Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Critical Security Advisories

Loading...
Critical
GSA_kwCzR0hTQS03NTdwLXZ4NDMtZnA5cs4AA01i
KubePi Privilege Escalation vulnerability
Ecosystems: go
Packages: github.com/KubeOperator/kubepi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS00bWg4LTl3cTYtcmp4Z84AA00j
OpenAM vulnerable to user impersonation using SAMLv1.x SSO process
Ecosystems: maven
Packages: org.openidentityplatform.openam:openam-federation-library
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: 10 months ago
Critical
GSA_kwCzR0hTQS0zaDZmLWc1ZjMtZ2M0d84AA0zc
Access Control Bypass in Spring Security
Ecosystems: maven
Packages: org.springframework.security:spring-security-config
Source: GitHub Advisory Database
Blast Radius: 43.8
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1mbXhqLTZoOWctNnZ3M84AA0y8
MLflow Path Traversal vulnerability
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 10 months ago
Critical
GSA_kwCzR0hTQS12Z2htLThjanAtaGp3Ns4AA0xF
postgraas-server vulnerable to SQL injection
Ecosystems: pypi
Packages: postgraas-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1tNXE1LThtZnctcDJocs4AA0vD
CasaOS contains weak JWT secrets
Ecosystems: go
Packages: github.com/IceWhaleTech/CasaOS
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS12amg3LTVyNngteGg2Z84AA0vC
CasaOS Gateway vulnerable to incorrect identification of source IP addresses
Ecosystems: go
Packages: github.com/IceWhaleTech/CasaOS-Gateway
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1majhmLTU2d2MtcTM2cs4AA0u5
rabbitmq-connector plugin module in Apache EventMesh platforms allows attackers to send controlled message
Ecosystems: maven
Packages: org.apache.eventmesh:eventmesh-connector-rabbitmq
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS05bTkzLXc4dzYtNzZoaM4AA0uj
Mongoose Prototype Pollution vulnerability
Ecosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 59.2
Published: 10 months ago
Critical
GSA_kwCzR0hTQS14MnBoLXFxd20tOWNjNs4AA0uL
CleverTap Cordova plugin vulnerable to Cross-site Scripting
Ecosystems: npm
Packages: clevertap-cordova
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1oNHZwLTY5cjgtZ3ZqZ84AA0t7
org.xwiki.platform:xwiki-platform-skin-ui Eval Injection vulnerability
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-skin-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1jNnY1LXBmNjYteGZxOM4AA0tO
Froxlor vulnerable to Improper Encoding or Escaping of Output
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1jY2hxLWZyZ3YtcmpoNc4AA0sM
vm2 Sandbox Escape vulnerability
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1nNjQ0LTlnZngtcTRxNM4AA0sL
vm2 Sandbox Escape vulnerability
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1nOWN2LXYzdjQtM2g4cs4AA0pM
Apache Pulsar Incorrect Authorization vulnerability
Ecosystems: maven
Packages: org.apache.pulsar:pulsar
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1ncHE4LTk2M3ctOHFjOc4AA0pS
RocketMQ NameServer component Code Injection vulnerability
Ecosystems: maven
Packages: org.apache.rocketmq:rocketmq-namesrv
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1waDZnLXA3MnYtcGMzcM4AA0m1
Orchid Deserialization of Untrusted Data vulnerability leads to Remote Code Execution
Ecosystems: packagist
Packages: orchid/platform
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1qeDNxLTVyZ2YtdnJycs4AA0kS
xalpha vulnerable to Remote Code Execution
Ecosystems: pypi
Packages: xalpha
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS02eHhyLTY0OG0tZ2NoNs4AA0ic
XWiki Platform vulnerable to cross-site request forgery (CSRF) via the REST API
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rest-server, com.xpn.xwiki.platform:xwiki-rest, com.xpn.xwiki.platform:xwiki-core-rest-server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS05N2htLTJtZnItMnA5N84AA0f9
TeamPass Code Injection vulnerability
Ecosystems: packagist
Packages: nilsteampassnet/teampass
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 10 months ago
Critical
GSA_kwCzR0hTQS14M2NxLThmMzItNWY2M84AA0bY
Apache RocketMQ may have remote code execution vulnerability when using update configuration function
Ecosystems: maven
Packages: org.apache.rocketmq:rocketmq-namesrv, org.apache.rocketmq:rocketmq-controller, org.apache.rocketmq:rocketmq-broker
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: 10 months ago
Critical
GSA_kwCzR0hTQS03NTdwLTdocDUtcHFtcs4AA0c6
Apache InLong Insufficient Session Expiration vulnerability
Ecosystems: maven
Packages: org.apache.inlong:manager-service, org.apache.inlong:manager-web, org.apache.inlong:manager-dao, org.apache.inlong:manager-pojo
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: 10 months ago
Critical
GSA_kwCzR0hTQS13M3dyLWdtd2YtcjMzM84AA0cy
Apache InLong has Weak Password Requirements in Apache InLong
Ecosystems: maven
Packages: org.apache.inlong:manager-pojo
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: 10 months ago
Critical
GSA_kwCzR0hTQS13eDc5LXIzcTgtZnE5aM4AA0cv
Apache InLong has Files or Directories Accessible to External Parties in Apache InLong
Ecosystems: maven
Packages: org.apache.inlong:manager-web, org.apache.inlong:manager-service
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1xNXA1LXhnOTMtMmpxY84AA0cp
Apache InLong Improper Privilege Management vulnerability
Ecosystems: maven
Packages: org.apache.inlong:manager-web, org.apache.inlong:manager-service, org.apache.inlong:manager-dao, org.apache.inlong:manager-pojo
Source: GitHub Advisory Database
Blast Radius: 15.1
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1tNWg4LTJwanctdmczas4AA0XS
Apache StreamPark Improper Input Validation vulnerability
Ecosystems: maven
Packages: org.apache.streampark:streampark
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS02ODc0LTI4OWctZjdoN84AA0XW
Apache StreamPark Path Traversal vulnerability
Ecosystems: maven
Packages: org.apache.streampark:streampark-common_2.11, org.apache.streampark:streampark-common_2.12
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS00eDVoLXhtdjQtOTl3eM4AA0Vr
Apache Linkis Authentication Bypass vulnerability
Ecosystems: maven
Packages: org.apache.linkis:linkis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS0zeHJyLTdtNnAtcDd4aM4AA0VW
HtmlUnit Code Injection vulnerability
Ecosystems: maven
Packages: net.sourceforge.htmlunit:htmlunit
Source: GitHub Advisory Database
Blast Radius: 39.5
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1wajVqLXc3bXctdzc5N84AA0VR
Apache Linkis Zip Slip issue
Ecosystems: maven
Packages: org.apache.linkis:linkis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS14ODRyLWpycW0tM2hqOM4AA0VV
Apache Linkis Unrestricted File Upload vulnerability
Ecosystems: maven
Packages: org.apache.linkis:linkis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1wcHh4LW05MjYtZzU2Oc4AA0RP
Apache Kylin vulnerable to remote code execution
Ecosystems: maven
Packages: org.apache.kylin:kylin-server-base, org.apache.kylin:kylin-spark-project, org.apache.kylin:kylin-core-common
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: 10 months ago
Critical
GSA_kwCzR0hTQS01N2ZjLThxODItZ2ZwM84AA0QS
langchain vulnerable to arbitrary code execution
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1oNzU1LThxcDktY3E4Nc4AA0Nr
protobufjs Prototype Pollution vulnerability
Ecosystems: npm
Packages: protobufjs
Source: GitHub Advisory Database
Blast Radius: 54.7
Published: 10 months ago
Critical
GSA_kwCzR0hTQS0ycW1qLTc5NjItY2pxOM4AA0Lt
langchain arbitrary code execution vulnerability
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1oZzZjLXFxY20tcjc5cs4AA0Le
Apache Airflow Hive Provider Beeline remote code execution with Principal
Ecosystems: pypi
Packages: apache-airflow-providers-apache-hive
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 10 months ago
Critical
GSA_kwCzR0hTQS03NmY3LTl2NTItdjJmd84AA0Kb
Remote Code Execution for 2.4.1 and earlier
Ecosystems: maven
Packages: net.opentsdb:opentsdb
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS12NGY0LTIzd2MtOTltaM4AA0KW
pipreqs vulnerable to Dependency Confusion
Ecosystems: pypi
Packages: pipreqs
Source: GitHub Advisory Database
Blast Radius: 34.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS04cTlxLXI5djItNjQ0bc4AA0KR
Upgrading doesn't prevent exploiting vulnerable XWiki documents
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS05NHBmLTkyaHctMmhqY84AA0KQ
XWiki Platform vulnerable to Code injection through NotificationRSSService
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-notifications-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1mbTY4LWo3d3ctaDl4Zs4AA0KP
XWiki Platform vulnerable to Code Injection in icon themes
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-icon-ui, org.xwiki.platform:xwiki-platform-icon-default, org.xwiki.platform:xwiki-platform-icon-script
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS02cHFmLWM5OXAtNzU4ds4AA0KO
org.xwiki.commons:xwiki-commons-xml's HTML sanitizer allows form elements in restricted
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-xml
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: 10 months ago
Critical
GSA_kwCzR0hTQS00NjJ4LWMzanctN3ZyNs4AA0KN
Parse Server vulnerable to remote code execution via MongoDB BSON parser through prototype pollution
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: 10 months ago
Critical
GSA_kwCzR0hTQS03OTN3LWczMjUtaHJ3Ms4AA0KM
XWiki Platform vulnerable to persistent Cross-site Scripting through CKEditor Configuration pages
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-ckeditor-ui, org.xwiki.contrib:application-ckeditor-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS0zcDYyLTZmamgtM3A1aM4AA0KH
Keycloak vulnerable to cross-site scripting when validating URI-schemes on SAML and OIDC
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 27.5
Published: 10 months ago
Critical
GSA_kwCzR0hTQS03NGo4LXc3ZjktcHA2Ms4AA0KE
Improper configuration of RBAC permissions obtaining cluster control permissions
Ecosystems: go
Packages: github.com/labring/sealos
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1oNDJqLW1ybXAtOTM2Oc4AA0GE
git-commit-info vulnerable to Command Injection
Ecosystems: npm
Packages: git-commit-info
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1jZ21tLWMybTktZmY3cs4AA0E5
jFinal Server-Side Template Injection vulnerability
Ecosystems: maven
Packages: com.jfinal:jfinal
Source: GitHub Advisory Database
Blast Radius: 28.7
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1oajhtLTlmaGYtdjdqcM4AA0D-
fief-server Server-Side Template Injection vulnerability
Ecosystems: pypi
Packages: fief-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Critical
GSA_kwCzR0hTQS1tcHYzLWc4bTMtM2ZqY84AA0AQ
Grafana vulnerable to Authentication Bypass by Spoofing
Ecosystems: go
Packages: github.com/grafana/grafana
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS13NjVxLWpjbXYtMjhnas4AAz_-
Dynamic Linq vulnerable to remote code execution
Ecosystems: nuget
Packages: System.Linq.Dynamic.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS00eG03LTVxNzktM2ZjaM4AAz_y
XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in DeleteApplication page
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1yOHhjLXh4aDMtcTV4M84AAz_x
XWiki Platform vulnerable to reflected cross-site scripting via back and xcontinue parameters in resubmit template
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS14MjM0LW1nN3EtbThnOM4AAz_w
XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in deletespace template
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1td3hqLWc3ZnctN2hjOM4AAz_v
XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in restore template
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-skin-resources
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS04MzRjLXgyOWMtZjQyY84AAz_t
XWiki Platform vulnerable to reflected cross-site scripting via xredirect parameter in delete template
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-skin-resources
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS01bTNtLXE4Y3EtNzdnNM4AAz_c
fuadmin vulnerable to insecure file upload
Ecosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1xMmZwLWp3ODctODZweM4AAz-_
laravel-s vulnerable to Local File Inclusion
Ecosystems: packagist
Packages: hhxsv5/laravel-s
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: 11 months ago
Critical
GSA_kwCzR0hTQS00N3A3LXhmY2MtNHB2Oc4AAz-X
php-imap vulnerable to RCE through a directory traversal vulnerability
Ecosystems: packagist
Packages: webklex/laravel-imap, webklex/php-imap
Source: GitHub Advisory Database
Blast Radius: 18.2
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1ocDV3LXcyOW0tdmc2M84AAz97
Apache Accumulo Improper Authentication vulnerability
Ecosystems: maven
Packages: org.apache.accumulo:accumulo-shell
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1xOWhnLTlxajItbXhmOc4AAz9u
XWiki Platform vulnerable to cross-site scripting via xcontinue parameter in previewactions template
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-skin-resources
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS00d2M2LWhxdjktcWM5N84AAz9s
XWiki Platform vulnerable to stored cross-site scripting in ClassEditSheet page via name parameters
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1yZjhqLXEzOWctN3hmbc4AAz9r
XWiki Platform vulnerable to privilege escalation (PR) from account through like LiveTableResults
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-like-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS02bWY1LTM2djktM2gyd84AAz9p
XWiki Platform vulnerable to privilege escalation (PR) from view right via Invitation application
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-invitation-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1nNzVjLWNqcjYtMzltY84AAz9m
XWiki Platform's Mail.MailConfig can be edited by any user with edit rights
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-mail-send-default
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1mcDdoLWY5ZjUteDRxN84AAz9l
XWiki vulnerable to stored cross-site scripting via any wiki document and the displaycontent/rendercontent template
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates, org.xwiki.platform:xwiki-platform-web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS02dmYyLW1mbXItcXFxd84AAz9f
Liufee CMS File Upload vulnerability
Ecosystems: packagist
Packages: feehi/cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS02NjQzLWg3aDUteDl3aM4AAz9W
Langchain vulnerable to arbitrary code execution
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1xM3E1LXF2aDUtY213Nc4AAz9T
liufee CMS File Upload vulnerability
Ecosystems: packagist
Packages: feehi/cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS03cThjLTQ5ZjQtNGM4cc4AAz61
Solon vulnerable to deserialization of untrusted data
Ecosystems: maven
Packages: org.noear:solon
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1mOWpmLTRjcDQtNGZxNc4AAz6B
Grav Server Side Template Injection (SSTI) vulnerability
Ecosystems: packagist
Packages: getgrav/grav
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 11 months ago
Critical
GSA_kwCzR0hTQS05MzRnLWZ2Y2MtNDgzM84AAz57
jeecg-boot SQL injection vulnerability
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS14MzJjLTU5djUtaDdmZ84AAz28
Langchain OS Command Injection vulnerability
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 11 months ago
Critical
GSA_kwCzR0hTQS13MnJyLXd2aDktbTJtN84AAz2y
JSONUtil vulnerable to stack exhaustion
Ecosystems: maven
Packages: net.pwall.json:jsonutil
Source: GitHub Advisory Database
Blast Radius: 12.3
Published: 11 months ago
Critical
GSA_kwCzR0hTQS01OXg2LWc0anItNGh4Y84AAzyA
GeoServer RCE due to improper control of generation of code in jai-ext`Jiffle` map algebra language
Ecosystems: maven
Packages: org.geoserver:gs-wps, org.geoserver:gs-wfs, org.geoserver:gs-wms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1jaHc0LTg4eGMtNzl3Ns4AAzvv
Froxlor vulnerable to Improper Restriction of Excessive Authentication Attempts
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1jMjlnLXEzaDMtbXdjZs4AAzvH
xxl-rpc deserialization vulnerability
Ecosystems: maven
Packages: com.xuxueli:xxl-rpc-core
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1wOTc2LWg1MmMtMjZwNs4AAzpQ
Rancher vulnerable to Privilege Escalation via manipulation of Secrets
Ecosystems: go
Packages: rancher/rancher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS12ZnJqLWZ2NnAtM2NwZs4AAzpG
Brook's tproxy server is vulnerable to a drive-by command injection.
Ecosystems: go
Packages: github.com/txthinking/brook
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1qMjQ1LXYybWgtNWg2Zs4AAznw
TeamPass vulnerable to stored Cross-site Scripting
Ecosystems: packagist
Packages: nilsteampassnet/teampass
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1qcXZyLWoydmctZ2pyds4AAzg5
Signature validation bypass in github.com/moov-io/signedxml
Ecosystems: go
Packages: github.com/moov-io/signedxml
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1yMzY0LTJwajQtcGY3Zs4AAzf1
ruby-saml vulnerable to XPath injection
Ecosystems: rubygems
Packages: ruby-saml
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1wdnJjLXd2ajItZjU5cM4AAzfl
Pomerium vulnerable to Incorrect Authorization with specially crafted requests
Ecosystems: go
Packages: github.com/pomerium/pomerium
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS14NDg3LTg2Nm0tcDhocs4AAze4
Server-Side Template Injection in Camaleon CMS
Ecosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1oaDdqLXBnMzktcTU2M84AAzdO
toui allows user-specific variables to be shared between users
Ecosystems: pypi
Packages: toui
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
Critical
GSA_kwCzR0hTQS00NDZtLWhtbW0taG04bc4AAzdL
Ckan remote code execution and private information access via crafted resource ids
Ecosystems: pypi
Packages: ckan
Source: GitHub Advisory Database
Blast Radius: 13.5
Published: 12 months ago
Critical
GSA_kwCzR0hTQS03Y2djLWZqdjQtNTJ4Ns4AAzdI
Malware in pre-build binaries of bignum
Ecosystems: npm
Packages: bignum
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
Critical
GSA_kwCzR0hTQS1tNm04LTZncTgtYzlmas4AAzbB
Remote Code Execution Vulnerability in Validation Placeholders in CodeIgniter4
Ecosystems: packagist
Packages: codeigniter4/framework
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: 12 months ago
Critical
GSA_kwCzR0hTQS1tZ2M0LXdxdjctNHB4bc4AAzZP
SwiftNIO vulnerable to HTTP request smuggling using malformed Transfer-Encoding header
Ecosystems: swift
Packages: github.com/apple/swift-nio
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: 12 months ago
Critical
GSA_kwCzR0hTQS13anEzLTdqeHgtd2hqOc4AAzYV
mlflow Path Traversal vulnerability
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: 12 months ago
Critical
GSA_kwCzR0hTQS1wNm02LTlqMzYtdmZqeM4AAzWx
glazedlists XML Deserialization vulnerability
Ecosystems: maven
Packages: com.glazedlists:glazedlists
Source: GitHub Advisory Database
Blast Radius: 14.8
Published: 12 months ago
Critical
GSA_kwCzR0hTQS13aHBqLThmM3ctNjdwNc4AAzV1
vm2 Sandbox Escape vulnerability
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: 12 months ago
Critical
GSA_kwCzR0hTQS04ajI4LTM0cXEtZ21jaM4AAzU2
Apache Sling Commons JSON bundle vulnerable to Improper Input Validation
Ecosystems: maven
Packages: org.apache.sling:org.apache.sling.commons.json
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: 12 months ago
Critical
GSA_kwCzR0hTQS02dmNmLWNmanAtcXhjd84AAzTg
LavaLite vulnerable to web cache poisoning
Ecosystems: packagist
Packages: lavalite/cms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 12 months ago
Critical
GSA_kwCzR0hTQS02Z2Y1LWM4OTgtN3J4cM4AAzSf
Improper Neutralization of Script in Attributes in XWiki (X)HTML renderers
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-annotation-core, org.xwiki.rendering:xwiki-rendering-syntax-annotatedhtml5, org.xwiki.rendering:xwiki-rendering-syntax-annotatedxhtml, org.xwiki.rendering:xwiki-rendering-syntax-html5, org.xwiki.rendering:xwiki-rendering-syntax-html, org.xwiki.platform:xwiki-core-rendering-api, org.xwiki.rendering:xwiki-rendering-syntax-xhtml
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: 12 months ago
Critical
GSA_kwCzR0hTQS0zNmZtLWozM3ctYzI1Zs4AAzSe
Privilege escalation (PR)/RCE from account through class sheet
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-test-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 months ago
Critical
GSA_kwCzR0hTQS1wNzQ0LTRxNnAtaHZjMs4AAzSb
Wings vulnerable to escape to host from installation container
Ecosystems: go
Packages: github.com/pterodactyl/wings
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 12 months ago
Critical
GSA_kwCzR0hTQS1wdjd2LXBoNmctM2d4ds4AAzM5
Improper Neutralization of Invalid Characters in Data Attribute Names in org.xwiki.commons:xwiki-commons-xml
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-xml
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: 12 months ago
Critical
GSA_kwCzR0hTQS1qOWg1LXZjZ3YtMmpmbc4AAzL4
XWiki Platform vulnerable to RXSS via editor parameter - importinline template
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-distribution-war
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 12 months ago
Critical
GSA_kwCzR0hTQS1nN3JqLXE3MjItMjQ1Z84AAzH0
jsreport vulnerable to code injection
Ecosystems: npm
Packages: jsreport
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: 12 months ago
Statistics
Advisories: 18,337
Packages: 8,283
Repositories: 1,289
Ecosystems: 12
Filter by Severity
Moderate 7,914 High 6,347 Critical 2,807 Low 981
Filter by Ecosystem
npm 952 maven 823 packagist 464 pypi 364 go 213 cargo 153 rubygems 110 nuget 49 actions 4 hex 4 swift 2
Filter by Package
magento/community-edition 27 com.fasterxml.jackson.core:jackson-databind 24 dolibarr/dolibarr 23 net.mingsoft:ms-mcms 18 org.jenkins-ci.main:jenkins-core 18 salt 16 moodle/moodle 15 com.liferay.portal:release.portal.bom 13 langchain 12 drupal/core 12 com.liferay.portal:release.dxp.bom 12 org.apache.dubbo:dubbo 12 topthink/framework 12 mlflow 12 magento/core 11 org.apache.struts:struts2-core 11 apache-airflow 10 vm2 10 tensorflow 9 org.xwiki.platform:xwiki-platform-oldcore 9 phpmyadmin/phpmyadmin 9 funadmin/funadmin 9 tensorflow-gpu 8 tensorflow-cpu 8 drupal/drupal 8 org.jeecgframework.boot:jeecg-boot-common 8 shopware/platform 8 rdiffweb 8 paddlepaddle 8 org.xwiki.platform:xwiki-platform-web-templates 8 froxlor/froxlor 7 rusqlite 7 org.xwiki.platform:xwiki-platform-administration-ui 7 ansible 7 sequelize 7 symfony/symfony 7 gogs.io/gogs 7 studio-42/elfinder 7 github.com/argoproj/argo-cd 6 thorsten/phpmyfaq 6 github.com/answerdev/answer 6 ezsystems/ezpublish-kernel 6 aaptjs 6 parse-server 6 centreon/centreon 5 org.apache.shiro:shiro-core 5 org.xwiki.platform:xwiki-platform-web 5 org.apache.tomcat.embed:tomcat-embed-core 5 nodebb 5 ckb 5 org.jeecgframework.boot:jeecg-boot-parent 5 steal 5 org.jenkins-ci.plugins:script-security 5 org.apache.activemq:activemq-client 5 org.xwiki.commons:xwiki-commons-xml 5 zendframework/zendframework 5 Microsoft.ChakraCore 5 shopware/core 5 org.apache.inlong:manager-pojo 5 mercurial 5 django 5 Pillow 5 safe-eval 5 smallvec 4 org.cloudfoundry.identity:cloudfoundry-identity-server 4 pyload-ng 4 contao/contao 4 spree_auth_devise 4 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 4 librenms/librenms 4 contao/core-bundle 4 org.apache.inlong:manager-service 4 hermes-engine 4 org.apache.tapestry:tapestry-core 4 org.eclipse.jetty:jetty-server 4 org.apache.openmeetings:openmeetings-parent 4 PaddlePaddle 4 org.apache.kylin:kylin-server-base 4 code.gitea.io/gitea 4 safer-eval 4 mautic/core 4 swagger-ui 4 calibreweb 4 realms-shim 4 nukeviet/nukeviet 4 Django 4 github.com/hashicorp/vault 4 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 4 prestashop/prestashop 4 github.com/usememos/memos 4 net.opentsdb:opentsdb 4 messagepack-rs 4 openssl-src 4 github.com/argoproj/argo-cd/v2 4 apache-airflow-providers-apache-hive 4 feehi/cms 4 baserproject/basercms 4 nilsteampassnet/teampass 4 org.jeecgframework.boot:jeecg-boot-base-core 4 rubygems-update 3 org.apache.any23:apache-any23 3 org.apache.linkis:linkis 3 github.com/hashicorp/nomad 3 nokogiri 3 @openzeppelin/contracts-upgradeable 3 github.com/dexidp/dex 3 feathers-sequelize 3 org.springframework.security:spring-security-core 3 jsrsasign 3 pimcore/pimcore 3 codeigniter4/framework 3 nvflare 3 zendframework/zendframework1 3 io.dataease:dataease-plugin-common 3 smarty/smarty 3 org.apache.ignite:ignite-core 3 cobbler 3 mongoose 3 github.com/rancher/rancher 3 com.hazelcast:hazelcast 3 edu.stanford.nlp:stanford-corenlp 3 org.jenkins-ci.plugins:active-directory 3 org.apache.logging.log4j:log4j-core 3 org.apache.hadoop:hadoop-common 3 org.apache.inlong:manager-web 3 org.apache.jmeter:ApacheJMeter 3 org.keycloak:keycloak-core 3 craftcms/cms 3 org.xwiki.platform:xwiki-platform-icon-ui 3 io.undertow:undertow-core 3 modoboa 3 ro.pippo:pippo-core 3 com.jflyfox:jflyfox_jfinal 3 showdoc/showdoc 3 symfony/security 3 symfony/security-core 3 com.alibaba:dubbo 3 github.com/pterodactyl/wings 3 publify_core 3 id-map 3 actix-web 3 log4j:log4j 3 slpjs 3 elefant/cms 3 org.apache.ozone:ozone-main 3 codiad/codiad 3 org.xwiki.platform:xwiki-platform-panels-ui 3 phpmailer/phpmailer 3 tribalsystems/zenario 3 org.apache.dolphinscheduler:dolphinscheduler 3 slp-validate 3 francoisjacquet/rosariosis 3 typo3/cms 3 org.xwiki.platform:xwiki-platform-flamingo-theme-ui 3 ray 3 strapi 3 facade/ignition 3 ezsystems/ezplatform-kernel 3 org.jenkins-ci.plugins.workflow:workflow-cps 3 org.xwiki.platform:xwiki-platform-search-ui 3 github.com/go-gitea/gitea 3 handlebars 3 org.apache.storm:storm 3 org.apache.solr:solr-parent 3 browserify-shim 3 impresscms/impresscms 3 org.richfaces:richfaces-core 3 dompdf/dompdf 3 ibexa/core 3 lmdb 3 org.apache.solr:solr-core 3 org.zenframework.z8.dependencies.commons:log4j-1.2.17 3 xcb 3 org.jeecgframework.boot:jeecg-boot-base 3 github.com/sap/cloud-security-client-go 2 org.apache.shiro:shiro-web 2 apache-superset 2 nadesiko3 2 tenvoy 2 org.apache.inlong:manager-dao 2 ghost 2 github.com/crewjam/saml 2 org.springframework.amqp:spring-amqp 2 alextselegidis/easyappointments 2 mathjs 2 org.apache.flume.flume-ng-sources:flume-jms-source 2 llama-index 2 eslint-config-eslint 2 github.com/russellhaering/gosaml2 2 locutus 2 org.apache.derby:derby 2 org.apache.commons:commons-configuration2 2 @sequelize/core 2 graphite-web 2 torchserve 2 traceroute 2 com.hazelcast.jet:hazelcast-jet 2 org.xwiki.platform:xwiki-platform-attachment-ui 2 pidusage 2 llhttp 2
Filter by Repository
https://github.com/xwiki/xwiki-platform 81 https://github.com/FasterXML/jackson-databind 24 https://github.com/jenkinsci/jenkins 17 https://github.com/Dolibarr/dolibarr 15 https://github.com/saltstack/salt 14 https://github.com/apache/airflow 14 https://github.com/mlflow/mlflow 11 https://github.com/PaddlePaddle/Paddle 11 https://github.com/ming-soft/MCMS 10 https://github.com/patriksimek/vm2 10 https://github.com/jeecgboot/jeecg-boot 9 https://github.com/funadmin/funadmin 9 https://github.com/tensorflow/tensorflow 9 https://github.com/apache/inlong 8 https://github.com/top-think/framework 8 https://github.com/django/django 8 https://github.com/magento/magento2 8 https://github.com/ikus060/rdiffweb 8 https://github.com/langchain-ai/langchain 8 https://github.com/ansible/ansible 7 https://github.com/gogs/gogs 7 https://github.com/apache/struts 7 https://github.com/Studio-42/elFinder 7 https://github.com/argoproj/argo-cd 7 https://github.com/rusqlite/rusqlite 7 https://github.com/python-pillow/Pillow 7 https://github.com/sequelize/sequelize 7 https://github.com/go-gitea/gitea 7 https://github.com/parse-community/parse-server 6 https://github.com/answerdev/answer 6 https://github.com/thorsten/phpmyfaq 6 https://github.com/xwiki/xwiki-commons 6 https://github.com/shenzhim/aaptjs 6 https://github.com/shopware/platform 6 https://github.com/symfony/symfony 6 https://github.com/apache/tomcat 5 https://github.com/stealjs/steal 5 https://github.com/apache/activemq 5 https://github.com/nervosnetwork/ckb 5 https://github.com/NodeBB/NodeBB 5 https://github.com/moodle/moodle 5 https://github.com/hacksparrow/safe-eval 5 https://github.com/froxlor/froxlor 5 https://github.com/solidusio/solidus_auth_devise 5 https://github.com/keycloak/keycloak 5 https://github.com/dromara/hutool 4 https://github.com/dompdf/dompdf 4 https://github.com/ezsystems/ezpublish-kernel 4 https://github.com/pippo-java/pippo 4 https://github.com/janeczku/calibre-web 4 https://github.com/otake84/messagepack-rs 4 https://github.com/swagger-api/swagger-ui 4 https://github.com/contao/contao 4 https://github.com/OpenTSDB/opentsdb 4 https://github.com/PrestaShop/PrestaShop 4 https://github.com/CVEProject/cvelist 4 https://github.com/usememos/memos 4 https://github.com/liufee/cms 4 https://github.com/pyload/pyload 4 https://github.com/spring-projects/spring-framework 4 https://github.com/hwchase17/langchain 4 https://github.com/servo/rust-smallvec 4 https://github.com/cloudfoundry/uaa 4 https://github.com/neorazorx/facturascripts 3 https://github.com/github/securitylab 3 https://github.com/dexidp/dex 3 https://github.com/apache/shiro 3 https://github.com/feathersjs-ecosystem/feathers-sequelize 3 https://github.com/baserproject/basercms 3 https://github.com/pterodactyl/wings 3 https://github.com/simpleledger/slpjs 3 https://github.com/phpmyadmin/phpmyadmin 3 https://github.com/smarty-php/smarty 3 https://github.com/cobbler/cobbler 3 https://github.com/opencast/opencast 3 https://github.com/thlorenz/browserify-shim 3 https://github.com/facade/ignition 3 https://github.com/TeamSeri0us/pocs 3 https://github.com/rubygems/rubygems.org 3 https://github.com/facebook/hermes 3 https://github.com/mbechler/marshalsec 3 https://github.com/hazelcast/hazelcast 3 https://github.com/jflyfox/jfinal_cms 3 https://github.com/pimcore/pimcore 3 https://github.com/star7th/showdoc 3 https://github.com/rancher/rancher 3 https://github.com/ImpressCMS/impresscms 3 https://github.com/publify/publify 3 https://github.com/dwisiswant0/advisory 3 https://github.com/centreon/centreon-archived 3 https://github.com/shopware/shopware 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/kjur/jsrsasign 3 https://github.com/chakra-core/ChakraCore 3 https://github.com/dataease/dataease 3 https://github.com/run-llama/llama_index 3 https://github.com/jbroadway/elefant 3 https://github.com/strapi/strapi 3 https://github.com/apache/camel 3 https://github.com/octobercms/october 3 https://github.com/ibexa/core 3 https://github.com/denoland/deno 3 https://github.com/NVIDIA/NVFlare 3 https://github.com/crewjam/saml 3 https://github.com/modoboa/modoboa 3 https://github.com/actix/actix-web 3 https://github.com/PHPMailer/PHPMailer 3 https://github.com/ezsystems/ezplatform-kernel 3 https://github.com/rubygems/rubygems 3 https://github.com/nukeviet/nukeviet 3 https://github.com/twisted/twisted 3 https://github.com/craftcms/cms 3 https://github.com/andrewhickman/id-map 3 https://github.com/pytorch/serve 2 https://github.com/sidorares/node-mysql2 2 https://github.com/javamelody/javamelody 2 https://github.com/Netflix/security-bulletins 2 https://github.com/neo4j-contrib/neo4j-apoc-procedures 2 https://github.com/kubernetes/kubernetes 2 https://github.com/simpleledger/slp-validate.js 2 https://github.com/nodejs/llhttp 2 https://github.com/sjep/array 2 https://github.com/apache/submarine 2 https://github.com/OpenAPITools/openapi-generator 2 https://github.com/drupal/core 2 https://github.com/folio-org/mod-data-export-spring 2 https://github.com/apache/jmeter 2 https://github.com/google/flatbuffers 2 https://github.com/scalyr/scalyr-agent-2 2 https://github.com/IceWhaleTech/CasaOS 2 https://github.com/SAP/cloud-security-client-go 2 https://github.com/intelliants/subrion 2 https://github.com/benbusby/whoogle-search 2 https://github.com/laurent22/joplin 2 https://github.com/js-data/js-data 2 https://github.com/graphite-project/graphite-web 2 https://github.com/quarkusio/quarkus 2 https://github.com/gventuri/pandas-ai 2 https://github.com/dominictarr/event-stream 2 https://github.com/rochacbruno/quokka 2 https://github.com/Microsoft/ChakraCore 2 https://github.com/KnpLabs/snappy 2 https://github.com/gnzlbg/slice_deque 2 https://github.com/ADOdb/ADOdb 2 https://github.com/keystonejs/keystone 2 https://github.com/jfinal/jfinal 2 https://github.com/TribalSystems/Zenario 2 https://github.com/cockpit-hq/cockpit 2 https://github.com/stanfordnlp/corenlp 2 https://github.com/codeigniter4/CodeIgniter4 2 https://github.com/Automattic/mongoose 2 https://github.com/rest-client/rest-client 2 https://github.com/netvl/acc_reader 2 https://github.com/michaelschwarz/Ajax.NET-Professional 2 https://github.com/h2database/h2database 2 https://github.com/handlebars-lang/handlebars.js 2 https://github.com/jenkinsci/semantic-versioning-plugin 2 https://github.com/HtmlUnit/htmlunit 2 https://github.com/hashicorp/vault 2 https://github.com/totaljs/framework 2 https://github.com/noear/solon 2 https://github.com/top-think/thinkphp 2 https://github.com/getgrav/grav 2 https://github.com/web2py/web2py 2 https://github.com/SAP/cloud-pysec 2 https://github.com/nats-io/jwt 2 https://github.com/zoujingli/ThinkAdmin 2 https://github.com/jenkinsci/script-security-plugin 2 https://github.com/qcubed/qcubed 2 https://github.com/nystudio107/craft-seomatic 2 https://github.com/mautic/mautic 2 https://github.com/russellhaering/gosaml2 2 https://github.com/jmrozanec/cron-utils 2 https://github.com/hashicorp/go-getter 2 https://github.com/rubyzip/rubyzip 2 https://github.com/apache/kylin 2 https://github.com/ahdinosaur/set-in 2 https://github.com/waycrate/swhkd 2 https://github.com/ionicabizau/parse-url 2 https://github.com/reem/rust-traitobject 2 https://github.com/actix/actix-net 2 https://github.com/Agoric/realms-shim 2 https://github.com/gofiber/fiber 2 https://github.com/apache/incubator-streampark 2 https://github.com/git-lfs/git-lfs 2 https://github.com/puma/puma 2 https://github.com/skoranga/node-dns-sync 2 https://github.com/nilsteampassnet/teampass 2 https://github.com/evmos/evmos 2 https://github.com/rust-random/rand 2 https://github.com/MrSwitch/hello.js 2 https://github.com/OpenMage/magento-lts 2 https://github.com/ezsystems/ezplatform-admin-ui 2 https://github.com/xwiki/xwiki-rendering 2 https://github.com/grafana/grafana 2 https://github.com/Gerapy/Gerapy 2 https://github.com/Codiad/Codiad 2 https://github.com/moby/buildkit 2 https://github.com/soketi/soketi 2