoc/showdoc
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
ezsystems/ezplatform-kernel
3
org.apache.hadoop:hadoop-common
3
@openzeppelin/contracts-upgradeable
3
com.alibaba:dubbo
3
symfony/security-core
3
modoboa
3
log4j:log4j
3
org.apache.storm:storm
3
symfony/security
3
edu.stanford.nlp:stanford-corenlp
3
org.xwiki.platform:xwiki-platform-icon-ui
3
ro.pippo:pippo-core
3
com.hazelcast:hazelcast
3
org.keycloak:keycloak-core
3
org.apache.ozone:ozone-main
3
adodb/adodb-php
3
smarty/smarty
3
slpjs
3
strapi
3
dompdf/dompdf
3
browserify-shim
3
actix-web
3
mongoose
3
facade/ignition
3
org.apache.linkis:linkis
3
com.jflyfox:jflyfox_jfinal
3
codiad/codiad
3
jsrsasign
3
io.undertow:undertow-core
3
ibexa/core
3
org.apache.jmeter:ApacheJMeter
3
cobbler
3
org.springframework.security:spring-security-core
3
github.com/dexidp/dex
3
github.com/pterodactyl/wings
3
simplesamlphp/simplesamlphp
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
io.dataease:dataease-plugin-common
3
rubygems-update
3
org.apache.any23:apache-any23
3
org.apache.solr:solr-core
3
org.xwiki.platform:xwiki-platform-search-ui
3
xcb
3
phpmailer/phpmailer
3
github.com/rancher/rancher
3
craftcms/cms
3
francoisjacquet/rosariosis
3
ray
3
codeigniter4/framework
3
org.apache.dolphinscheduler:dolphinscheduler
3
nokogiri
3
typo3/cms
3
elefant/cms
3
impresscms/impresscms
3
org.apache.ignite:ignite-core
3
id-map
3
handlebars
3
tribalsystems/zenario
3
codeigniter/framework
3
feathers-sequelize
3
github.com/go-gitea/gitea
3
org.apache.inlong:manager-web
3
org.jeecgframework.boot:jeecg-boot-base
3
slp-validate
3
async-git
2
python-keystoneclient
2
org.apache.flume.flume-ng-sources:flume-jms-source
2
llama-index
2
eslint-config-eslint
2
org.apache.inlong:manager-dao
2
org.jenkins-ci.plugins:semantic-versioning-plugin
2
github.com/sap/cloud-security-client-go
2
org.apache.shiro:shiro-web
2
apache-superset
2
mathjs
2
github.com/crewjam/saml
2
alextselegidis/easyappointments
2
github.com/russellhaering/gosaml2
2
total4
2
org.apache.derby:derby
2
laravel/framework
2
org.apache.commons:commons-configuration2
2
org.xwiki.platform:xwiki-platform-attachment-ui
2
Radicale
2
com.hazelcast.jet:hazelcast-jet
2
vyper
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/saltstack/salt
14
https://github.com/apache/airflow
14
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/tensorflow/tensorflow
9
https://github.com/top-think/framework
9
https://github.com/funadmin/funadmin
9
https://github.com/django/django
9
https://github.com/langchain-ai/langchain
8
https://github.com/magento/magento2
8
https://github.com/apache/inlong
8
https://github.com/ikus060/rdiffweb
8
https://github.com/argoproj/argo-cd
7
https://github.com/gogs/gogs
7
https://github.com/go-gitea/gitea
7
https://github.com/python-pillow/Pillow
7
https://github.com/Studio-42/elFinder
7
https://github.com/apache/struts
7
https://github.com/sequelize/sequelize
7
https://github.com/rusqlite/rusqlite
7
https://github.com/ansible/ansible
7
https://github.com/answerdev/answer
6
https://github.com/symfony/symfony
6
https://github.com/shenzhim/aaptjs
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/parse-community/parse-server
6
https://github.com/shopware/platform
6
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/froxlor/froxlor
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/moodle/moodle
5
https://github.com/NodeBB/NodeBB
5
https://github.com/apache/activemq
5
https://github.com/stealjs/steal
5
https://github.com/PrestaShop/PrestaShop
5
https://github.com/dromara/hutool
5
https://github.com/nervosnetwork/ckb
5
https://github.com/keycloak/keycloak
5
https://github.com/apache/tomcat
5
https://github.com/otake84/messagepack-rs
4
https://github.com/cloudfoundry/uaa
4
https://github.com/hwchase17/langchain
4
https://github.com/janeczku/calibre-web
4
https://github.com/swagger-api/swagger-ui
4
https://github.com/liufee/cms
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/grafana/grafana
4
https://github.com/servo/rust-smallvec
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/usememos/memos
4
https://github.com/dompdf/dompdf
4
https://github.com/pippo-java/pippo
4
https://github.com/pyload/pyload
4
https://github.com/contao/contao
4
https://github.com/CVEProject/cvelist
4
https://github.com/spring-projects/spring-framework
4
https://github.com/centreon/centreon-archived
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/pimcore/pimcore
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/shopware/shopware
3
https://github.com/rancher/rancher
3
https://github.com/facebook/hermes
3
https://github.com/star7th/showdoc
3
https://github.com/pterodactyl/wings
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/facade/ignition
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/publify/publify
3
https://github.com/smarty-php/smarty
3
https://github.com/craftcms/cms
3
https://github.com/nukeviet/nukeviet
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/crewjam/saml
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/ADOdb/ADOdb
3
https://github.com/ibexa/core
3
https://github.com/rubygems/rubygems.org
3
https://github.com/andrewhickman/id-map
3
https://github.com/apache/camel
3
https://github.com/rubygems/rubygems
3
https://github.com/twisted/twisted
3
https://github.com/hazelcast/hazelcast
3
https://github.com/actix/actix-web
3
https://github.com/modoboa/modoboa
3
https://github.com/dwisiswant0/advisory
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/octobercms/october
3
https://github.com/denoland/deno
3
https://github.com/mautic/mautic
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/baserproject/basercms
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/dexidp/dex
3
https://github.com/github/securitylab
3
https://github.com/apache/shiro
3
https://github.com/neorazorx/facturascripts
3
https://github.com/kjur/jsrsasign
3
https://github.com/mbechler/marshalsec
3
https://github.com/jmrozanec/cron-utils
2
https://github.com/pytorch/serve
2
https://github.com/sjep/array
2
https://github.com/jfinal/jfinal
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/top-think/thinkphp
2
https://github.com/SAP/cloud-pysec
2
https://github.com/apache/kylin
2
https://github.com/TribalSystems/Zenario
2
https://github.com/totaljs/framework
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/ahdinosaur/set-in
2
https://github.com/kubernetes/kubernetes
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/MrSwitch/hello.js
2
https://github.com/ibexa/admin-ui
2
https://github.com/evmos/evmos
2
https://github.com/beego/beego
2
https://github.com/dominictarr/libnested
2
https://github.com/fluxcd/flux2
2
https://github.com/moby/buildkit
2
https://github.com/unshiftio/url-parse
2
https://github.com/sidorares/node-mysql2
2
https://github.com/noear/solon
2
https://github.com/h2database/h2database
2
https://github.com/firebase/php-jwt
2
https://github.com/netvl/acc_reader
2
https://github.com/rubyzip/rubyzip
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/rest-client/rest-client
2
https://github.com/hashicorp/go-getter
2
https://github.com/qcubed/qcubed
2
https://github.com/nats-io/jwt
2
https://github.com/getgrav/grav
2
https://github.com/rochacbruno/quokka
2
https://github.com/graphite-project/graphite-web
2
https://github.com/rails/rails
2
https://github.com/uasoft-indonesia/badaso
2
https://github.com/apache/flume
2
https://github.com/Froxlor/Froxlor
2
https://github.com/TogaTech/tEnvoy
2
https://github.com/PowerJob/PowerJob
2
https://github.com/Gerapy/Gerapy
2
https://github.com/rust-random/rand
2
https://github.com/hashicorp/nomad
2
https://github.com/vert-x3/vertx-web
2
https://github.com/apache/karaf
2
https://github.com/simplesamlphp/simplesamlphp
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/sparklemotion/nokogiri
2
https://gitlab.com/francoisjacquet/rosariosis
2
https://github.com/laurent22/joplin
2
https://github.com/dominictarr/event-stream
2
https://github.com/KnpLabs/snappy
2
https://github.com/apache/incubator-streampark
2
https://github.com/SAP/cloud-security-services-integration-library
2
https://github.com/skoranga/node-dns-sync
2
https://github.com/commenthol/safer-eval
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/dfinity/agent-js
2
https://github.com/jaw187/node-traceroute
2
https://github.com/WWBN/AVideo
2
https://github.com/markevans/dragonfly
2
https://github.com/nilsteampassnet/TeamPass
2
https://github.com/soketi/soketi
2
https://github.com/line/armeria
2
https://github.com/gofiber/fiber
2
https://github.com/joomla/joomla-cms
2
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
2
https://github.com/google/flatbuffers
2
https://github.com/benbusby/whoogle-search
2
https://github.com/gventuri/pandas-ai
2
https://github.com/nodejs/llhttp
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/Automattic/mongoose
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/hashicorp/vault
2
https://github.com/ionicabizau/parse-url
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/keystonejs/keystone
2