Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZnZzgtNzJmMi1xbTIz
Critical severity vulnerability that affects org.eclipse.jetty:jetty-serverEcosystems: maven
Packages: org.eclipse.jetty:jetty-server
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo3N3EtMnFxZy02OTg5
Apache Struts vulnerable to remote arbitrary command execution due to improper input validationEcosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.springframework.security.oauth:spring-security-oauth2
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJycG0tcGo3cC03ajlx
Spring Security OAuth vulnerable to remote code execution (RCE)Ecosystems: maven
Packages: org.springframework.security.oauth:spring-security-oauth2
Source: GitHub Advisory Database
Blast Radius: 38.9
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.dataformat:jackson-dataformat-xml
Source: GitHub Advisory Database
Blast Radius: 43.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtcTYtZnJ2My00NzI3
jackson-dataformat-xml vulnerable to XML external entity (XXE)Ecosystems: maven
Packages: com.fasterxml.jackson.dataformat:jackson-dataformat-xml
Source: GitHub Advisory Database
Blast Radius: 43.0
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmeDYtdnA5Zy1yaDd2
jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist bypassEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1OTItMzhjbS00Z2dw
jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code executionEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.orientechnologies:orientdb-core
Source: GitHub Advisory Database
Blast Radius: 25.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhtNnItNDQ2Ni1tcjc0
OrientDB vulnerable to Improper Privilage Management leading to arbitrary command injectionEcosystems: maven
Packages: com.orientechnologies:orientdb-core
Source: GitHub Advisory Database
Blast Radius: 25.5
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNybXYtMnBnNS14dnFq
Improperly Implemented Security Check for Standard in org.springframework:spring-coreEcosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1aGctM3htMy1nY2pn
Spring Framework allows applications to expose STOMP over WebSocket endpointsEcosystems: maven
Packages: org.springframework:spring-core
Source: GitHub Advisory Database
Blast Radius: 50.9
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1oN2ctOTl3OS14cGpt
Remote code execution occurs in Apache SolrEcosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: net.bull.javamelody:javamelody-core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZmdngtcjdoeC0zdmg2
JavaMelody has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java.Ecosystems: maven
Packages: net.bull.javamelody:javamelody-core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.neo4j:neo4j-enterprise
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1ZjUtcmo0ci00MmY2
Incorrect access control in Neo4j Enterprise Database Server via LDAP authenticationEcosystems: maven
Packages: org.neo4j:neo4j-enterprise
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.springframework.data:spring-data-commons
Source: GitHub Advisory Database
Blast Radius: 39.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRmcTMtbXI1Ni1jZzZy
Spring Data Commons remote code injection vulnerabilityEcosystems: maven
Packages: org.springframework.data:spring-data-commons
Source: GitHub Advisory Database
Blast Radius: 39.9
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc1OG0tNmczcS1nM2ho
Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '' wildcard characterEcosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4NGMtajhxbS1nNDdy
The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a passwordEcosystems: maven
Packages: org.apache.ranger:ranger
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI0eDItM2NxNS1ocXZw
The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all originsEcosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core
Source: GitHub Advisory Database
Blast Radius: 40.7
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.bouncycastle:bcprov-jdk15on
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0NDYtNjU2cC1mNTRn
Deserialization of Untrusted Data in Bouncy castleEcosystems: maven
Packages: org.bouncycastle:bcprov-jdk15on
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: io.vertx:vertx-web
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzOXgtbTU1Yy12NTVo
Eclipse Vert.x does not properly neutralize '' (forward slashes) sequences that can resolve to an external locationEcosystems: maven
Packages: io.vertx:vertx-web
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4ZzYtMndoNy02NDM5
Apache Tika allows Java code execution for serialized objects embedded in MATLAB filesEcosystems: maven
Packages: org.apache.tika:tika-core
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.camel:camel-jackson
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ2amMtcTV2ci01MnE2
Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacksEcosystems: maven
Packages: org.apache.camel:camel-jackson
Source: GitHub Advisory Database
Blast Radius: 32.2
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.camel:camel-xstream
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd2NWYtY2p3OS01dnhn
Camel-xstream component in Apache Camel can allow remote attackers to execute arbitrary commandsEcosystems: maven
Packages: org.apache.camel:camel-xstream
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2Zm0tNDM4OC02cnBj
Apache is vulnerable to XXE in XSD validation processorEcosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 38.5
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.camel:camel-castor
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmNHEtOG1yNy01YzVj
Camel-castor component in Apache Camel is vulnerable to Java object de-serialisationEcosystems: maven
Packages: org.apache.camel:camel-castor
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.ignite:ignite-core
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFjanYtd2ZjZy1tbXBy
Code execution via deserialization in org.apache.ignite:ignite-coreEcosystems: maven
Packages: org.apache.ignite:ignite-core
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.ignite:ignite-core
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNocDQtcnY3OS02OGoz
Apache serialization mechanism does not have a list of classes allowed for serialization/deserializationEcosystems: maven
Packages: org.apache.ignite:ignite-core
Source: GitHub Advisory Database
Blast Radius: 28.2
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.qpid:qpid-broker-plugins-amqp-1-0-protocol, org.apache.qpid:qpid-broker-plugins-amqp-0-8-protocol
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE2NmMtaDg1My1ncXcy
AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authenticationEcosystems: maven
Packages: org.apache.qpid:qpid-broker-plugins-amqp-1-0-protocol, org.apache.qpid:qpid-broker-plugins-amqp-0-8-protocol
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThmeDktNWh4OC1jcmht
Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literalEcosystems: maven
Packages: org.apache.struts:struts2-core
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: over 5 years ago
Critical
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg4ZjctaDQ0NC05N3c0
The installation wizard in DotNetNuke (DNN) allows privilege escalationEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNnZ2otZnZ2My1jcXd2
FasterXML jackson-databind allows unauthenticated remote code executionEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: nuget
Packages: recurly-api-client
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhwd3AtcnEzeC14NnY3
Critical severity vulnerability that affects recurly-api-clientEcosystems: nuget
Packages: recurly-api-client
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: org.apache.camel:camel-snakeyaml
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2cHItOWNyNi1xNXY3
Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serializationEcosystems: maven
Packages: org.apache.camel:camel-snakeyaml
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: over 5 years ago
Critical
Ecosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF4eHgtMnBwNy01aG14
jackson-databind is vulnerable to a deserialization flawEcosystems: maven
Packages: com.fasterxml.jackson.core:jackson-databind
Source: GitHub Advisory Database
Blast Radius: 52.8
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: dojox
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg0Y20teDJxNS04MjI1
dojox vulnerable to unescaped string injectionEcosystems: npm
Packages: dojox
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: memjs
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN4OG0tOHhteC1xOHYz
Denial of Service in memjsEcosystems: npm
Packages: memjs
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: over 5 years ago
Critical
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpnNGYtanFtNS00bWdx
Ansible fails to properly sanitize fact variables sent from the Ansible controllerEcosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: atob
Source: GitHub Advisory Database
Blast Radius: 55.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh3NGgtM2NtMy0ycG0y
Out-of-bounds Read in atobEcosystems: npm
Packages: atob
Source: GitHub Advisory Database
Blast Radius: 55.2
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: deep-extend
Source: GitHub Advisory Database
Blast Radius: 63.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhyMnYtMzk1Mi02MzNx
Prototype Pollution in deep-extendEcosystems: npm
Packages: deep-extend
Source: GitHub Advisory Database
Blast Radius: 63.3
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM3aHItajRtai1qMnc2
Verification Bypass in jsonwebtokenEcosystems: npm
Packages: jsonwebtoken
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: merge-options
Source: GitHub Advisory Database
Blast Radius: 47.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF3OTMtNDVyMy1wNjZw
Prototype Pollution in merge-optionsEcosystems: npm
Packages: merge-options
Source: GitHub Advisory Database
Blast Radius: 47.2
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: smart_proxy_dynflow
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd4NWcteGN4ai1jeDJ3
smart_proxy_dynflow gem authentication bypass in Foreman remote execution featureEcosystems: rubygems
Packages: smart_proxy_dynflow
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: merge-object
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZwODItMmg5OS0zZnBw
Prototype Pollution in async merge-objectEcosystems: npm
Packages: merge-object
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: merge-recursive
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN2eG0tZjI5NS14OTU3
Prototype Pollution in merge-recursiveEcosystems: npm
Packages: merge-recursive
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: html-pages
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZtODctNDZ2di1qcXJy
Path Traversal in html-pagesEcosystems: npm
Packages: html-pages
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: ps
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmaGctOXg0NC03OGgy
ps Enables OS Command InjectionEcosystems: npm
Packages: ps
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: egg-scripts
Source: GitHub Advisory Database
Blast Radius: 32.3
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5ajMtd3FwaC01eHg5
Command Injection in egg-scriptsEcosystems: npm
Packages: egg-scripts
Source: GitHub Advisory Database
Blast Radius: 32.3
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: cryptiles
Source: GitHub Advisory Database
Blast Radius: 56.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJxOGctNXBjNS13cmhy
Insufficient Entropy in cryptilesEcosystems: npm
Packages: cryptiles
Source: GitHub Advisory Database
Blast Radius: 56.5
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: msrcrypto
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFnM2ctMm1naC0zM2o4
Sensitive Data Exposure in msrcryptoEcosystems: npm
Packages: msrcrypto
Source: GitHub Advisory Database
Blast Radius: 28.1
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: macaddress
Source: GitHub Advisory Database
Blast Radius: 51.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBwNTctbXFtaC00NGg3
Command Injection in macaddressEcosystems: npm
Packages: macaddress
Source: GitHub Advisory Database
Blast Radius: 51.7
Published: over 5 years ago
Critical
Ecosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc1Nzgtajk5Mi01NTR4
Ansible fails to properly mark lookup-plugin results as unsafeEcosystems: pypi
Packages: ansible
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: rubyzip
Source: GitHub Advisory Database
Blast Radius: 57.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZxY3EtbXJtdy1tY21n
Rubyzip gem contains a Directory Traversal vulnerability in zip file componentEcosystems: rubygems
Packages: rubyzip
Source: GitHub Advisory Database
Blast Radius: 57.1
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyNTItNGhxdy1wMjdm
Nokogiri does not forbid namespace nodes in XPointer rangesEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: flintcms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpocTMtNTd4aC02NjQz
Privilege Escalation due to Blind NoSQL Injection in flintcmsEcosystems: npm
Packages: flintcms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: git-dummy-commit
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzYzIteDc3Yy03cHZy
Command Injection in git-dummy-commitEcosystems: npm
Packages: git-dummy-commit
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: cryo
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM4ZjUtZ2hjMi1mY212
Code Injection in cryoEcosystems: npm
Packages: cryo
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: git-fastclone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1mNnctNDVjZi1xaG1w
Git-fastclone passes user modifiable strings directly to a shell commandEcosystems: rubygems
Packages: git-fastclone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Critical
Ecosystems: pypi
Packages: pycsw
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnNGMtcmd2bS05NjRn
SQL Injection in pycswEcosystems: pypi
Packages: pycsw
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: rest-client
Source: GitHub Advisory Database
Blast Radius: 49.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmaGYtNjkzOS1xZzhw
rest-client Gem Vulnerable to Session FixationEcosystems: rubygems
Packages: rest-client
Source: GitHub Advisory Database
Blast Radius: 49.0
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: active-support
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJqNTUtcGN3NS14NGgy
active-support impersonates 'activesupport' gemEcosystems: rubygems
Packages: active-support
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 64.1
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB2NGMtcDJqNS0zOGo0
Open Redirect in url-parseEcosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 64.1
Published: over 5 years ago
Critical
Ecosystems: rubygems
Packages: restforce
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzNHctOTM3bS12N3gz
restforce vulnerable to Improper Input ValidationEcosystems: rubygems
Packages: restforce
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 5 years ago
Critical
Ecosystems: npm
Packages: whereis
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdqcjQtMmpndy1obXY4
Command Injection in whereisEcosystems: npm
Packages: whereis
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: https-proxy-agent
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThnN3AtNzRoOC1oZzQ4
Denial of Service in https-proxy-agentEcosystems: npm
Packages: https-proxy-agent
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: pouchdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNncXYteDVjeC14dnFo
Arbitrary Code Injection in pouchdbEcosystems: npm
Packages: pouchdb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: rope
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzOHItcXAyOC0ybTYz
Code injection in ropeEcosystems: pypi
Packages: rope
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2cjgtNDY2cC03NXJo
Pillow Integer overflow in ImagingResampleHorizontalEcosystems: pypi
Packages: Pillow
Source: GitHub Advisory Database
Blast Radius: 48.5
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR3ODgtcmpqMy14N3dw
Chromium Remote Code Execution in electronEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: pg
Source: GitHub Advisory Database
Blast Radius: 53.3
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdjOXYtbWo2My1tOWc1
Remote Code Execution in pgEcosystems: npm
Packages: pg
Source: GitHub Advisory Database
Blast Radius: 53.3
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: confire
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW04NWMtOW1mOC1tMm02
Unsafe deserialization in confireEcosystems: pypi
Packages: confire
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd3NnYtNjc3Zy1wNjU2
Sandbox Breakout in safe-evalEcosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: dns-sync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjdzgtcjl4bS0zMmM2
Command Injection in dns-syncEcosystems: npm
Packages: dns-sync
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: node-serialize
Source: GitHub Advisory Database
Blast Radius: 24.9
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0djctNHJody05aHFt
Code Execution through IIFE in node-serializeEcosystems: npm
Packages: node-serialize
Source: GitHub Advisory Database
Blast Radius: 24.9
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: serialize-to-js
Source: GitHub Advisory Database
Blast Radius: 46.6
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1tNjItd3hjOC1jZjdt
Code Execution Through IIFE in serialize-to-jsEcosystems: npm
Packages: serialize-to-js
Source: GitHub Advisory Database
Blast Radius: 46.6
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: tablib
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdjcjYtcmY0Ny1qcmdm
Loaded Databook of Tablib prone to python insertion resulting in command executionEcosystems: pypi
Packages: tablib
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: diffoscope
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThwNWMtZjMyOC05ZnZ2
Diffoscope may write to arbitrary locations due to an untrusted archiveEcosystems: pypi
Packages: diffoscope
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: owlmixin
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNjbXEtcXZjcC01bXJt
Unsafe deserialization in owlmixinEcosystems: pypi
Packages: owlmixin
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: MLAlchemy
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhwbTgtOThteC1oNGM1
Unsafe deserialization in MLAlchemyEcosystems: pypi
Packages: MLAlchemy
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: django_make_app
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlwdjgtcTVyeC1jOGdx
django_make_app is vulnerable to Code InjectionEcosystems: pypi
Packages: django_make_app
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: django-anymail
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4ZjktN2g0Yy1mNWp2
Django-Anymail prone to a timing attackEcosystems: pypi
Packages: django-anymail
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: koji
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZtd3cteHZoNy1mcTRm
Koji hub call does not perform correct access checksEcosystems: pypi
Packages: koji
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: eve
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqeHEtNzVydy1maGo5
Eve allows execution of arbitrary codeEcosystems: pypi
Packages: eve
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: almost 6 years ago
Critical
Ecosystems: pypi
Packages: paramiko
Source: GitHub Advisory Database
Blast Radius: 44.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTIzMnItNjZjZy03OXB4
Paramiko not properly checking authentication before processing other requestsEcosystems: pypi
Packages: paramiko
Source: GitHub Advisory Database
Blast Radius: 44.0
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: eslint-scope, eslint-config-eslint
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4eGYtcTN3OS00eGd3
Malicious Package in eslint-scopeEcosystems: npm
Packages: eslint-scope, eslint-config-eslint
Source: GitHub Advisory Database
Blast Radius: 56.4
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: growl
Source: GitHub Advisory Database
Blast Radius: 56.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFoMmgtY2hqOS1qZmZx
Growl before 1.10.0 vulnerable to Command InjectionEcosystems: npm
Packages: growl
Source: GitHub Advisory Database
Blast Radius: 56.0
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: reduce-css-calc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ2NjItajk2Zy1tdjQ2
Arbitrary Code Injection in reduce-css-calcEcosystems: npm
Packages: reduce-css-calc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: pdfinfojs
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNweHAtNjk2My00NnI5
Command Injection in pdfinfojsEcosystems: npm
Packages: pdfinfojs
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: almost 6 years ago
Critical
Ecosystems: rubygems
Packages: bson
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2cmotOHIzYy05Z3Bq
bson is vulnerable to denial of service due to incorrect regex validationEcosystems: rubygems
Packages: bson
Source: GitHub Advisory Database
Blast Radius: 42.0
Published: about 6 years ago
Critical
Ecosystems: rubygems
Packages: paperclip
Source: GitHub Advisory Database
Blast Radius: 45.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVqY2YtYzVyZy1ybW04
paperclip Server-Side Request Forgery vulnerabilityEcosystems: rubygems
Packages: paperclip
Source: GitHub Advisory Database
Blast Radius: 45.7
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: mathjs
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB2OHgtcDlocS1qMzI4
Arbitrary Code Execution in mathjsEcosystems: npm
Packages: mathjs
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: mathjs
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4NWMtODdxeC1jdjZj
Arbitrary Code Execution in mathjsEcosystems: npm
Packages: mathjs
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 6 years ago
Critical
Ecosystems: rubygems
Packages: recurly
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgyN3YteDIyNS1ncThn
Recurly gem Server-Side Request Forgery in Resource#find methodEcosystems: rubygems
Packages: recurly
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: over 6 years ago
Critical
Ecosystems: rubygems
Packages: redis-store
Source: GitHub Advisory Database
Blast Radius: 37.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ3NjctNTI2cC1nbTcz
redis-store deserializes untrusted dataEcosystems: rubygems
Packages: redis-store
Source: GitHub Advisory Database
Blast Radius: 37.0
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 60.6
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN3NXYtcDU0Yy1mNzR4
ejs is vulnerable to remote code execution due to weak input validationEcosystems: npm
Packages: ejs
Source: GitHub Advisory Database
Blast Radius: 60.6
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: printer
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVjOGoteHIyNC0yNjY1
Potential Command Injection in printerEcosystems: npm
Packages: printer
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: keycloak-js, keycloak-connect
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW13MzUtMjRnaC1mODJ3
keycloak-connect and keycloak-js improperly handle invalid tokensEcosystems: npm
Packages: keycloak-js, keycloak-connect
Source: GitHub Advisory Database
Blast Radius: 34.5
Published: over 6 years ago
Critical
Ecosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Blast Radius: 58.4
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ4cTMtZ200cC01Zmo0
rails vulnerable to improper authenticationEcosystems: rubygems
Packages: rails
Source: GitHub Advisory Database
Blast Radius: 58.4
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: js-yaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4dnctNDVycC0zbWoy
Deserialization Code Execution in js-yamlEcosystems: npm
Packages: js-yaml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Critical
Ecosystems: rubygems
Packages: md2pdf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk5Y2gtOG12cC1nN201
md2pdf allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filenameEcosystems: rubygems
Packages: md2pdf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
Critical
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoajktY2pqaC0yN3Zt
Active Record contains deserialization of arbitrary YAMLEcosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Critical
Ecosystems: rubygems
Packages: kelredd-pruview
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc4ajMtN3dwbS1xaHZw
Shell Metacharacter Injection in kelredd-pruviewEcosystems: rubygems
Packages: kelredd-pruview
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 6 years ago
Critical
Ecosystems: rubygems
Packages: cremefraiche
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02ZjctNDZody1ncmNq
Creme Fraiche contains OS Command InjectionEcosystems: rubygems
Packages: cremefraiche
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
Statistics
Advisories: 18,369
Packages: 8,294
Repositories: 1,289
Ecosystems: 12
Packages: 8,294
Repositories: 1,289
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
27
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
net.mingsoft:ms-mcms
18
org.jenkins-ci.main:jenkins-core
18
salt
16
moodle/moodle
15
topthink/framework
13
com.liferay.portal:release.portal.bom
13
langchain
12
drupal/core
12
com.liferay.portal:release.dxp.bom
12
org.apache.dubbo:dubbo
12
mlflow
12
magento/core
11
org.apache.struts:struts2-core
11
apache-airflow
10
vm2
10
tensorflow
9
org.xwiki.platform:xwiki-platform-oldcore
9
phpmyadmin/phpmyadmin
9
funadmin/funadmin
9
tensorflow-gpu
8
tensorflow-cpu
8
drupal/drupal
8
org.jeecgframework.boot:jeecg-boot-common
8
shopware/platform
8
rdiffweb
8
paddlepaddle
8
org.xwiki.platform:xwiki-platform-web-templates
8
ansible
7
froxlor/froxlor
7
rusqlite
7
studio-42/elfinder
7
org.xwiki.platform:xwiki-platform-administration-ui
7
sequelize
7
gogs.io/gogs
7
symfony/symfony
7
aaptjs
6
thorsten/phpmyfaq
6
parse-server
6
ezsystems/ezpublish-kernel
6
github.com/argoproj/argo-cd
6
github.com/answerdev/answer
6
org.apache.activemq:activemq-client
5
org.jeecgframework.boot:jeecg-boot-parent
5
ckb
5
nodebb
5
org.apache.tomcat.embed:tomcat-embed-core
5
org.jenkins-ci.plugins:script-security
5
steal
5
mercurial
5
centreon/centreon
5
zendframework/zendframework
5
org.xwiki.commons:xwiki-commons-xml
5
org.xwiki.platform:xwiki-platform-web
5
django
5
Microsoft.ChakraCore
5
shopware/core
5
org.apache.inlong:manager-pojo
5
safe-eval
5
Pillow
5
org.apache.shiro:shiro-core
5
org.apache.tapestry:tapestry-core
4
org.eclipse.jetty:jetty-server
4
smallvec
4
hermes-engine
4
pyload-ng
4
spree_auth_devise
4
contao/contao
4
librenms/librenms
4
PaddlePaddle
4
code.gitea.io/gitea
4
safer-eval
4
org.cloudfoundry.identity:cloudfoundry-identity-server
4
realms-shim
4
nukeviet/nukeviet
4
org.apache.openmeetings:openmeetings-parent
4
github.com/hashicorp/vault
4
baserproject/basercms
4
Django
4
calibreweb
4
mautic/core
4
swagger-ui
4
org.apache.inlong:manager-service
4
org.apache.kylin:kylin-server-base
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
github.com/usememos/memos
4
prestashop/prestashop
4
net.opentsdb:opentsdb
4
github.com/argoproj/argo-cd/v2
4
feehi/cms
4
messagepack-rs
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
apache-airflow-providers-apache-hive
4
openssl-src
4
org.jeecgframework.boot:jeecg-boot-base-core
4
nilsteampassnet/teampass
4
contao/core-bundle
4
github.com/pterodactyl/wings
3
rubygems-update
3
github.com/hashicorp/nomad
3
org.apache.any23:apache-any23
3
org.apache.ignite:ignite-core
3
org.apache.linkis:linkis
3
github.com/dexidp/dex
3
org.springframework.security:spring-security-core
3
nokogiri
3
@openzeppelin/contracts-upgradeable
3
codeigniter4/framework
3
io.dataease:dataease-plugin-common
3
feathers-sequelize
3
cobbler
3
zendframework/zendframework1
3
mongoose
3
nvflare
3
com.hazelcast:hazelcast
3
edu.stanford.nlp:stanford-corenlp
3
github.com/rancher/rancher
3
org.apache.inlong:manager-web
3
org.jenkins-ci.plugins:active-directory
3
org.apache.logging.log4j:log4j-core
3
org.apache.hadoop:hadoop-common
3
modoboa
3
org.apache.jmeter:ApacheJMeter
3
craftcms/cms
3
org.keycloak:keycloak-core
3
org.xwiki.platform:xwiki-platform-icon-ui
3
pimcore/pimcore
3
ro.pippo:pippo-core
3
io.undertow:undertow-core
3
showdoc/showdoc
3
symfony/security
3
symfony/security-core
3
com.jflyfox:jflyfox_jfinal
3
com.alibaba:dubbo
3
ezsystems/ezplatform-kernel
3
smarty/smarty
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
codiad/codiad
3
log4j:log4j
3
tribalsystems/zenario
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
org.apache.ozone:ozone-main
3
phpmailer/phpmailer
3
org.apache.dolphinscheduler:dolphinscheduler
3
org.xwiki.platform:xwiki-platform-panels-ui
3
ray
3
francoisjacquet/rosariosis
3
strapi
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
org.jeecgframework.boot:jeecg-boot-base
3
slp-validate
3
typo3/cms
3
facade/ignition
3
id-map
3
elefant/cms
3
impresscms/impresscms
3
handlebars
3
github.com/go-gitea/gitea
3
browserify-shim
3
org.xwiki.platform:xwiki-platform-search-ui
3
org.apache.storm:storm
3
dompdf/dompdf
3
org.apache.solr:solr-parent
3
org.richfaces:richfaces-core
3
ibexa/core
3
actix-web
3
lmdb
3
org.apache.solr:solr-core
3
jsrsasign
3
slpjs
3
publify_core
3
xcb
3
github.com/crewjam/saml
2
locutus
2
org.apache.shiro:shiro-web
2
tenvoy
2
org.apache.flume.flume-ng-sources:flume-jms-source
2
org.apache.derby:derby
2
org.apache.inlong:manager-dao
2
mathjs
2
github.com/sap/cloud-security-client-go
2
eslint-config-eslint
2
github.com/russellhaering/gosaml2
2
ghost
2
alextselegidis/easyappointments
2
org.springframework.amqp:spring-amqp
2
nadesiko3
2
apache-superset
2
org.apache.commons:commons-configuration2
2
llama-index
2
org.xwiki.platform:xwiki-platform-notifications-ui
2
traceroute
2
graphite-web
2
torchserve
2
com.hazelcast.jet:hazelcast-jet
2
org.xwiki.platform:xwiki-platform-attachment-ui
2
pidusage
2
org.xwiki.platform:xwiki-platform-invitation-ui
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/saltstack/salt
14
https://github.com/apache/airflow
14
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/top-think/framework
9
https://github.com/funadmin/funadmin
9
https://github.com/tensorflow/tensorflow
9
https://github.com/apache/inlong
8
https://github.com/django/django
8
https://github.com/magento/magento2
8
https://github.com/ikus060/rdiffweb
8
https://github.com/langchain-ai/langchain
8
https://github.com/ansible/ansible
7
https://github.com/gogs/gogs
7
https://github.com/apache/struts
7
https://github.com/Studio-42/elFinder
7
https://github.com/argoproj/argo-cd
7
https://github.com/rusqlite/rusqlite
7
https://github.com/python-pillow/Pillow
7
https://github.com/sequelize/sequelize
7
https://github.com/go-gitea/gitea
7
https://github.com/parse-community/parse-server
6
https://github.com/answerdev/answer
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/shenzhim/aaptjs
6
https://github.com/shopware/platform
6
https://github.com/symfony/symfony
6
https://github.com/apache/tomcat
5
https://github.com/stealjs/steal
5
https://github.com/apache/activemq
5
https://github.com/nervosnetwork/ckb
5
https://github.com/NodeBB/NodeBB
5
https://github.com/moodle/moodle
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/froxlor/froxlor
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/keycloak/keycloak
5
https://github.com/dromara/hutool
4
https://github.com/dompdf/dompdf
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/pippo-java/pippo
4
https://github.com/janeczku/calibre-web
4
https://github.com/otake84/messagepack-rs
4
https://github.com/swagger-api/swagger-ui
4
https://github.com/contao/contao
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/PrestaShop/PrestaShop
4
https://github.com/CVEProject/cvelist
4
https://github.com/usememos/memos
4
https://github.com/liufee/cms
4
https://github.com/pyload/pyload
4
https://github.com/spring-projects/spring-framework
4
https://github.com/hwchase17/langchain
4
https://github.com/servo/rust-smallvec
4
https://github.com/cloudfoundry/uaa
4
https://github.com/neorazorx/facturascripts
3
https://github.com/github/securitylab
3
https://github.com/dexidp/dex
3
https://github.com/apache/shiro
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/baserproject/basercms
3
https://github.com/pterodactyl/wings
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/smarty-php/smarty
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/facade/ignition
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/rubygems/rubygems.org
3
https://github.com/facebook/hermes
3
https://github.com/mbechler/marshalsec
3
https://github.com/hazelcast/hazelcast
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/pimcore/pimcore
3
https://github.com/star7th/showdoc
3
https://github.com/rancher/rancher
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/publify/publify
3
https://github.com/dwisiswant0/advisory
3
https://github.com/centreon/centreon-archived
3
https://github.com/shopware/shopware
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/kjur/jsrsasign
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/apache/camel
3
https://github.com/octobercms/october
3
https://github.com/ibexa/core
3
https://github.com/denoland/deno
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/crewjam/saml
3
https://github.com/modoboa/modoboa
3
https://github.com/actix/actix-web
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/rubygems/rubygems
3
https://github.com/nukeviet/nukeviet
3
https://github.com/twisted/twisted
3
https://github.com/craftcms/cms
3
https://github.com/andrewhickman/id-map
3
https://github.com/pytorch/serve
2
https://github.com/sidorares/node-mysql2
2
https://github.com/javamelody/javamelody
2
https://github.com/Netflix/security-bulletins
2
https://github.com/neo4j-contrib/neo4j-apoc-procedures
2
https://github.com/kubernetes/kubernetes
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/nodejs/llhttp
2
https://github.com/sjep/array
2
https://github.com/apache/submarine
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/drupal/core
2
https://github.com/folio-org/mod-data-export-spring
2
https://github.com/apache/jmeter
2
https://github.com/google/flatbuffers
2
https://github.com/scalyr/scalyr-agent-2
2
https://github.com/IceWhaleTech/CasaOS
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/intelliants/subrion
2
https://github.com/benbusby/whoogle-search
2
https://github.com/laurent22/joplin
2
https://github.com/js-data/js-data
2
https://github.com/graphite-project/graphite-web
2
https://github.com/quarkusio/quarkus
2
https://github.com/gventuri/pandas-ai
2
https://github.com/dominictarr/event-stream
2
https://github.com/rochacbruno/quokka
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/KnpLabs/snappy
2
https://github.com/gnzlbg/slice_deque
2
https://github.com/ADOdb/ADOdb
2
https://github.com/keystonejs/keystone
2
https://github.com/jfinal/jfinal
2
https://github.com/TribalSystems/Zenario
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/codeigniter4/CodeIgniter4
2
https://github.com/Automattic/mongoose
2
https://github.com/rest-client/rest-client
2
https://github.com/netvl/acc_reader
2
https://github.com/michaelschwarz/Ajax.NET-Professional
2
https://github.com/h2database/h2database
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/hashicorp/vault
2
https://github.com/totaljs/framework
2
https://github.com/noear/solon
2
https://github.com/top-think/thinkphp
2
https://github.com/getgrav/grav
2
https://github.com/web2py/web2py
2
https://github.com/SAP/cloud-pysec
2
https://github.com/nats-io/jwt
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/jenkinsci/script-security-plugin
2
https://github.com/qcubed/qcubed
2
https://github.com/nystudio107/craft-seomatic
2
https://github.com/mautic/mautic
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jmrozanec/cron-utils
2
https://github.com/hashicorp/go-getter
2
https://github.com/rubyzip/rubyzip
2
https://github.com/apache/kylin
2
https://github.com/ahdinosaur/set-in
2
https://github.com/waycrate/swhkd
2
https://github.com/ionicabizau/parse-url
2
https://github.com/reem/rust-traitobject
2
https://github.com/actix/actix-net
2
https://github.com/Agoric/realms-shim
2
https://github.com/gofiber/fiber
2
https://github.com/apache/incubator-streampark
2
https://github.com/git-lfs/git-lfs
2
https://github.com/puma/puma
2
https://github.com/skoranga/node-dns-sync
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/evmos/evmos
2
https://github.com/rust-random/rand
2
https://github.com/MrSwitch/hello.js
2
https://github.com/OpenMage/magento-lts
2
https://github.com/ezsystems/ezplatform-admin-ui
2
https://github.com/xwiki/xwiki-rendering
2
https://github.com/grafana/grafana
2
https://github.com/Gerapy/Gerapy
2
https://github.com/Codiad/Codiad
2
https://github.com/moby/buildkit
2
https://github.com/soketi/soketi
2