Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: npm
Packages: windows-cpu
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYzbTQtZmhmMi1jbWY3
Command Execution in windows-cpuEcosystems: npm
Packages: windows-cpu
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: summit
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN3Y3AtNmM0OC1mbTdt
Unsafe eval() in summit allows arbitrary code executionEcosystems: npm
Packages: summit
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWczMzYtYzd3di04aHAz
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAyMzktOTNmNy1oNnhm
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmNTkteDQ5cC12OG1x
Cross-Site Scripting in swagger-uiEcosystems: npm
Packages: swagger-ui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2OWgtcTNnai1jMzJ4
SQL Injection via GeoJSON in sequelizeEcosystems: npm
Packages: sequelize
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: gm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqaDMtanY3dy05anBy
Command Injection in gmEcosystems: npm
Packages: gm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: ungit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZqZnItcDZocC1qcXF3
Command Injection in ungitEcosystems: npm
Packages: ungit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: tomato
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2eGMtZzJqeC1xajNw
API Admin Auth Weakness in tomatoEcosystems: npm
Packages: tomato
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: libyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03NWgtY2docS1jOGg1
Heap Based Buffer Overflow in libyamlEcosystems: npm
Packages: libyaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: libnotify
Source: GitHub Advisory Database
Blast Radius: 12.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4OTgtd3g5NC04anE4
Potential Command Injection in libnotifyEcosystems: npm
Packages: libnotify
Source: GitHub Advisory Database
Blast Radius: 12.8
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: hubot-scripts
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3Y2gtNzQ5Yy1ydjYz
Potential Command Injection in hubot-scriptsEcosystems: npm
Packages: hubot-scripts
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: flood
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI1ODctN2poMi00cXIz
Server secret was included in static assets and served to clientsEcosystems: npm
Packages: flood
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhycHEtcjM5OS13aGd3
Sandbox Breakout / Arbitrary Code Execution in safe-evalEcosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: over 3 years ago
Critical
Ecosystems: pypi
Packages: tuf
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB3cWYtOWg3ai03bXY4
Incorrect threshold signature computation in TUFEcosystems: pypi
Packages: tuf
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: over 3 years ago
Critical
Ecosystems: packagist
Packages: sylius/resource-bundle
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2bTctajRoMy05cmY1
Remote Code Execution in SyliusResourceBundleEcosystems: packagist
Packages: sylius/resource-bundle
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: ftp-srv
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp3MzctNWdxci1jZjlq
Server-Side Request Forgery in ftp-srvEcosystems: npm
Packages: ftp-srv
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: over 3 years ago
Critical
Ecosystems: rubygems
Packages: kramdown
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1xbTItY2dwci1wNG02
Unintended read access in kramdown gemEcosystems: rubygems
Packages: kramdown
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: express-fileupload
Source: GitHub Advisory Database
Blast Radius: 43.3
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl3Y2ctanJ3Zi04Z2c3
Prototype Pollution in express-fileuploadEcosystems: npm
Packages: express-fileupload
Source: GitHub Advisory Database
Blast Radius: 43.3
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: org.springframework.integration:spring-integration-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2cXItOXZxYy1wZ2M2
Code execution in Spring IntegrationEcosystems: maven
Packages: org.springframework.integration:spring-integration-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgzcmgtbTd2cC0zNWYy
Operation on a Resource after Expiration or Release in Jetty ServerEcosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: slp-validate
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZqbXItamZoNy14ZzNo
False-positive validity for NFT1 genesis transactionsEcosystems: npm
Packages: slp-validate
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: slpjs
Source: GitHub Advisory Database
Blast Radius: 13.5
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNjMnAtNGpoci14aGh4
False-positive validity for NFT1 genesis transactions in SLPJSEcosystems: npm
Packages: slpjs
Source: GitHub Advisory Database
Blast Radius: 13.5
Published: almost 4 years ago
Critical
Ecosystems: packagist
Packages: friendsoftypo3/mediace
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRoNDQtdzZmbS01NDhn
Potential Remote Code Execution in TYPO3 with mediace extensionEcosystems: packagist
Packages: friendsoftypo3/mediace
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: org.apache.kylin:kylin-server-base
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4NWctOGhxMi04eDR3
SQL Injection in KylinEcosystems: maven
Packages: org.apache.kylin:kylin-server-base
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: org.apache.kylin:kylin-server-base
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF3ZnctZ3h4Mi1tbXYy
Command Injection in KylinEcosystems: maven
Packages: org.apache.kylin:kylin-server-base
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: scratch-vm
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZjOWotZmh2di04dnJm
Remote Code Execution in scratch-vmEcosystems: npm
Packages: scratch-vm
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 4 years ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk3NnItcWZqai1jMjR3
Command injection via Celery broker in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: almost 4 years ago
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlnMnctNWYzdi1tZm1t
Insecure default config of Celery worker in Apache AirflowEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: org.mapfish.print:print-standalone, org.mapfish.print:print-servlet, org.mapfish.print:print-lib
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZqdjYtZ3E3Ny0zbWp3
XXE attack in Mapfish PrintEcosystems: maven
Packages: org.mapfish.print:print-standalone, org.mapfish.print:print-servlet, org.mapfish.print:print-lib
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: org.quartz-scheduler:quartz
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlxY2YtYzI2ci14NXJm
XML external entity injection in Terracotta Quartz SchedulerEcosystems: maven
Packages: org.quartz-scheduler:quartz
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: generator-jhipster-kotlin
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozcmgtOHZ3cS13aDg0
JHipster Kotlin using insecure source of randomness `RandomStringUtils` before v1.2.0Ecosystems: npm
Packages: generator-jhipster-kotlin
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4eHEtY2htcC02N2c0
RSA PKCS#1 decryption vulnerability with prepending zeros in jsrsasignEcosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEzZ2gtNXI5OC1qNGgz
RSA-PSS signature validation vulnerability by prepending zeros in jsrsasignEcosystems: npm
Packages: jsrsasign
Source: GitHub Advisory Database
Blast Radius: 38.3
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5aHctd2Y3eC1qcDlq
Improper Privilege Management in TomcatEcosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYzajUtcm1tcC0zZmM1
Improper Input Validation in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: umount
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZxNDgtdmpxMi1td2Nq
Command Injection in umountEcosystems: npm
Packages: umount
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: ini-parser
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk2cjctbXJxZi1qaGNj
Prototype Pollution in ini-parserEcosystems: npm
Packages: ini-parser
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: almost 4 years ago
Critical
Ecosystems: rubygems
Packages: geocoder
Source: GitHub Advisory Database
Blast Radius: 42.2
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2NGotNnFwcC1jbXJy
SQL Injection in GeocoderEcosystems: rubygems
Packages: geocoder
Source: GitHub Advisory Database
Blast Radius: 42.2
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: schema-inspector
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIyNGgtNjM0cC1tNzJ4
Validation Bypass in schema-inspectorEcosystems: npm
Packages: schema-inspector
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: org.apache.xmlrpc:xmlrpc
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ2d3AtMzV3My14cGg4
Insecure Deserialization in Apache XML-RPCEcosystems: maven
Packages: org.apache.xmlrpc:xmlrpc
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: dom4j:dom4j, org.dom4j:dom4j
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh3ajMtbTNwNi1oajM4
dom4j allows External Entities by default which might enable XXE attacksEcosystems: maven
Packages: dom4j:dom4j, org.dom4j:dom4j
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: org.apache.ignite:ignite-core
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3bTUtOHE0Mi1yaHhn
File system access via H2 in Apache IgniteEcosystems: maven
Packages: org.apache.ignite:ignite-core
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: almost 4 years ago
Critical
Ecosystems: pypi
Packages: drf-jwt
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZwam0tcnAyZy0zcjRj
Django Rest Framework jwt allows obtaining new token from notionally invalidated tokenEcosystems: pypi
Packages: drf-jwt
Source: GitHub Advisory Database
Blast Radius: 22.4
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: logkitty
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY4djgtNjg1OS1xeG00
Arbitrary shell command execution in logkittyEcosystems: npm
Packages: logkitty
Source: GitHub Advisory Database
Blast Radius: 52.9
Published: almost 4 years ago
Critical
Ecosystems: npm
Packages: aegir
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFmY3YtNXdody03cGN3
Exposure of Sensitive Information to an Unauthorized Actor in AEgirEcosystems: npm
Packages: aegir
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: almost 4 years ago
Critical
Ecosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 60.1
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJwNjgtZjc0di05d2M2
ActiveSupport potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStoreEcosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 60.1
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: org.apache.camel:camel-netty
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg3OXAtMzJteC1mamo5
Apache Camel Netty enables Java deserialization by defaultEcosystems: maven
Packages: org.apache.camel:camel-netty
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: org.apache.commons:commons-configuration2
Source: GitHub Advisory Database
Blast Radius: 33.6
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxeDQtcHA3Ni12cnFo
Remote code execution in Apache Commons ConfigurationEcosystems: maven
Packages: org.apache.commons:commons-configuration2
Source: GitHub Advisory Database
Blast Radius: 33.6
Published: almost 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE5M2gtamM0OS03OGdn
jackson-databind mishandles the interaction between serialization gadgets and typingEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA0M3gteGZqZi01amhy
jackson-databind mishandles the interaction between serialization gadgets and typingEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: curlrequest
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW04eGotNXY3My0zaGg4
curlrequest allows execution of arbitrary commandsEcosystems: npm
Packages: curlrequest
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: about 4 years ago
Critical
Ecosystems: rubygems
Packages: actionpack-page_caching
Source: GitHub Advisory Database
Blast Radius: 30.6
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1nNXAtOTVtOS1ybWZw
Arbitrary file write in actionpack-page_caching gemEcosystems: rubygems
Packages: actionpack-page_caching
Source: GitHub Advisory Database
Blast Radius: 30.6
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: slp-validate
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3OTctNTd2Mi0zdzQ0
False-negative validation results in MINT transactions with invalid batonEcosystems: npm
Packages: slp-validate
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: slpjs
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjODMtY3BmOS1xN2M2
False-negative validation results in MINT transactions with invalid batonEcosystems: npm
Packages: slpjs
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: about 4 years ago
Critical
Ecosystems: packagist
Packages: barrelstrength/sprout-forms, barrelstrength/sprout-base-email
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB4OHYtaHh4eC0ycmdo
Potential Code Injection in Sprout FormsEcosystems: packagist
Packages: barrelstrength/sprout-forms, barrelstrength/sprout-base-email
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: hot-formula-parser
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJjNzcteHhxNi00bWZm
Command Injection in hot-formula-parserEcosystems: npm
Packages: hot-formula-parser
Source: GitHub Advisory Database
Blast Radius: 27.7
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVwMzQtNW02cC1wNThn
jackson-databind mishandles the interaction between serialization gadgets and typingEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: npm-programmatic
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQyNmgtMjR2ai1xd3hm
Command Injection in npm-programmaticEcosystems: npm
Packages: npm-programmatic
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: com.shopizer:sm-core-model
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc4cmMtcGd4cS14MmNq
Negative charge in shopping cart in ShopizerEcosystems: maven
Packages: com.shopizer:sm-core-model
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZwbXYtN3ByOS1jZ3Jq
Predictable password in KeycloakEcosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 30.0
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: devcert-sanscache
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRncDMtcDdwaC14Mmpy
OS Command Injection in devcert-sanscacheEcosystems: npm
Packages: devcert-sanscache
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: io.jooby:jooby-netty
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd2M3YtOTJ2Ni1tNDhq
Improper Neutralization of CRLF Sequences in HTTP Headers in Jooby ('HTTP Response Splitting)Ecosystems: maven
Packages: io.jooby:jooby-netty
Source: GitHub Advisory Database
Blast Radius: 22.1
Published: about 4 years ago
Critical
Ecosystems: pypi
Packages: ecdsa
Source: GitHub Advisory Database
Blast Radius: 38.1
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThxeGotZjlyaC05Zmcy
Improper Verification of Cryptographic Signature in Pure-Python ECDSAEcosystems: pypi
Packages: ecdsa
Source: GitHub Advisory Database
Blast Radius: 38.1
Published: about 4 years ago
Critical
Ecosystems: pypi
Packages: Twisted
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5NnctbW1yZi0yaDZ2
Improper Input Validation in TwistedEcosystems: pypi
Packages: Twisted
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: about 4 years ago
Critical
Ecosystems: pypi
Packages: Twisted
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1eGgtdng4My1teGNq
HTTP Request Smuggling in TwistedEcosystems: pypi
Packages: Twisted
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: io.micronaut:micronaut-http-client
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY5NHAteHJoZy14M3dt
Micronaut's HTTP client is vulnerable to HTTP Request Header InjectionEcosystems: maven
Packages: io.micronaut:micronaut-http-client
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: org.http4s:http4s-server_2.12
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY2cTktZjdmZi1tbXg2
Local file inclusion vulnerability in http4sEcosystems: maven
Packages: org.http4s:http4s-server_2.12
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: about 4 years ago
Critical
Ecosystems: pypi
Packages: psd-tools
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIyanItdmM3ai1nNzYy
Potential buffer overflow in psd-toolsEcosystems: pypi
Packages: psd-tools
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: about 4 years ago
Critical
Ecosystems: pypi
Packages: docutils
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNnNzUtNjkzOC13eDU4
python-docutils allows insecure usage of temporary filesEcosystems: pypi
Packages: docutils
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: about 4 years ago
Critical
Ecosystems: pypi
Packages: python-keystoneclient
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2ZzMtY2Y5Mi1oMmg3
Insufficient Verification of Data Authenticity in python-keystoneclientEcosystems: pypi
Packages: python-keystoneclient
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: about 4 years ago
Critical
Ecosystems: pypi
Packages: requests-kerberos
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdoMzctMzd4dy01NGhy
Improper Authentication in requests-kerberosEcosystems: pypi
Packages: requests-kerberos
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: about 4 years ago
Critical
Ecosystems: packagist
Packages: phpmailer/phpmailer
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmMzctZ3h2aC0yM3Y2
Remote code execution in PHPMailerEcosystems: packagist
Packages: phpmailer/phpmailer
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 4 years ago
Critical
Ecosystems: packagist
Packages: phpmailer/phpmailer
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRwYzMtOTZteC13d2M4
Remote code execution in PHPMailerEcosystems: packagist
Packages: phpmailer/phpmailer
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3ODItcjMyOS0zcTY3
Deserialization of Untrusted Data in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd3dzctcDV3NC13cmZ2
Deserialization of Untrusted Data in jackson-databindEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: about 4 years ago
Critical
Ecosystems: packagist
Packages: verot/class.upload.php
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJnYzctdzRody1ycjJt
class.upload.php in verot.net omits .pht from the set of dangerous file extensionsEcosystems: packagist
Packages: verot/class.upload.php
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 4 years ago
Critical
Ecosystems: maven
Packages: io.netty:netty, org.jboss.netty:netty, io.netty:netty-codec-http
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNxcWotNHA2My1ycm1t
HTTP Request Smuggling in NettyEcosystems: maven
Packages: io.netty:netty, org.jboss.netty:netty, io.netty:netty-codec-http
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: about 4 years ago
Critical
Ecosystems: rubygems
Packages: bibtex-ruby
Source: GitHub Advisory Database
Blast Radius: 32.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1cjUtN3BmaC02cWc2
BibTeX-Ruby vulnerable to OS command injectionEcosystems: rubygems
Packages: bibtex-ruby
Source: GitHub Advisory Database
Blast Radius: 32.0
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: aws-lambda
Source: GitHub Advisory Database
Blast Radius: 38.1
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkzNHgtNzJ4aC01aHJn
OS command injection in aws-lambdaEcosystems: npm
Packages: aws-lambda
Source: GitHub Advisory Database
Blast Radius: 38.1
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: git-diff-apply
Source: GitHub Advisory Database
Blast Radius: 24.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg0Y20tdjZqcC1nam1y
OS command injection in git-diff-applyEcosystems: npm
Packages: git-diff-apply
Source: GitHub Advisory Database
Blast Radius: 24.0
Published: about 4 years ago
Critical
Ecosystems: npm
Packages: node-df
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdwN20tbXJ2Zi01OTlj
Command Injection in node-dfEcosystems: npm
Packages: node-df
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: about 4 years ago
Critical
Ecosystems: packagist
Packages: symfony/var-exporter, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0cmMtcngyNS04bTg2
Improper Input Validation in SymfonyEcosystems: packagist
Packages: symfony/var-exporter, symfony/symfony
Source: GitHub Advisory Database
Blast Radius: 44.6
Published: over 4 years ago
Critical
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtcjQtbTJoNS0zM3F4
SQL injection in DjangoEcosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: over 4 years ago
Critical
Ecosystems: packagist
Packages: centreon/centreon
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdnangtaG0zNC1xZ2Y3
SQL injection in CentreonEcosystems: packagist
Packages: centreon/centreon
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: org.apache.olingo:odata-client-proxy
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqNzYtNDI5bS01Nndj
Deserialization of Untrusted Data in Apache OlingoEcosystems: maven
Packages: org.apache.olingo:odata-client-proxy
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: org.opencastproject:opencast-kernel
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZtbTYtdzRjZi03ZjN4
Authentication Bypass For Endpoints With Anonymous Access in OpencastEcosystems: maven
Packages: org.opencastproject:opencast-kernel
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIyODktcHFmcS02d3g3
Unrestricted upload of file with dangerous type in Apache SolrEcosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 4 years ago
Critical
Ecosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdwMm0tN2NmcC1oNmdm
Incorrect persistent NameID generation in SimpleSAMLphpEcosystems: packagist
Packages: simplesamlphp/simplesamlphp
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: org.infinispan:infinispan-core
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4M3YtcncycS05Z3g3
Improper implementation of the session fixation protection in InfinispanEcosystems: maven
Packages: org.infinispan:infinispan-core
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: over 4 years ago
Critical
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmcTYtaHE1ci0yN3I2
Django Potential account hijack via password reset formEcosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: over 4 years ago
Critical
Ecosystems: packagist
Packages: verot/class.upload.php
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI1Z20tNHA1dy1wcTJw
Remote code execution in verot/class.upload.phpEcosystems: packagist
Packages: verot/class.upload.php
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: over 4 years ago
Critical
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpnamMtMzMyYy04Y21j
SQL injection in phpMyAdminEcosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 52.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJxcmcteDIyOS0zdjhx
Deserialization of Untrusted Data in Log4jEcosystems: maven
Packages: org.zenframework.z8.dependencies.commons:log4j-1.2.17, log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 52.7
Published: over 4 years ago
Critical
Ecosystems: maven
Packages: org.apache.logging.log4j:log4j-core, org.apache.logging.log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 48.2
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4cGgtcTNqOC1tdjg3
Deserialization of Untrusted Data in Log4jEcosystems: maven
Packages: org.apache.logging.log4j:log4j-core, org.apache.logging.log4j:log4j
Source: GitHub Advisory Database
Blast Radius: 48.2
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0N2otaGM2eC1oM3Fx
Remote Code Execution Vulnerability in NPM mongo-expressEcosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: over 4 years ago
Critical
Ecosystems: npm, rubygems
Packages: handlebars, bootstrap-wysihtml5-rails
Source: GitHub Advisory Database
Blast Radius: 87.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0NTctNnE2eC1jZ3A5
Prototype Pollution in handlebarsEcosystems: npm, rubygems
Packages: handlebars, bootstrap-wysihtml5-rails
Source: GitHub Advisory Database
Blast Radius: 87.7
Published: over 4 years ago
Critical
Ecosystems: pypi
Packages: waitress
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRwcHAtZ3Bjci03cWY2
HTTP Request Smuggling: Content-Length Sent Twice in WaitressEcosystems: pypi
Packages: waitress
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2M3gteGM5ai1oaHZx
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4YzItbWozOS1xNTk5
Strapi allows unauthenticated attacker to reset admin password without valid reset tokenEcosystems: npm
Packages: strapi
Source: GitHub Advisory Database
Blast Radius: 35.5
Published: over 4 years ago
Statistics
Advisories: 18,752
Packages: 8,375
Repositories: 1,301
Ecosystems: 12
Packages: 8,375
Repositories: 1,301
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
34
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
org.jenkins-ci.main:jenkins-core
18
net.mingsoft:ms-mcms
18
salt
17
moodle/moodle
15
drupal/core
14
topthink/framework
13
com.liferay.portal:release.portal.bom
13
langchain
12
com.liferay.portal:release.dxp.bom
12
mlflow
12
org.apache.dubbo:dubbo
12
magento/core
11
org.apache.struts:struts2-core
11
apache-airflow
10
drupal/drupal
10
vm2
10
funadmin/funadmin
9
phpmyadmin/phpmyadmin
9
tensorflow
9
org.xwiki.platform:xwiki-platform-oldcore
9
froxlor/froxlor
8
paddlepaddle
8
org.jeecgframework.boot:jeecg-boot-common
8
rdiffweb
8
tensorflow-cpu
8
tensorflow-gpu
8
org.xwiki.platform:xwiki-platform-web-templates
8
shopware/platform
8
studio-42/elfinder
7
rusqlite
7
sequelize
7
ansible
7
gogs.io/gogs
7
symfony/symfony
7
org.xwiki.platform:xwiki-platform-administration-ui
7
github.com/argoproj/argo-cd
6
parse-server
6
thorsten/phpmyfaq
6
ezsystems/ezpublish-kernel
6
aaptjs
6
github.com/answerdev/answer
6
mercurial
5
centreon/centreon
5
shopware/core
5
org.jeecgframework.boot:jeecg-boot-parent
5
org.apache.shiro:shiro-core
5
org.jenkins-ci.plugins:script-security
5
org.apache.activemq:activemq-client
5
steal
5
Microsoft.ChakraCore
5
mautic/core
5
org.xwiki.commons:xwiki-commons-xml
5
nodebb
5
org.xwiki.platform:xwiki-platform-web
5
prestashop/prestashop
5
safe-eval
5
ckb
5
zendframework/zendframework
5
Pillow
5
django
5
org.apache.inlong:manager-pojo
5
realms-shim
4
calibreweb
4
github.com/grafana/grafana
4
hermes-engine
4
contao/core-bundle
4
org.apache.tomcat.embed:tomcat-embed-core
4
spree_auth_devise
4
pyload-ng
4
feehi/cms
4
librenms/librenms
4
PaddlePaddle
4
org.apache.openmeetings:openmeetings-parent
4
contao/contao
4
smallvec
4
code.gitea.io/gitea
4
org.cloudfoundry.identity:cloudfoundry-identity-server
4
Django
4
github.com/hashicorp/vault
4
nilsteampassnet/teampass
4
net.opentsdb:opentsdb
4
apache-airflow-providers-apache-hive
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
org.apache.inlong:manager-service
4
org.eclipse.jetty:jetty-server
4
org.jeecgframework.boot:jeecg-boot-base-core
4
swagger-ui
4
org.apache.kylin:kylin-server-base
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
github.com/usememos/memos
4
baserproject/basercms
4
openssl-src
4
safer-eval
4
nukeviet/nukeviet
4
org.apache.tapestry:tapestry-core
4
github.com/argoproj/argo-cd/v2
4
messagepack-rs
4
org.apache.solr:solr-parent
3
pimcore/pimcore
3
lmdb
3
org.richfaces:richfaces-core
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
org.xwiki.platform:xwiki-platform-panels-ui
3
github.com/hashicorp/nomad
3
publify_core
3
nvflare
3
org.jenkins-ci.plugins:active-directory
3
org.apache.logging.log4j:log4j-core
3
zendframework/zendframework1
3
showdoc/showdoc
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
ezsystems/ezplatform-kernel
3
org.apache.hadoop:hadoop-common
3
@openzeppelin/contracts-upgradeable
3
com.alibaba:dubbo
3
symfony/security-core
3
modoboa
3
log4j:log4j
3
org.apache.storm:storm
3
symfony/security
3
edu.stanford.nlp:stanford-corenlp
3
org.xwiki.platform:xwiki-platform-icon-ui
3
ro.pippo:pippo-core
3
com.hazelcast:hazelcast
3
org.keycloak:keycloak-core
3
org.apache.ozone:ozone-main
3
adodb/adodb-php
3
smarty/smarty
3
slpjs
3
strapi
3
dompdf/dompdf
3
browserify-shim
3
actix-web
3
mongoose
3
facade/ignition
3
org.apache.linkis:linkis
3
com.jflyfox:jflyfox_jfinal
3
codiad/codiad
3
jsrsasign
3
io.undertow:undertow-core
3
ibexa/core
3
org.apache.jmeter:ApacheJMeter
3
cobbler
3
org.springframework.security:spring-security-core
3
github.com/dexidp/dex
3
github.com/pterodactyl/wings
3
simplesamlphp/simplesamlphp
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
io.dataease:dataease-plugin-common
3
rubygems-update
3
org.apache.any23:apache-any23
3
org.apache.solr:solr-core
3
org.xwiki.platform:xwiki-platform-search-ui
3
xcb
3
phpmailer/phpmailer
3
github.com/rancher/rancher
3
craftcms/cms
3
francoisjacquet/rosariosis
3
ray
3
codeigniter4/framework
3
org.apache.dolphinscheduler:dolphinscheduler
3
nokogiri
3
typo3/cms
3
elefant/cms
3
impresscms/impresscms
3
org.apache.ignite:ignite-core
3
id-map
3
handlebars
3
tribalsystems/zenario
3
codeigniter/framework
3
feathers-sequelize
3
github.com/go-gitea/gitea
3
org.apache.inlong:manager-web
3
org.jeecgframework.boot:jeecg-boot-base
3
slp-validate
3
async-git
2
python-keystoneclient
2
org.apache.flume.flume-ng-sources:flume-jms-source
2
llama-index
2
eslint-config-eslint
2
org.apache.inlong:manager-dao
2
org.jenkins-ci.plugins:semantic-versioning-plugin
2
github.com/sap/cloud-security-client-go
2
org.apache.shiro:shiro-web
2
apache-superset
2
mathjs
2
github.com/crewjam/saml
2
alextselegidis/easyappointments
2
github.com/russellhaering/gosaml2
2
total4
2
org.apache.derby:derby
2
laravel/framework
2
org.apache.commons:commons-configuration2
2
org.xwiki.platform:xwiki-platform-attachment-ui
2
Radicale
2
com.hazelcast.jet:hazelcast-jet
2
vyper
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/saltstack/salt
14
https://github.com/apache/airflow
14
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/tensorflow/tensorflow
9
https://github.com/top-think/framework
9
https://github.com/funadmin/funadmin
9
https://github.com/django/django
9
https://github.com/langchain-ai/langchain
8
https://github.com/magento/magento2
8
https://github.com/apache/inlong
8
https://github.com/ikus060/rdiffweb
8
https://github.com/argoproj/argo-cd
7
https://github.com/gogs/gogs
7
https://github.com/go-gitea/gitea
7
https://github.com/python-pillow/Pillow
7
https://github.com/Studio-42/elFinder
7
https://github.com/apache/struts
7
https://github.com/sequelize/sequelize
7
https://github.com/rusqlite/rusqlite
7
https://github.com/ansible/ansible
7
https://github.com/answerdev/answer
6
https://github.com/symfony/symfony
6
https://github.com/shenzhim/aaptjs
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/parse-community/parse-server
6
https://github.com/shopware/platform
6
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/froxlor/froxlor
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/moodle/moodle
5
https://github.com/NodeBB/NodeBB
5
https://github.com/apache/activemq
5
https://github.com/stealjs/steal
5
https://github.com/PrestaShop/PrestaShop
5
https://github.com/dromara/hutool
5
https://github.com/nervosnetwork/ckb
5
https://github.com/keycloak/keycloak
5
https://github.com/apache/tomcat
5
https://github.com/otake84/messagepack-rs
4
https://github.com/cloudfoundry/uaa
4
https://github.com/hwchase17/langchain
4
https://github.com/janeczku/calibre-web
4
https://github.com/swagger-api/swagger-ui
4
https://github.com/liufee/cms
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/grafana/grafana
4
https://github.com/servo/rust-smallvec
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/usememos/memos
4
https://github.com/dompdf/dompdf
4
https://github.com/pippo-java/pippo
4
https://github.com/pyload/pyload
4
https://github.com/contao/contao
4
https://github.com/CVEProject/cvelist
4
https://github.com/spring-projects/spring-framework
4
https://github.com/centreon/centreon-archived
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/pimcore/pimcore
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/shopware/shopware
3
https://github.com/rancher/rancher
3
https://github.com/facebook/hermes
3
https://github.com/star7th/showdoc
3
https://github.com/pterodactyl/wings
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/facade/ignition
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/publify/publify
3
https://github.com/smarty-php/smarty
3
https://github.com/craftcms/cms
3
https://github.com/nukeviet/nukeviet
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/crewjam/saml
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/ADOdb/ADOdb
3
https://github.com/ibexa/core
3
https://github.com/rubygems/rubygems.org
3
https://github.com/andrewhickman/id-map
3
https://github.com/apache/camel
3
https://github.com/rubygems/rubygems
3
https://github.com/twisted/twisted
3
https://github.com/hazelcast/hazelcast
3
https://github.com/actix/actix-web
3
https://github.com/modoboa/modoboa
3
https://github.com/dwisiswant0/advisory
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/octobercms/october
3
https://github.com/denoland/deno
3
https://github.com/mautic/mautic
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/baserproject/basercms
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/dexidp/dex
3
https://github.com/github/securitylab
3
https://github.com/apache/shiro
3
https://github.com/neorazorx/facturascripts
3
https://github.com/kjur/jsrsasign
3
https://github.com/mbechler/marshalsec
3
https://github.com/jmrozanec/cron-utils
2
https://github.com/pytorch/serve
2
https://github.com/sjep/array
2
https://github.com/jfinal/jfinal
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/top-think/thinkphp
2
https://github.com/SAP/cloud-pysec
2
https://github.com/apache/kylin
2
https://github.com/TribalSystems/Zenario
2
https://github.com/totaljs/framework
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/ahdinosaur/set-in
2
https://github.com/kubernetes/kubernetes
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/MrSwitch/hello.js
2
https://github.com/ibexa/admin-ui
2
https://github.com/evmos/evmos
2
https://github.com/beego/beego
2
https://github.com/dominictarr/libnested
2
https://github.com/fluxcd/flux2
2
https://github.com/moby/buildkit
2
https://github.com/unshiftio/url-parse
2
https://github.com/sidorares/node-mysql2
2
https://github.com/noear/solon
2
https://github.com/h2database/h2database
2
https://github.com/firebase/php-jwt
2
https://github.com/netvl/acc_reader
2
https://github.com/rubyzip/rubyzip
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/rest-client/rest-client
2
https://github.com/hashicorp/go-getter
2
https://github.com/qcubed/qcubed
2
https://github.com/nats-io/jwt
2
https://github.com/getgrav/grav
2
https://github.com/rochacbruno/quokka
2
https://github.com/graphite-project/graphite-web
2
https://github.com/rails/rails
2
https://github.com/uasoft-indonesia/badaso
2
https://github.com/apache/flume
2
https://github.com/Froxlor/Froxlor
2
https://github.com/TogaTech/tEnvoy
2
https://github.com/PowerJob/PowerJob
2
https://github.com/Gerapy/Gerapy
2
https://github.com/rust-random/rand
2
https://github.com/hashicorp/nomad
2
https://github.com/vert-x3/vertx-web
2
https://github.com/apache/karaf
2
https://github.com/simplesamlphp/simplesamlphp
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/sparklemotion/nokogiri
2
https://gitlab.com/francoisjacquet/rosariosis
2
https://github.com/laurent22/joplin
2
https://github.com/dominictarr/event-stream
2
https://github.com/KnpLabs/snappy
2
https://github.com/apache/incubator-streampark
2
https://github.com/SAP/cloud-security-services-integration-library
2
https://github.com/skoranga/node-dns-sync
2
https://github.com/commenthol/safer-eval
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/dfinity/agent-js
2
https://github.com/jaw187/node-traceroute
2
https://github.com/WWBN/AVideo
2
https://github.com/markevans/dragonfly
2
https://github.com/nilsteampassnet/TeamPass
2
https://github.com/soketi/soketi
2
https://github.com/line/armeria
2
https://github.com/gofiber/fiber
2
https://github.com/joomla/joomla-cms
2
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
2
https://github.com/google/flatbuffers
2
https://github.com/benbusby/whoogle-search
2
https://github.com/gventuri/pandas-ai
2
https://github.com/nodejs/llhttp
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/Automattic/mongoose
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/hashicorp/vault
2
https://github.com/ionicabizau/parse-url
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/keystonejs/keystone
2