Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: maven
Packages: cn.dev33:sa-token-core
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: 6 months ago
GSA_kwCzR0hTQS01NGY2LTlteDktODZmN84AA2pn
SaToken privilege escalation vulnerabilityEcosystems: maven
Packages: cn.dev33:sa-token-core
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: 6 months ago
Critical
Ecosystems: maven
Packages: com.usthe.sureness:sureness-core
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: 6 months ago
GSA_kwCzR0hTQS0zajJmLTU4cnEtZzZwN84AA2o5
Sureness uses hardcoded keyEcosystems: maven
Packages: com.usthe.sureness:sureness-core
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: 6 months ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 6 months ago
GSA_kwCzR0hTQS04aDV3LWY2cTktd2czNc4AA2mm
Langchain SQL Injection vulnerabilityEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 6 months ago
Critical
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: 6 months ago
GSA_kwCzR0hTQS1wcWdtLTlnODItd2NtN84AA2mf
modoboa Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: 6 months ago
Critical
Ecosystems: maven
Packages: org.yamcs:yamcs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS00M2Z3LTUzNmotdzM3as4AA2kO
Yamcs API Directory Traversal vulnerabilityEcosystems: maven
Packages: org.yamcs:yamcs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
Ecosystems: go
Packages: github.com/consensys/gnark
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
GSA_kwCzR0hTQS03cDkyLXg0MjMtdndqNs4AA2gZ
Plonk verifier KZG multi point verificationEcosystems: go
Packages: github.com/consensys/gnark
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
Critical
Ecosystems: npm
Packages: @seal-security/mongoose-fixed
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1yYzR2LTk5Y3ItcGpjbc4AA2gY
Prototype Pollution in ali-security/mongooseEcosystems: npm
Packages: @seal-security/mongoose-fixed
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
Ecosystems: maven
Packages: com.xwiki.identity-oauth:identity-oauth-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1oMnJtLTI5Y2gtd2ZtaM4AA2gS
XWiki Identity Oauth Privilege escalation (PR)/remote code execution from login screen through unescaped URL parameterEcosystems: maven
Packages: com.xwiki.identity-oauth:identity-oauth-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
Ecosystems: go
Packages: github.com/gofiber/fiber/v2
Source: GitHub Advisory Database
Blast Radius: 35.7
Published: 6 months ago
GSA_kwCzR0hTQS05NHc5LTk3cDMtcDM2OM4AA2gP
CSRF Token Reuse VulnerabilityEcosystems: go
Packages: github.com/gofiber/fiber/v2
Source: GitHub Advisory Database
Blast Radius: 35.7
Published: 6 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.contrib.changerequest:application-changerequest-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1mNzc2LXc5djItN3Zmas4AA2fh
XWiki Change Request Application UI XSS and remote code execution through change request titleEcosystems: maven
Packages: org.xwiki.contrib.changerequest:application-changerequest-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
Ecosystems: packagist
Packages: cachethq/cachet
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 6 months ago
GSA_kwCzR0hTQS1odjc5LXA2MnItd2czcM4AA2eZ
Cachet vulnerable to Authenticated Remote Code ExecutionEcosystems: packagist
Packages: cachethq/cachet
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 6 months ago
Critical
Ecosystems: npm
Packages: babel-traverse, @babel/traverse
Source: GitHub Advisory Database
Blast Radius: 62.6
Published: 6 months ago
GSA_kwCzR0hTQS02N2h4LTZ4NTMtanc5Ms4AA2eW
Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious codeEcosystems: npm
Packages: babel-traverse, @babel/traverse
Source: GitHub Advisory Database
Blast Radius: 62.6
Published: 6 months ago
Critical
Ecosystems: maven
Packages: org.apache.inlong:manager-pojo
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: 6 months ago
GSA_kwCzR0hTQS1ycDZ4LWdndzYtOGc1Ns4AA2do
Authorization Bypass in Apache InLongEcosystems: maven
Packages: org.apache.inlong:manager-pojo
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: 6 months ago
Critical
Ecosystems: pypi
Packages: pyminizip
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: 6 months ago
GSA_kwCzR0hTQS1tcTI5LWo1eGYtY2p3cs4AA2cZ
pyminizip affected by zlib's integer overflow/heap based buffer overflow vulnerability due to vulnerable dependencyEcosystems: pypi
Packages: pyminizip
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: 6 months ago
Critical
Ecosystems: npm
Packages: @vrite/sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
GSA_kwCzR0hTQS13MzVwLXd4d2otcmNtOc4AA2bq
Server-Side Request Forgery (SSRF) in vriteio/vriteEcosystems: npm
Packages: @vrite/sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
Critical
Ecosystems: maven
Packages: org.apache.zookeeper:zookeeper
Source: GitHub Advisory Database
Blast Radius: 41.3
Published: 7 months ago
GSA_kwCzR0hTQS03Mjg2LXBnZnYtdnh2aM4AA2YZ
Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeperEcosystems: maven
Packages: org.apache.zookeeper:zookeeper
Source: GitHub Advisory Database
Blast Radius: 41.3
Published: 7 months ago
Critical
Ecosystems: pypi
Packages: langchain-experimental
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: 7 months ago
GSA_kwCzR0hTQS1nampyLTYzeDQtdjhjcc4AA2Tu
langchain_experimental vulnerable to arbitrary code execution via PALChain in the python exec methodEcosystems: pypi
Packages: langchain-experimental
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: 7 months ago
Critical
Ecosystems: npm
Packages: fsevents
Source: GitHub Advisory Database
Blast Radius: 65.9
Published: 7 months ago
GSA_kwCzR0hTQS04cjZqLXY4cG0tZnF3M84AA2SB
Code injection in fseventsEcosystems: npm
Packages: fsevents
Source: GitHub Advisory Database
Blast Radius: 65.9
Published: 7 months ago
Critical
Ecosystems: go
Packages: github.com/neuvector/neuvector
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS02MjJoLWgycDgtNzQzeM4AA2R2
JWT token compromise can allow malicious actions including Remote Code Execution (RCE)Ecosystems: go
Packages: github.com/neuvector/neuvector
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Critical
Ecosystems: rubygems
Packages: bolt
Source: GitHub Advisory Database
Blast Radius: 27.3
Published: 7 months ago
GSA_kwCzR0hTQS0yODltLTI5NjQtZjhxNc4AA2Rv
Puppet Bolt privilege escalation vulnerabilityEcosystems: rubygems
Packages: bolt
Source: GitHub Advisory Database
Blast Radius: 27.3
Published: 7 months ago
Critical
Ecosystems: rubygems
Packages: geokit-rails
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: 7 months ago
GSA_kwCzR0hTQS03eHZjLXY0NGotNDZmaM4AA2RG
geokit-rails Command Injection vulnerabilityEcosystems: rubygems
Packages: geokit-rails
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: 7 months ago
Critical
Ecosystems: pypi
Packages: torchserve
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: 7 months ago
GSA_kwCzR0hTQS04ZnhyLXFmcjktcDM0d84AA2Lz
TorchServe Server-Side Request Forgery vulnerabilityEcosystems: pypi
Packages: torchserve
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: 7 months ago
Critical
Ecosystems: pypi
Packages: torchserve
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: 7 months ago
GSA_kwCzR0hTQS00bXFnLWg1amYtajltN84AA2Ly
TorchServe Pre-Auth Remote Code ExecutionEcosystems: pypi
Packages: torchserve
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: 7 months ago
Critical
Ecosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 7 months ago
GSA_kwCzR0hTQS01OHY3LTU4YzItcXdtOc4AA2Jv
phpMyFAQ Cross-site Scripting vulnerabilityEcosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 7 months ago
Critical
Ecosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: 7 months ago
GSA_kwCzR0hTQS1wcDR3LWc1cDQtODVwMs4AA2Jz
phpMyFAQ Cross-site Scripting vulnerabilityEcosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: 7 months ago
Critical
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS1yanFnLTNoOW0tZng1eM4AA2IQ
Cache poisoning in drupal/coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Critical
Ecosystems: go
Packages: github.com/Consensys/gnark-crypto
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS05eGZxLThqM3IteHA1Z84AA2Hb
Consensys gnark-crypto allows Signature MalleabilityEcosystems: go
Packages: github.com/Consensys/gnark-crypto
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
Ecosystems: go
Packages: github.com/sagernet/sing, github.com/sagernet/sing-box
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 7 months ago
GSA_kwCzR0hTQS1yNWhtLW1wM2otMjg1Z84AA2C4
sing-box vulnerable to improper authentication in the SOCKS inboundEcosystems: go
Packages: github.com/sagernet/sing, github.com/sagernet/sing-box
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 7 months ago
Critical
Ecosystems: pypi
Packages: searchor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS02Nm0yLTQ5M20tY3JoMs4AA2CV
Searchor CLI's Search vulnerable to Arbitrary Code using EvalEcosystems: pypi
Packages: searchor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Critical
Ecosystems: pypi
Packages: gevent
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: 7 months ago
GSA_kwCzR0hTQS14N20zLWpwcmctd2M1Z84AA2Bl
Gevent allows remote attacker to escalate privilegesEcosystems: pypi
Packages: gevent
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: 7 months ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 7 months ago
GSA_kwCzR0hTQS1yd2h4LTZoeDctcHFjOM4AA2As
SQL injection in jeecgbootEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 7 months ago
Critical
Ecosystems: npm
Packages: fuxa-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1wNDZnLThjM3EtODlwMs4AA2AM
FUXA SQL Injection vulnerabilityEcosystems: npm
Packages: fuxa-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
Ecosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 41.2
Published: 7 months ago
GSA_kwCzR0hTQS1neDZyLXFjMnYtM3Azds4AA1_3
systeminformation SSID Command Injection VulnerabilityEcosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 41.2
Published: 7 months ago
Critical
Ecosystems: nuget
Packages: CefSharp.Common.NETCore, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1qNjQ2LWdqNXAtcDQ1Z84AA1_1
CefSharp affected by heap buffer overflow in WebPEcosystems: nuget
Packages: CefSharp.Common.NETCore, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
Ecosystems: cargo
Packages: sqlpage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS12NXdmLWpnMzctcjltNc4AA1_y
SQLpage vulnerable to public exposure of database credentialsEcosystems: cargo
Packages: sqlpage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
Ecosystems: packagist
Packages: yiisoft/yii2
Source: GitHub Advisory Database
Blast Radius: 44.4
Published: 7 months ago
GSA_kwCzR0hTQS03Y2ZxLTcydzItMjRxNM4AA1_W
Yii2 allows attackers to execute any local .php file via a relative path in the view parameterEcosystems: packagist
Packages: yiisoft/yii2
Source: GitHub Advisory Database
Blast Radius: 44.4
Published: 7 months ago
Critical
Ecosystems: pypi
Packages: reportlab
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: 7 months ago
GSA_kwCzR0hTQS1wajk4LTJ4ZjYtY2ZmNc4AA19n
ReportLab vulnerable to remote code execution via paraparserEcosystems: pypi
Packages: reportlab
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: 7 months ago
Critical
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 7 months ago
GSA_kwCzR0hTQS02MndmLWgyNnYtNW01N84AA19I
Cross Site Scripting vulnerability in Dolibarr ERP CRMEcosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 7 months ago
Critical
Ecosystems: maven
Packages: it.geosolutions.jaiext.jiffle:jt-jiffle-language, it.geosolutions.jaiext.jiffle:jt-jiffle
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS12OTJmLWp4NnAtNzNyeM4AA18p
Improper Control of Generation of Code ('Code Injection') in jai-extEcosystems: maven
Packages: it.geosolutions.jaiext.jiffle:jt-jiffle-language, it.geosolutions.jaiext.jiffle:jt-jiffle
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
Ecosystems: go
Packages: github.com/nats-io/nats-server
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: 7 months ago
GSA_kwCzR0hTQS12cGpjLTRqY3YtamMyOc4AA17t
NATS nats-server allows directory traversal via unintended path to a management actionEcosystems: go
Packages: github.com/nats-io/nats-server
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: 7 months ago
Critical
Ecosystems: npm
Packages: @frangoteam/fuxa
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1yODdxLWZxMzctcHZyNs4AA17X
A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXAEcosystems: npm
Packages: @frangoteam/fuxa
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Critical
Ecosystems: packagist
Packages: craftcms/cms
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: 7 months ago
GSA_kwCzR0hTQS00dzhyLTN4cnctdjI1Z84AA12q
Craft CMS Remote Code Execution vulnerabilityEcosystems: packagist
Packages: craftcms/cms
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: 7 months ago
Critical
Ecosystems: maven
Packages: org.openrefine:database
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS1wM3I1LXgzaHItZ3BnNc4AA10e
OpenRefine Remote Code execution in project import with mysql jdbc url attackEcosystems: maven
Packages: org.openrefine:database
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Critical
Ecosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: GitHub Advisory Database
Blast Radius: 21.5
Published: 8 months ago
GSA_kwCzR0hTQS1md3IyLTY0dnIteHY5bc4AA1yv
Argo CD cluster secret might leak in cluster details pageEcosystems: go
Packages: github.com/argoproj/argo-cd/v2
Source: GitHub Advisory Database
Blast Radius: 21.5
Published: 8 months ago
Critical
Ecosystems: maven
Packages: cn.hutool:hutool-json, cn.hutool:hutool-core
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 8 months ago
GSA_kwCzR0hTQS1yeGdmLXI4NDMtZzUzaM4AA1xh
hutool Buffer Overflow vulnerabilityEcosystems: maven
Packages: cn.hutool:hutool-json, cn.hutool:hutool-core
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 8 months ago
Critical
Ecosystems: maven
Packages: cn.hutool:hutool-json, cn.hutool:hutool-core
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 8 months ago
GSA_kwCzR0hTQS03cDhjLWNyZnItcTkzcM4AA1xg
hutool Buffer Overflow vulnerabilityEcosystems: maven
Packages: cn.hutool:hutool-json, cn.hutool:hutool-core
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 8 months ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS1tN3ZoLXBnZnEtdjRycc4AA1xW
Jeecg boot SQL Injection vulnerabilityEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Critical
Ecosystems: packagist
Packages: knplabs/knp-snappy
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 8 months ago
GSA_kwCzR0hTQS05MnJ2LTRqMmgtOG1qas4AA1xE
Snappy PHAR deserialization vulnerabilityEcosystems: packagist
Packages: knplabs/knp-snappy
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: 8 months ago
Critical
Ecosystems: maven
Packages: axis:axis, org.apache.axis:axis
Source: GitHub Advisory Database
Blast Radius: 33.3
Published: 8 months ago
GSA_kwCzR0hTQS1ybXFwLTl3NGMtZ2M3d84AA1sf
Apache Axis 1.x (EOL) may allow RCE when untrusted input is passed to getServiceEcosystems: maven
Packages: axis:axis, org.apache.axis:axis
Source: GitHub Advisory Database
Blast Radius: 33.3
Published: 8 months ago
Critical
Ecosystems: go
Packages: github.com/bnb-chain/tss-lib
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1oMjRjLTZwNnAtbTN2eM4AA1oF
tss-lib leaks secret keys in response to incorrectly constructed Paillier moduliEcosystems: go
Packages: github.com/bnb-chain/tss-lib
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 8 months ago
GSA_kwCzR0hTQS1mNzN3LTRtN2ctY2g5eM4AA1n1
Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr libraryEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 8 months ago
Critical
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS1qMmdqLWczcDktN21ycs4AA1nC
Account TakeOver Due to Improper Handling of JWT Tokens in usememos/memosEcosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Critical
Ecosystems: npm
Packages: find-exec
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 8 months ago
GSA_kwCzR0hTQS05NXJwLTZncXAtNjYyMs4AA1lI
Command Injection Vulnerability in find-execEcosystems: npm
Packages: find-exec
Source: GitHub Advisory Database
Blast Radius: 27.4
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: zbar
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 8 months ago
GSA_kwCzR0hTQS1taHA2LWp2cHgtMnA0bc4AA1jD
Heap-based buffer overflow in ZBarEcosystems: pypi
Packages: zbar
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 8 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-scheduler-api, com.xpn.xwiki.platform.plugins:xwiki-plugin-scheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS04eGhyLXgzdjgtcmdoas4AA1eR
XWiki Platform's Groovy jobs check the wrong author, allowing remote code executionEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-scheduler-api, com.xpn.xwiki.platform.plugins:xwiki-plugin-scheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 8 months ago
GSA_kwCzR0hTQS03Z2ZxLWY5NmYtZzg1as4AA1dI
langchain vulnerable to arbitrary code executionEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 8 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS01bWY4LXY0M3ctbWZ4cM4AA1aV
XWiki Platform privilege escalation (PR) from account through AWM content fieldsEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-invitation-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS03OTU0LTZtOXEtZ3B2Zs4AA1Yx
XWiki Platform privilege escalation (PR)/RCE from account through Invitation subject/messageEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-invitation-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Critical
Ecosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 54.9
Published: 8 months ago
GSA_kwCzR0hTQS02OHhnLWdxcW0tdmdqOM4AA1Yw
Puma HTTP Request/Response Smuggling vulnerabilityEcosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 54.9
Published: 8 months ago
Critical
Ecosystems: npm
Packages: tree-kit
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: 8 months ago
GSA_kwCzR0hTQS01cDQyLW02ZjMtaHBtas4AA1Wh
tree-kit Prototype Pollution vulnerabilityEcosystems: npm
Packages: tree-kit
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 8 months ago
GSA_kwCzR0hTQS1majMyLXE2MjYtcGpqY84AA1UA
LangChain vulnerable to arbitrary code executionEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 8 months ago
Critical
Ecosystems: maven
Packages: org.alluxio:alluxio-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS14cnJoLWg4NnctcHdmas4AA1T6
Alluxio vulnerable to arbitrary code executionEcosystems: maven
Packages: org.alluxio:alluxio-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 8 months ago
GSA_kwCzR0hTQS1wcmdwLXc3dmYtY2g2Ms4AA1T_
LangChain vulnerable to arbitrary code executionEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 8 months ago
GSA_kwCzR0hTQS05Mmo1LTM0NTktcWdwNM4AA1T7
LangChain vulnerable to arbitrary code executionEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: pandasai
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 8 months ago
GSA_kwCzR0hTQS04ZnA5LTQzcHctNTZ2d84AA1UK
PandasAI vulnerable to arbitrary code executionEcosystems: pypi
Packages: pandasai
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: llama-index
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: 8 months ago
GSA_kwCzR0hTQS0yeHhjLTczZnYtMzZmN84AA1UC
llama-index vulnerable to arbitrary code executionEcosystems: pypi
Packages: llama-index
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: 8 months ago
Critical
Ecosystems: npm
Packages: external-svg-loader
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: 8 months ago
GSA_kwCzR0hTQS14YzJyLWpmMngtZ2pyOM4AA1Sy
external-svg-loader Cross-site Scripting vulnerabilityEcosystems: npm
Packages: external-svg-loader
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: 8 months ago
Critical
Ecosystems: npm
Packages: hellojs
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: 9 months ago
GSA_kwCzR0hTQS1nM3ZmLTQ3ZnYtOGYzY84AA1QP
MrSwitch hello.js vulnerable to prototype pollutionEcosystems: npm
Packages: hellojs
Source: GitHub Advisory Database
Blast Radius: 24.5
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Blast Radius: 43.5
Published: 9 months ago
GSA_kwCzR0hTQS1wcjc2LTVjbTUtdzljas4AA1Py
GitPython vulnerable to remote code execution due to insufficient sanitization of input argumentsEcosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Blast Radius: 43.5
Published: 9 months ago
Critical
Ecosystems: npm
Packages: ses
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: 9 months ago
GSA_kwCzR0hTQS05YzRoLTNmN2gtMzIycs4AA1Lc
SES's dynamic import and spread operator provides possible path to arbitrary exfiltration and executionEcosystems: npm
Packages: ses
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: 9 months ago
Critical
Ecosystems: packagist
Packages: prestashop/prestashop
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 9 months ago
GSA_kwCzR0hTQS1nZjQ2LXBybTQtNTZwY84AA1LW
PrestaShop SQL manager vulnerabilityEcosystems: packagist
Packages: prestashop/prestashop
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 9 months ago
Critical
Ecosystems: packagist
Packages: cockpit-hq/cockpit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS14Y3EzLTdwZjMtNWp2Y84AA1Ei
Cockpit PHP Remote File Inclusion vulnerabilityEcosystems: packagist
Packages: cockpit-hq/cockpit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 9 months ago
GSA_kwCzR0hTQS1nd3FxLTZ2cTctNWo4Ns4AA1D8
langchain Code Injection vulnerabilityEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 9 months ago
Critical
Ecosystems: packagist
Packages: pyrocms/pyrocms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS13N3ZtLTR2M2otdmdwd84AA1Db
PyroCMS remote code execution vulnerabilityEcosystems: packagist
Packages: pyrocms/pyrocms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
Ecosystems: maven
Packages: com.aerospike:aerospike-client
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: 9 months ago
GSA_kwCzR0hTQS1qajk1LTU1Y3ItOTU5N84AA1Co
Aerospike Java Client vulnerable to unsafe deserialization of server responsesEcosystems: maven
Packages: com.aerospike:aerospike-client
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: 9 months ago
Critical
Ecosystems: npm
Packages: @soketi/soketi
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 9 months ago
GSA_kwCzR0hTQS1nNnc2LWg5MzMtNHJjNc4AA1Cn
Soketi was exposed to Sandbox Escape vulnerability via vm2Ecosystems: npm
Packages: @soketi/soketi
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: MindsDB
Source: GitHub Advisory Database
Blast Radius: 17.1
Published: 9 months ago
GSA_kwCzR0hTQS04aHg2LXF2NmYteGdjd84AA0_P
MindsDB can be made to not verify SSL certificatesEcosystems: pypi
Packages: MindsDB
Source: GitHub Advisory Database
Blast Radius: 17.1
Published: 9 months ago
Critical
Ecosystems: packagist
Packages: billz/raspap-webgui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS03YzI4LXdnN3ItcGc2Zs4AA0-u
RaspAP Command Injection vulnerabilityEcosystems: packagist
Packages: billz/raspap-webgui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: matrix-sydent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS1wNmh3LXdtNTktM2c1Z84AA0-Q
Sydent does not verify email server certificatesEcosystems: pypi
Packages: matrix-sydent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Critical
Ecosystems: npm
Packages: umami
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS04d3d3LWNmZmgtNHE5OM4AA08I
Anyone with a share link can RESET all website data in UmamiEcosystems: npm
Packages: umami
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.boofcv:boofcv-core
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: 9 months ago
GSA_kwCzR0hTQS05OXA1LXFwcXgtbWh3Y84AA08H
Code injection in BoofCVEcosystems: maven
Packages: org.boofcv:boofcv-core
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 9 months ago
GSA_kwCzR0hTQS13cDZjLTI5cjMtanF3Oc4AA08A
SQL injection in jeecg-bootEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 9 months ago
Critical
Ecosystems: maven
Packages: opensymphony:oscore
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: 9 months ago
GSA_kwCzR0hTQS04NTltLTJwZngtZndoZs4AA08D
Code injection in oscoreEcosystems: maven
Packages: opensymphony:oscore
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: 9 months ago
Critical
Ecosystems: maven
Packages: no.priv.garshol.duke:duke
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 9 months ago
GSA_kwCzR0hTQS1wODNxLTk5cmMtdmZtds4AA073
Code injection in DukeEcosystems: maven
Packages: no.priv.garshol.duke:duke
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 9 months ago
Critical
Ecosystems: maven
Packages: edu.stanford.nlp:stanford-parser
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 9 months ago
GSA_kwCzR0hTQS0zNTNtLWpoMm0tNzJ2NM4AA08F
Code injection in stanford-parserEcosystems: maven
Packages: edu.stanford.nlp:stanford-parser
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: 9 months ago
Critical
Ecosystems: maven
Packages: us.codecraft:webmagic-core
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: 9 months ago
GSA_kwCzR0hTQS1ncnZxLXZqcXIteDh2bc4AA076
Code injection in webmagic-coreEcosystems: maven
Packages: us.codecraft:webmagic-core
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: 9 months ago
Critical
Ecosystems: maven
Packages: tech.powerjob:powerjob-common
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 9 months ago
GSA_kwCzR0hTQS0yaDI2LXFmeG0tcjNwcc4AA08E
Code injection in PowerJobEcosystems: maven
Packages: tech.powerjob:powerjob-common
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 9 months ago
Critical
Ecosystems: maven
Packages: com.wix:wix-embedded-mysql
Source: GitHub Advisory Database
Blast Radius: 20.4
Published: 9 months ago
GSA_kwCzR0hTQS1meDN2LTR3M3ctd3B3cs4AA08G
Code injection in wix-embedded-mysqlEcosystems: maven
Packages: com.wix:wix-embedded-mysql
Source: GitHub Advisory Database
Blast Radius: 20.4
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 9 months ago
GSA_kwCzR0hTQS05cTl2LXFnd3gtODRtcs4AA05R
Command injection in PaddlePaddleEcosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 32.4
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.apache.jackrabbit:jackrabbit-standalone-components, org.apache.jackrabbit:jackrabbit-standalone, org.apache.jackrabbit:jackrabbit-webapp
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: 9 months ago
GSA_kwCzR0hTQS1xOGNtLTN2NjItamo3Oc4AA04Z
Remote code execution in Apache JackrabbitEcosystems: maven
Packages: org.apache.jackrabbit:jackrabbit-standalone-components, org.apache.jackrabbit:jackrabbit-standalone, org.apache.jackrabbit:jackrabbit-webapp
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: 9 months ago
Critical
Ecosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: 9 months ago
GSA_kwCzR0hTQS12aDJnLTZjNHgtNWhtcM4AA04I
Path traversal and code execution via prototype vulnerabilityEcosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.folio:mod-data-export-spring
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS12Zjc4LTNxOWYtOTJnM84AA04H
Hard-coded System User Credentials in Folio Data Export Spring moduleEcosystems: maven
Packages: org.folio:mod-data-export-spring
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.apache.inlong:manager-service
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: 9 months ago
GSA_kwCzR0hTQS1yNXB2LTdnODktY3htY84AA04B
SQL injection in audit endpointEcosystems: maven
Packages: org.apache.inlong:manager-service
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.apache.shiro:shiro-web
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: 9 months ago
GSA_kwCzR0hTQS1wbWhjLTJnNGYtODVjZ84AA03a
Path Traversal in Apache ShiroEcosystems: maven
Packages: org.apache.shiro:shiro-web
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: 9 months ago
Critical
Ecosystems: go
Packages: github.com/KubeOperator/kubepi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS03NTdwLXZ4NDMtZnA5cs4AA01i
KubePi Privilege Escalation vulnerabilityEcosystems: go
Packages: github.com/KubeOperator/kubepi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.openidentityplatform.openam:openam-federation-library
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: 9 months ago
GSA_kwCzR0hTQS00bWg4LTl3cTYtcmp4Z84AA00j
OpenAM vulnerable to user impersonation using SAMLv1.x SSO processEcosystems: maven
Packages: org.openidentityplatform.openam:openam-federation-library
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: 9 months ago
Critical
Ecosystems: maven
Packages: org.springframework.security:spring-security-config
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: 9 months ago
GSA_kwCzR0hTQS0zaDZmLWc1ZjMtZ2M0d84AA0zc
Access Control Bypass in Spring SecurityEcosystems: maven
Packages: org.springframework.security:spring-security-config
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 9 months ago
GSA_kwCzR0hTQS1mbXhqLTZoOWctNnZ3M84AA0y8
MLflow Path Traversal vulnerabilityEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: postgraas-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS12Z2htLThjanAtaGp3Ns4AA0xF
postgraas-server vulnerable to SQL injectionEcosystems: pypi
Packages: postgraas-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Critical
Ecosystems: go
Packages: github.com/IceWhaleTech/CasaOS
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS1tNXE1LThtZnctcDJocs4AA0vD
CasaOS contains weak JWT secretsEcosystems: go
Packages: github.com/IceWhaleTech/CasaOS
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Statistics
Advisories: 17,985
Packages: 8,213
Repositories: 1,274
Ecosystems: 12
Packages: 8,213
Repositories: 1,274
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
27
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
net.mingsoft:ms-mcms
18
org.jenkins-ci.main:jenkins-core
18
moodle/moodle
15
salt
14
com.liferay.portal:release.portal.bom
13
com.liferay.portal:release.dxp.bom
12
org.apache.dubbo:dubbo
12
mlflow
12
langchain
12
topthink/framework
12
org.apache.struts:struts2-core
11
drupal/core
11
magento/core
11
apache-airflow
10
vm2
10
phpmyadmin/phpmyadmin
9
funadmin/funadmin
9
org.xwiki.platform:xwiki-platform-oldcore
9
tensorflow
9
tensorflow-gpu
8
rdiffweb
8
shopware/platform
8
org.jeecgframework.boot:jeecg-boot-common
8
paddlepaddle
8
org.xwiki.platform:xwiki-platform-web-templates
8
tensorflow-cpu
8
drupal/drupal
8
studio-42/elfinder
7
org.xwiki.platform:xwiki-platform-administration-ui
7
sequelize
7
rusqlite
7
ansible
7
gogs.io/gogs
7
aaptjs
6
parse-server
6
symfony/symfony
6
github.com/argoproj/argo-cd
6
thorsten/phpmyfaq
6
github.com/answerdev/answer
6
Microsoft.ChakraCore
5
org.xwiki.platform:xwiki-platform-web
5
org.apache.activemq:activemq-client
5
org.apache.tomcat.embed:tomcat-embed-core
5
org.jenkins-ci.plugins:script-security
5
django
5
ezsystems/ezpublish-kernel
5
nodebb
5
Pillow
5
org.apache.shiro:shiro-core
5
steal
5
shopware/core
5
org.xwiki.commons:xwiki-commons-xml
5
org.apache.inlong:manager-pojo
5
safe-eval
5
froxlor/froxlor
5
ckb
5
org.jeecgframework.boot:jeecg-boot-parent
5
centreon/centreon
5
zendframework/zendframework
5
org.apache.kylin:kylin-server-base
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
github.com/hashicorp/vault
4
pyload-ng
4
org.apache.openmeetings:openmeetings-parent
4
org.apache.inlong:manager-service
4
org.jeecgframework.boot:jeecg-boot-base-core
4
librenms/librenms
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
Django
4
org.eclipse.jetty:jetty-server
4
safer-eval
4
smallvec
4
calibreweb
4
org.apache.tapestry:tapestry-core
4
hermes-engine
4
org.cloudfoundry.identity:cloudfoundry-identity-server
4
openssl-src
4
apache-airflow-providers-apache-hive
4
spree_auth_devise
4
nilsteampassnet/teampass
4
net.opentsdb:opentsdb
4
github.com/usememos/memos
4
feehi/cms
4
prestashop/prestashop
4
github.com/argoproj/argo-cd/v2
4
PaddlePaddle
4
baserproject/basercms
4
swagger-ui
4
messagepack-rs
4
code.gitea.io/gitea
4
nukeviet/nukeviet
4
realms-shim
4
rubygems-update
3
com.jflyfox:jflyfox_jfinal
3
org.apache.linkis:linkis
3
org.apache.storm:storm
3
feathers-sequelize
3
elefant/cms
3
edu.stanford.nlp:stanford-corenlp
3
showdoc/showdoc
3
lmdb
3
nokogiri
3
github.com/pterodactyl/wings
3
github.com/go-gitea/gitea
3
ibexa/core
3
zendframework/zendframework1
3
org.apache.inlong:manager-web
3
github.com/hashicorp/nomad
3
com.alibaba:dubbo
3
strapi
3
slpjs
3
dompdf/dompdf
3
browserify-shim
3
cobbler
3
mongoose
3
org.springframework.security:spring-security-core
3
org.apache.any23:apache-any23
3
francoisjacquet/rosariosis
3
org.apache.dolphinscheduler:dolphinscheduler
3
@openzeppelin/contracts-upgradeable
3
typo3/cms
3
craftcms/cms
3
impresscms/impresscms
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
id-map
3
log4j:log4j
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
phpmailer/phpmailer
3
handlebars
3
org.apache.ignite:ignite-core
3
org.apache.ozone:ozone-main
3
nvflare
3
publify_core
3
org.keycloak:keycloak-core
3
codeigniter4/framework
3
xcb
3
org.jeecgframework.boot:jeecg-boot-base
3
mautic/core
3
pimcore/pimcore
3
modoboa
3
org.apache.logging.log4j:log4j-core
3
org.apache.hadoop:hadoop-common
3
github.com/dexidp/dex
3
jsrsasign
3
com.hazelcast:hazelcast
3
actix-web
3
ezsystems/ezplatform-kernel
3
smarty/smarty
3
org.xwiki.platform:xwiki-platform-search-ui
3
org.xwiki.platform:xwiki-platform-panels-ui
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
github.com/rancher/rancher
3
io.undertow:undertow-core
3
io.dataease:dataease-plugin-common
3
ray
3
org.apache.solr:solr-parent
3
org.xwiki.platform:xwiki-platform-icon-ui
3
org.richfaces:richfaces-core
3
org.apache.jmeter:ApacheJMeter
3
facade/ignition
3
ro.pippo:pippo-core
3
tribalsystems/zenario
3
org.apache.solr:solr-core
3
slp-validate
3
org.jenkins-ci.plugins:active-directory
3
openmage/magento-lts
2
silverstripe/framework
2
org.apache.commons:commons-configuration2
2
org.apache.shiro:shiro-spring
2
typo3/phar-stream-wrapper
2
Simple-Wayland-HotKey-Daemon
2
github.com/KubeOperator/kubepi
2
github.com/crewjam/saml
2
vyper
2
org.apache.ranger:ranger
2
AjaxNetProfessional
2
rest-client
2
io.vertx:vertx-web
2
org.apache.derby:derby
2
ses
2
symfony/security-core
2
symfony/security
2
zoujingli/thinkadmin
2
nystudio107/craft-seomatic
2
Plone
2
zendframework/zend-db
2
github.com/apache/trafficcontrol
2
net.bull.javamelody:javamelody-core
2
dns-sync
2
puma
2
com.jfinal:jfinal
2
python-keystoneclient
2
org.apache.pulsar:pulsar
2
electron
2
org.springframework.amqp:spring-amqp
2
github.com/fluxcd/kustomize-controller
2
pandasai
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/apache/airflow
14
https://github.com/saltstack/salt
13
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/funadmin/funadmin
9
https://github.com/tensorflow/tensorflow
9
https://github.com/langchain-ai/langchain
8
https://github.com/top-think/framework
8
https://github.com/django/django
8
https://github.com/apache/inlong
8
https://github.com/ikus060/rdiffweb
8
https://github.com/magento/magento2
8
https://github.com/Studio-42/elFinder
7
https://github.com/ansible/ansible
7
https://github.com/gogs/gogs
7
https://github.com/python-pillow/Pillow
7
https://github.com/sequelize/sequelize
7
https://github.com/argoproj/argo-cd
7
https://github.com/apache/struts
7
https://github.com/rusqlite/rusqlite
7
https://github.com/go-gitea/gitea
7
https://github.com/shenzhim/aaptjs
6
https://github.com/answerdev/answer
6
https://github.com/shopware/platform
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/parse-community/parse-server
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/keycloak/keycloak
5
https://github.com/moodle/moodle
5
https://github.com/nervosnetwork/ckb
5
https://github.com/apache/activemq
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/stealjs/steal
5
https://github.com/froxlor/froxlor
5
https://github.com/symfony/symfony
5
https://github.com/NodeBB/NodeBB
5
https://github.com/apache/tomcat
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/swagger-api/swagger-ui
4
https://github.com/janeczku/calibre-web
4
https://github.com/dompdf/dompdf
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/pippo-java/pippo
4
https://github.com/dromara/hutool
4
https://github.com/liufee/cms
4
https://github.com/spring-projects/spring-framework
4
https://github.com/servo/rust-smallvec
4
https://github.com/cloudfoundry/uaa
4
https://github.com/hwchase17/langchain
4
https://github.com/pyload/pyload
4
https://github.com/usememos/memos
4
https://github.com/CVEProject/cvelist
4
https://github.com/PrestaShop/PrestaShop
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/otake84/messagepack-rs
4
https://github.com/neorazorx/facturascripts
3
https://github.com/github/securitylab
3
https://github.com/dexidp/dex
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/apache/shiro
3
https://github.com/baserproject/basercms
3
https://github.com/pterodactyl/wings
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/smarty-php/smarty
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/facade/ignition
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/rubygems/rubygems.org
3
https://github.com/facebook/hermes
3
https://github.com/mbechler/marshalsec
3
https://github.com/hazelcast/hazelcast
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/pimcore/pimcore
3
https://github.com/star7th/showdoc
3
https://github.com/rancher/rancher
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/publify/publify
3
https://github.com/dwisiswant0/advisory
3
https://github.com/centreon/centreon-archived
3
https://github.com/shopware/shopware
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/kjur/jsrsasign
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/apache/camel
3
https://github.com/strapi/strapi
3
https://github.com/ibexa/core
3
https://github.com/octobercms/october
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/denoland/deno
3
https://github.com/crewjam/saml
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/twisted/twisted
3
https://github.com/craftcms/cms
3
https://github.com/nukeviet/nukeviet
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/rubygems/rubygems
3
https://github.com/actix/actix-web
3
https://github.com/modoboa/modoboa
3
https://github.com/andrewhickman/id-map
3
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/nats-io/jwt
2
https://github.com/SAP/cloud-pysec
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/qcubed/qcubed
2
https://github.com/rest-client/rest-client
2
https://github.com/nystudio107/craft-seomatic
2
https://github.com/Automattic/mongoose
2
https://github.com/netvl/acc_reader
2
https://github.com/jmrozanec/cron-utils
2
https://github.com/rubyzip/rubyzip
2
https://github.com/jfinal/jfinal
2
https://github.com/apache/kylin
2
https://github.com/waycrate/swhkd
2
https://github.com/TribalSystems/Zenario
2
https://github.com/codeigniter4/CodeIgniter4
2
https://github.com/laurent22/joplin
2
https://github.com/rochacbruno/quokka
2
https://github.com/gventuri/pandas-ai
2
https://github.com/dominictarr/event-stream
2
https://github.com/pytorch/serve
2
https://github.com/KnpLabs/snappy
2
https://github.com/gnzlbg/slice_deque
2
https://github.com/benbusby/whoogle-search
2
https://github.com/ADOdb/ADOdb
2
https://github.com/javamelody/javamelody
2
https://github.com/folio-org/mod-data-export-spring
2
https://github.com/Netflix/security-bulletins
2
https://github.com/sjep/array
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/nodejs/llhttp
2
https://github.com/apache/submarine
2
https://github.com/drupal/core
2
https://github.com/getgrav/grav
2
https://github.com/neo4j-contrib/neo4j-apoc-procedures
2
https://github.com/kubernetes/kubernetes
2
https://github.com/http4s/http4s
2
https://github.com/js-data/js-data
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/grafana/grafana
2
https://github.com/fluxcd/flux2
2
https://github.com/ibexa/admin-ui
2
https://github.com/unshiftio/url-parse
2
https://github.com/dominictarr/libnested
2
https://github.com/beego/beego
2
https://github.com/centreon/centreon
2
https://github.com/ezsystems/ezplatform-admin-ui
2
https://github.com/MrSwitch/hello.js
2
https://github.com/puma/puma
2
https://github.com/apache/incubator-streampark
2
https://github.com/evmos/evmos
2
https://github.com/moby/buildkit
2
https://github.com/top-think/thinkphp
2
https://github.com/noear/solon
2
https://github.com/michaelschwarz/Ajax.NET-Professional
2
https://github.com/hashicorp/vault
2
https://github.com/h2database/h2database
2
https://github.com/ionicabizau/parse-url
2
https://github.com/totaljs/framework
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/keystonejs/keystone
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jenkinsci/script-security-plugin
2
https://github.com/ahdinosaur/set-in
2
https://github.com/sidorares/node-mysql2
2
https://github.com/web2py/web2py
2
https://github.com/mautic/mautic
2
https://github.com/markevans/dragonfly
2
https://github.com/line/armeria
2
https://github.com/omrilotan/async-git
2
https://github.com/kujirahand/nadesiko3
2
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
2
https://github.com/uasoft-indonesia/badaso
2
https://github.com/openstack/python-keystoneclient
2
https://github.com/apache/karaf
2
https://github.com/reem/rust-traitobject
2
https://github.com/apache/dubbo
2
https://github.com/gofiber/fiber
2
https://github.com/Agoric/realms-shim
2
https://github.com/alextselegidis/easyappointments
2
https://github.com/actix/actix-net
2
https://github.com/dfinity/agent-js
2
https://github.com/apache/flume
2