Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: 12 months ago
GSA_kwCzR0hTQS1qY2htLWZtNHEtYzJmcM4AAzHG
Apache Airflow vulnerable to Privilege Context Switching ErrorEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: 12 months ago
Critical
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: 12 months ago
GSA_kwCzR0hTQS1yM3hjLXByZ3ItbWc5cM4AAzG9
Django bypasses validation when using one form field to upload multiple filesEcosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: 12 months ago
Critical
Ecosystems: packagist
Packages: azuracast/azuracast
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 1 year ago
GSA_kwCzR0hTQS00bTd2LXdyNnYtMm13Nc4AAzGP
AzuraCast missing brute force preventionEcosystems: packagist
Packages: azuracast/azuracast
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 1 year ago
Critical
Ecosystems: maven
Packages: com.ibeetl:beetl
Source: GitHub Advisory Database
Blast Radius: 30.1
Published: about 1 year ago
GSA_kwCzR0hTQS1tNjloLTRmcnEtdndxN84AAzFB
Server-side template injection in beetlEcosystems: maven
Packages: com.ibeetl:beetl
Source: GitHub Advisory Database
Blast Radius: 30.1
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: net.opentsdb:opentsdb
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: about 1 year ago
GSA_kwCzR0hTQS1oNDc1LTd2M2MtMjZxN84AAzEg
Command injection in OpenTSDBEcosystems: maven
Packages: net.opentsdb:opentsdb
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: appium-desktop
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS14cTZqLXg4cHEtZzNncs4AAzDz
appium-desktop OS Command Injection vulnerabilityEcosystems: npm
Packages: appium-desktop
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS04M2ZtLXc3OW0tNjRyNc4AAzCj
Remote file access vulnerability in `mlflow server` and `mlflow ui` CLIsEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: about 1 year ago
GSA_kwCzR0hTQS1wajc2LTc1Y20tMzU1Ms4AAzA1
Concrete CMS (previously concrete5) is vulnerable to possible auth bypass in the jobs sectionEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 1 year ago
GSA_kwCzR0hTQS14NDIyLTZxaHYtcDI5Z84AAzAd
Relative path traversal in mlflowEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: com.jflyfox:jflyfox_jfinal
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
GSA_kwCzR0hTQS04cWhtLWNoOGgteGdqcs4AAy_q
Remote code execution in JFinal CMSEcosystems: maven
Packages: com.jflyfox:jflyfox_jfinal
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: typed-rest-client
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: about 1 year ago
GSA_kwCzR0hTQS01NThwLW0zNG0tdnBtcc4AAy_o
Potential leak of authentication data to 3rd partiesEcosystems: npm
Packages: typed-rest-client
Source: GitHub Advisory Database
Blast Radius: 37.5
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: vconsole
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: about 1 year ago
GSA_kwCzR0hTQS1mNzM3LTNmaDYtamY2d84AAy_R
Prototype Pollution in vConsoleEcosystems: npm
Packages: vconsole
Source: GitHub Advisory Database
Blast Radius: 34.2
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS04ODQ5LWN2OWYtdmNjbc4AAy-9
Access bypass in Drupal coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: tcg/voyager
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: about 1 year ago
GSA_kwCzR0hTQS0yeDNyLTdqZ20tZ2g4eM4AAy--
Remote code execution in VoyagerEcosystems: packagist
Packages: tcg/voyager
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: about 1 year ago
Critical
Ecosystems: rubygems, pypi
Packages: sha3, pysha3
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: about 1 year ago
GSA_kwCzR0hTQS02dzRtLTJ4aGctMjY1OM4AAy-v
Buffer overflow in sponge queue functionsEcosystems: rubygems, pypi
Packages: sha3, pysha3
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: prestashop/prestashop
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wMzc5LWN4cWgtcTgyMs4AAy9f
SQL filter bypass leading to arbitrary write requests using "SQL Manager"Ecosystems: packagist
Packages: prestashop/prestashop
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
Critical
Ecosystems: go
Packages: github.com/rancher/rancher
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: about 1 year ago
GSA_kwCzR0hTQS02bTlmLXBqNnctdzg3Z84AAy88
Rancher Webhook is misconfigured during upgrade processEcosystems: go
Packages: github.com/rancher/rancher
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: dawnsparks-node-tesseract
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS04OHFmLTVmM3YtcG02bc4AAy8U
Remote code execution in dawnsparks-node-tesseractEcosystems: npm
Packages: dawnsparks-node-tesseract
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: broccoli-compass
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 1 year ago
GSA_kwCzR0hTQS13cThmLXhtcTMtNXZxOc4AAy8R
Remote code execution in broccoli-compassEcosystems: npm
Packages: broccoli-compass
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: tech.powerjob:powerjob
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1jNm14LTNmajktOWo3cc4AAy69
PowerJob vulnerable to incorrect access controlEcosystems: maven
Packages: tech.powerjob:powerjob
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: about 1 year ago
GSA_kwCzR0hTQS02N21nLWdtOG0tcGg1cs4AAy6n
Improper Authorization in modoboaEcosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-legacy-events-hibernate-ui, org.xwiki.platform:xwiki-platform-distribution-war
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1qZ2c3LXcycmotNThjas4AAy5-
XWiki Platform vulnerable to privilege escalation from view right on XWiki.Notifications.Code.LegacyNotificationAdministrationEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-legacy-events-hibernate-ui, org.xwiki.platform:xwiki-platform-distribution-war
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1qZ3JnLXF2cHAtOXZ3cs4AAy59
XWiki Platform vulnerable to code injection from account through AWM view sheetEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-appwithinminutes-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-async-macro, org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1ncHE1LTdwMzQtdnF4Nc4AAy58
XWiki Platform's async and display macro allow displaying and interacting with any document in restricted modeEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-async-macro, org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-scheduler-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1mYzQyLTV3NTYtcXc3aM4AAy57
XWiki Platform vulnerable to code injection from account through XWiki.SchedulerJobSheetEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-scheduler-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS14NzY0LWZmOHItOWhweM4AAy56
XWiki Platform vulnerable to code injection in display method used in user profilesEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-attachment-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS0zOTg5LTRjNngtNzI1Zs4AAy5z
XWiki Platform vulnerable to privilege escalation from view right on XWiki.AttachmentSelectorEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-attachment-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui, org.xwiki.platform:xwiki-platform-administration, org.xwiki.platform.applications:xwiki-application-administration
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS05ajM2LTNjcDQtcmg0as4AAy5x
XWiki vulnerable to Code Injection in template provider administrationEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui, org.xwiki.platform:xwiki-platform-administration, org.xwiki.platform.applications:xwiki-application-administration
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1oZzV4LTN3M3gtN2c5Ns4AAy5v
xwiki-platform-web-templates vulnerable to Eval InjectionEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-web-templates
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.springframework.boot:spring-boot-actuator-autoconfigure
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: about 1 year ago
GSA_kwCzR0hTQS1nNWgzLXc1NDYtcGo3Zs4AAy5o
Spring Boot Security Bypass with Wildcard Pattern Matching on Cloud FoundryEcosystems: maven
Packages: org.springframework.boot:spring-boot-actuator-autoconfigure
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-xml
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: about 1 year ago
GSA_kwCzR0hTQS14Mzd2LTM2d3YtNnY2aM4AAy5a
Cross-site Scripting in org.xwiki.commons:xwiki-commons-xmlEcosystems: maven
Packages: org.xwiki.commons:xwiki-commons-xml
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: tech.powerjob:powerjob
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS05bWg5LTQ0cTMtdjc5eM4AAy5F
PowerJob vulnerable to remote code executionEcosystems: maven
Packages: tech.powerjob:powerjob
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
GSA_kwCzR0hTQS1jaDNyLWo1eDMtNnEybc4AAy46
vm2 Sandbox Escape vulnerabilityEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: @strapi/plugin-email, @strapi/plugin-users-permissions
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: about 1 year ago
GSA_kwCzR0hTQS0yaDg3LTRxMnctdjRoZs4AAy4o
Strapi plugins vulnerable to Server-Side Template Injection and Remote Code Execution in the Users-Permissions PluginEcosystems: npm
Packages: @strapi/plugin-email, @strapi/plugin-users-permissions
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS00djM4LTk2NGMteGptd84AAy3x
Code injection via unescaped translations in xwiki-platformEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: @nuxtlabs/github-module
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: about 1 year ago
GSA_kwCzR0hTQS1mcDJ3LWc5MmctZmdxNM4AAy0_
@nuxtlabs/github-module made Use of Hard-coded CredentialsEcosystems: npm
Packages: @nuxtlabs/github-module
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.iotdb:iotdb-grafana-connector
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: about 1 year ago
GSA_kwCzR0hTQS1wdmp2LTM4NmYtYzh3aM4AAyz9
Apache IoTDB Grafana Connector vulnerable to Improper AuthenticationEcosystems: maven
Packages: org.apache.iotdb:iotdb-grafana-connector
Source: GitHub Advisory Database
Blast Radius: 18.1
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.spark:spark-core_2.13, org.apache.spark:spark-core_2.12
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
GSA_kwCzR0hTQS0zMjlqLWpmdnItcmhyNs4AAyz5
Apache Spark vulnerable to Improper Privilege ManagementEcosystems: maven
Packages: org.apache.spark:spark-core_2.13, org.apache.spark:spark-core_2.12
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1xd3ZwLWc5ajctMjhmNs4AAyxG
froxlor/froxlor vulnerable to unrestricted upload of file with dangerous typeEcosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
GSA_kwCzR0hTQS14ajcyLXd2ZnYtODk4Nc4AAyu7
vm2 Sandbox Escape vulnerabilityEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-skin-skinx
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1jbXZnLXc3MmotN3BoeM4AAyu3
org.xwiki.platform:xwiki-platform-skin-skinx vulnerable to basic Cross-site Scripting by exploiting JSX or SSX pluginsEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-skin-skinx
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-xwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS12eGY3LW14MjItanIyNM4AAyu4
org.xwiki.platform:xwiki-platform-rendering-xwiki vulnerable to stored cross-site scripting via HTML and raw macroEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-xwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-macro-rss, org.xwiki.platform:xwiki-core-rendering-macro-rss
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1jODg1LTg5ZnctNTVxcs4AAyu1
org.xwiki.platform:xwiki-platform-rendering-macro-rss Cross-site Scripting vulnerabilityEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-rendering-macro-rss, org.xwiki.platform:xwiki-core-rendering-macro-rss
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.commons:xwiki-commons-xml
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: about 1 year ago
GSA_kwCzR0hTQS1tM2pyLWN2aGotZjM1as4AAyu0
org.xwiki.commons:xwiki-commons-xml Cross-site Scripting vulnerabilityEcosystems: maven
Packages: org.xwiki.commons:xwiki-commons-xml
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1yZmg2LW1nNmgtaDY2OM4AAyuy
xwiki-platform-administration-ui vulnerable to privilege escalationEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-administration-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS12cnI4LWZwN2MtN3FncM4AAyuu
org.xwiki.platform:xwiki-platform-flamingo-theme-ui vulnerable to privilege escalationEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1mNHY4LTU4ZjYtbXdqNM4AAyuw
org.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerabilityEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-flamingo-theme-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wd2Z2LTNjdmctOW00Y84AAyux
org.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthorsEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-panels-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1xeDloLWM1djYtZ2hxaM4AAyut
org.xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerabilityEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-panels-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-logging-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS00NjU1LXdoN3YtM3ZtZ84AAyus
org.xwiki.platform:xwiki-platform-logging-ui Eval Injection vulnerabilityEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-logging-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-panels-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1jNWY0LXA1d3YtMjQ3Nc4AAyur
xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerabilityEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-panels-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS13N3Y5LWZjNDktNHFnNM4AAyuq
org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki Eval Injection vulnerabilityEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-notifications-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wOW1qLXY1bWYtbTgyeM4AAyup
org.xwiki.platform:xwiki-platform-notifications-ui Eval Injection vulnerabilityEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-notifications-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS05cGMyLXg5cWYtN2oycc4AAyuo
org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro Eval Injection vulnerabilityEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
GSA_kwCzR0hTQS03OXhmLTY3cjQtcTJqas4AAyqY
safe-eval vulnerable to Sandbox Bypass due to improper input sanitizationEcosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
GSA_kwCzR0hTQS1oY2czLTU2amYteDR2aM4AAyqc
safe-eval vulnerable to Prototype Pollution via the safeEval functionEcosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.linkis:linkis-datasource
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1ycmhmLTMycnEtZjI4aM4AAyo_
Apache Linkis DatasourceManager module has deserialization vulnerabilityEcosystems: maven
Packages: org.apache.linkis:linkis-datasource
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.linkis:linkis-engineconn
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1xbTJoLW03OTktODZyY84AAypA
Apache Linkis JDBC EngineConn has deserialization vulnerabilityEcosystems: maven
Packages: org.apache.linkis:linkis-engineconn
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
GSA_kwCzR0hTQS03anhyLWNnN2YtZ3Bnds4AAyoQ
vm2 vulnerable to sandbox escapeEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: apache-airflow-providers-apache-hive
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: about 1 year ago
GSA_kwCzR0hTQS01Y3ZnLTlwcDUtbXhjas4AAyn2
Apache Airflow Hive Provider vulnerable to code injectionEcosystems: pypi
Packages: apache-airflow-providers-apache-hive
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: com.baomidou:mybatis-plus
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: about 1 year ago
GSA_kwCzR0hTQS0zMnFxLW05ZmgtZjc0d84AAyjb
MyBatis-Plus vulnerable to SQL injection via TenantPluginEcosystems: maven
Packages: com.baomidou:mybatis-plus
Source: GitHub Advisory Database
Blast Radius: 35.9
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: about 1 year ago
GSA_kwCzR0hTQS1mcHJwLXA4NjktdzZxMs4AAyjJ
LangChain vulnerable to code injectionEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
GSA_kwCzR0hTQS1oeDhwLTltNDgtZzc2cs4AAyiO
Ming-Soft MCMS vulnerable to SQL injectionEcosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 1 year ago
Critical
Ecosystems: go
Packages: go.etcd.io/etcd/v3
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: about 1 year ago
GSA_kwCzR0hTQS1nbXBoLXdmN2otOWdjbc4AAyiB
Etcd-io Improper Authentication vulnerabilityEcosystems: go
Packages: go.etcd.io/etcd/v3
Source: GitHub Advisory Database
Blast Radius: 31.0
Published: about 1 year ago
Critical
Ecosystems: go
Packages: github.com/sjqzhang/go-fastdfs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS14cTN4LWdycmotZmo2eM4AAyf6
sjqzhang go-fastdfs vulnerable to path traversalEcosystems: go
Packages: github.com/sjqzhang/go-fastdfs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.openapitools:openapi-generator-project
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: about 1 year ago
GSA_kwCzR0hTQS13ZzR3LTVtNXItdzNwOM4AAyfR
OpenAPI Generator vulnerable to Server-Side Request ForgeryEcosystems: maven
Packages: org.openapitools:openapi-generator-project
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS02cmZ2LWg1djgtY2o3Z84AAyfK
jeecg-boot vulnerable to improper authenticationEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS0yM3hmLTU1MzUtNjJ2Nc4AAyeJ
jeecg-boot vulnerable to SQL injectionEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-parent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: fish.payara.server:payara-aggregator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS14YzkzLTU4N2ctbXhtN84AAyd0
Payara Server allows remote attackers to load malicious code on the server once a JNDI directory scan is performedEcosystems: maven
Packages: fish.payara.server:payara-aggregator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: farm-haystack
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: about 1 year ago
GSA_kwCzR0hTQS13N3FnLWo0MzUtNzhxd84AAydg
Use of hard-coded, security-relevant constants in deepset-ai/haystackEcosystems: pypi
Packages: farm-haystack
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.openmeetings:openmeetings-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS0zcjQ4LTNtOHItNHI5d84AAyX0
Apache OpenMeetings missing authentication and can allow user impersonationEcosystems: maven
Packages: org.apache.openmeetings:openmeetings-parent
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.springframework:spring
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: about 1 year ago
GSA_kwCzR0hTQS03cGh3LWN4eDctcTl2cc4AAyW3
Spring Framework is vulnerable to security bypass via mvcRequestMatcher pattern mismatchEcosystems: maven
Packages: org.springframework:spring
Source: GitHub Advisory Database
Blast Radius: 35.4
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: angular-server-side-configuration
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: about 1 year ago
GSA_kwCzR0hTQS1nd3ZtLXZycDQtNHBwNc4AAyUN
angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backendEcosystems: npm
Packages: angular-server-side-configuration
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: about 1 year ago
GSA_kwCzR0hTQS14ZzczLTk0ZnAtZzQ0Oc4AAyUH
mlflow is vulnerable to remote file access in `mlflow server` and `mlflow ui` CLIsEcosystems: pypi
Packages: mlflow
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 47.7
Published: about 1 year ago
GSA_kwCzR0hTQS1ndzk3LWZmN2MtOXY5Ns4AAyT8
TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operationEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 47.7
Published: about 1 year ago
Critical
Ecosystems: cargo
Packages: deno_runtime, serde_v8, Deno
Source: GitHub Advisory Database
Blast Radius: 25.5
Published: about 1 year ago
GSA_kwCzR0hTQS1jMjV4LWNtOXgtcXFneM4AAyRG
Deno improperly handles resizable ArrayBufferEcosystems: cargo
Packages: deno_runtime, serde_v8, Deno
Source: GitHub Advisory Database
Blast Radius: 25.5
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 1 year ago
GSA_kwCzR0hTQS1xMngzLTJmOWctaDU1Oc4AAyQm
Moodle's Mustache pix helper contained a potential Mustache injection risk if combined with user inputEcosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 year ago
GSA_kwCzR0hTQS1tZnZnLXF3Y3ctcXZjOM4AAyQi
baserCMS allows any file to be uploadedEcosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 year ago
GSA_kwCzR0hTQS1oNGNjLWZ4cHAtcGd3Oc4AAyQh
baserCMS File Uploader Remote Code Execution (RCE) vulnerabilityEcosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: code-server
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: about 1 year ago
GSA_kwCzR0hTQS1mcmpnLWc3NjctNzM2M84AAyPi
code-server vulnerable to Missing Origin Validation in WebSocketsEcosystems: npm
Packages: code-server
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: weixin-python
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: about 1 year ago
GSA_kwCzR0hTQS1oMzg0LXBoNzctMzY5Oc4AAyNT
weixin-python XML External Entity vulnerabilityEcosystems: pypi
Packages: weixin-python
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: about 1 year ago
Critical
Ecosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1od2o3LWZyZ2otNzgyOc4AAyM1
Answer vulnerable to Authentication Bypass by Capture-replayEcosystems: go
Packages: github.com/answerdev/answer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: pypi
Packages: CairoSVG
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: about 1 year ago
GSA_kwCzR0hTQS1yd21mLXc2M2otcDdnds4AAyMj
CairoSVG improperly processes SVG files loaded from external resourcesEcosystems: pypi
Packages: CairoSVG
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: about 1 year ago
Critical
Ecosystems: go
Packages: github.com/ansible-semaphore/semaphore
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wbWhnLWNtamMtMzg3Nc4AAyLV
Ansible Semaphore mishandles authenticationEcosystems: go
Packages: github.com/ansible-semaphore/semaphore
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: knplabs/knp-snappy
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 1 year ago
GSA_kwCzR0hTQS1ncTZ3LXE2d2gtamdnY84AAyLG
PHAR deserialization allowing remote code executionEcosystems: packagist
Packages: knplabs/knp-snappy
Source: GitHub Advisory Database
Blast Radius: 32.6
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: about 1 year ago
GSA_kwCzR0hTQS1qNzJmLTRoZ3AtM213Y84AAyKu
jeecg-boot SQL Injection vulnerabilityEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-boot-common
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: about 1 year ago
Critical
Ecosystems: go
Packages: github.com/foxcpp/maddy
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: about 1 year ago
GSA_kwCzR0hTQS00Zzc2LXczeHctMng2d84AAyGN
Full authentication bypass if SASL authorization username is specifiedEcosystems: go
Packages: github.com/foxcpp/maddy
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: webpack
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: about 1 year ago
GSA_kwCzR0hTQS1oYzZxLTJtcHAtcXc3as4AAyD3
Cross-realm object access in Webpack 5Ecosystems: npm
Packages: webpack
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: about 1 year ago
GSA_kwCzR0hTQS1oNXYyLXdyaHAtNXYzNc4AAyDv
Access control issue in ezsystems/ezpublish-kernelEcosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: @stoqey/gnuplot
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS03OTV3LTc0MjYtbTk0as4AAyCB
stoqey/gnuplot is vulnerable to command injectionEcosystems: npm
Packages: @stoqey/gnuplot
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1qeDJ4LWZnOXAtN2djN84AAyBw
Funadmin vulnerable to SQL injectionEcosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1qODN4LXI5cXEtOWc0ds4AAyBh
Froxlor is vulnerable to authentication bypassEcosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: node-bluetooth
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 1 year ago
GSA_kwCzR0hTQS1jeHgzLTM2cWMtbTZxbc4AAyAl
node-bluetooth is vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validationEcosystems: npm
Packages: node-bluetooth
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: node-bluetooth-serial-port
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS05amgzLTRwYzktaHEyOc4AAyAn
node-bluetooth-serial-port is vulnerable to Buffer Overflow via the findSerialPortChannelEcosystems: npm
Packages: node-bluetooth-serial-port
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wdnA2LTUzcjktOHZ4aM4AAyAe
SQL Injection in FunadminEcosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: npm
Packages: @builder.io/qwik
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: about 1 year ago
GSA_kwCzR0hTQS05d2Y5LXF2dnAtMjkyOc4AAyAc
builderio/qwik is vulnerable to code injectionEcosystems: npm
Packages: @builder.io/qwik
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: about 1 year ago
Critical
Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: about 1 year ago
GSA_kwCzR0hTQS1mZjRwLTd4cnEtcTVyOM4AAyAY
wasmtime vulnerable to guest-controlled out-of-bounds read/write on x86_64Ecosystems: cargo
Packages: cranelift-codegen, wasmtime
Source: GitHub Advisory Database
Blast Radius: 35.3
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1xaHE4LTJmM20tZ3h2cM4AAyAP
SQL Injection in FunadminEcosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1tOHdmLXdtd2gtancybc4AAyAI
SQL Injection in FunadminEcosystems: packagist
Packages: funadmin/funadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-panels-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS1xeGpnLWpoZ3ctcWhyds4AAyAC
org.xwiki.platform:xwiki-platform-panels-ui vulnerable to Eval InjectionEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-panels-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Statistics
Advisories: 18,369
Packages: 8,294
Repositories: 1,289
Ecosystems: 12
Packages: 8,294
Repositories: 1,289
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
27
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
net.mingsoft:ms-mcms
18
org.jenkins-ci.main:jenkins-core
18
salt
16
moodle/moodle
15
topthink/framework
13
com.liferay.portal:release.portal.bom
13
langchain
12
drupal/core
12
com.liferay.portal:release.dxp.bom
12
org.apache.dubbo:dubbo
12
mlflow
12
magento/core
11
org.apache.struts:struts2-core
11
apache-airflow
10
vm2
10
tensorflow
9
org.xwiki.platform:xwiki-platform-oldcore
9
phpmyadmin/phpmyadmin
9
funadmin/funadmin
9
tensorflow-gpu
8
tensorflow-cpu
8
drupal/drupal
8
org.jeecgframework.boot:jeecg-boot-common
8
shopware/platform
8
rdiffweb
8
paddlepaddle
8
org.xwiki.platform:xwiki-platform-web-templates
8
ansible
7
froxlor/froxlor
7
rusqlite
7
studio-42/elfinder
7
org.xwiki.platform:xwiki-platform-administration-ui
7
sequelize
7
gogs.io/gogs
7
symfony/symfony
7
aaptjs
6
thorsten/phpmyfaq
6
parse-server
6
ezsystems/ezpublish-kernel
6
github.com/argoproj/argo-cd
6
github.com/answerdev/answer
6
org.apache.activemq:activemq-client
5
org.jeecgframework.boot:jeecg-boot-parent
5
ckb
5
nodebb
5
org.apache.tomcat.embed:tomcat-embed-core
5
org.jenkins-ci.plugins:script-security
5
steal
5
mercurial
5
centreon/centreon
5
zendframework/zendframework
5
org.xwiki.commons:xwiki-commons-xml
5
org.xwiki.platform:xwiki-platform-web
5
django
5
Microsoft.ChakraCore
5
shopware/core
5
org.apache.inlong:manager-pojo
5
safe-eval
5
Pillow
5
org.apache.shiro:shiro-core
5
org.apache.tapestry:tapestry-core
4
org.eclipse.jetty:jetty-server
4
smallvec
4
hermes-engine
4
pyload-ng
4
spree_auth_devise
4
contao/contao
4
librenms/librenms
4
PaddlePaddle
4
code.gitea.io/gitea
4
safer-eval
4
org.cloudfoundry.identity:cloudfoundry-identity-server
4
realms-shim
4
nukeviet/nukeviet
4
org.apache.openmeetings:openmeetings-parent
4
github.com/hashicorp/vault
4
baserproject/basercms
4
Django
4
calibreweb
4
mautic/core
4
swagger-ui
4
org.apache.inlong:manager-service
4
org.apache.kylin:kylin-server-base
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
github.com/usememos/memos
4
prestashop/prestashop
4
net.opentsdb:opentsdb
4
github.com/argoproj/argo-cd/v2
4
feehi/cms
4
messagepack-rs
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
apache-airflow-providers-apache-hive
4
openssl-src
4
org.jeecgframework.boot:jeecg-boot-base-core
4
nilsteampassnet/teampass
4
contao/core-bundle
4
github.com/pterodactyl/wings
3
rubygems-update
3
github.com/hashicorp/nomad
3
org.apache.any23:apache-any23
3
org.apache.ignite:ignite-core
3
org.apache.linkis:linkis
3
github.com/dexidp/dex
3
org.springframework.security:spring-security-core
3
nokogiri
3
@openzeppelin/contracts-upgradeable
3
codeigniter4/framework
3
io.dataease:dataease-plugin-common
3
feathers-sequelize
3
cobbler
3
zendframework/zendframework1
3
mongoose
3
nvflare
3
com.hazelcast:hazelcast
3
edu.stanford.nlp:stanford-corenlp
3
github.com/rancher/rancher
3
org.apache.inlong:manager-web
3
org.jenkins-ci.plugins:active-directory
3
org.apache.logging.log4j:log4j-core
3
org.apache.hadoop:hadoop-common
3
modoboa
3
org.apache.jmeter:ApacheJMeter
3
craftcms/cms
3
org.keycloak:keycloak-core
3
org.xwiki.platform:xwiki-platform-icon-ui
3
pimcore/pimcore
3
ro.pippo:pippo-core
3
io.undertow:undertow-core
3
showdoc/showdoc
3
symfony/security
3
symfony/security-core
3
com.jflyfox:jflyfox_jfinal
3
com.alibaba:dubbo
3
ezsystems/ezplatform-kernel
3
smarty/smarty
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
codiad/codiad
3
log4j:log4j
3
tribalsystems/zenario
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
org.apache.ozone:ozone-main
3
phpmailer/phpmailer
3
org.apache.dolphinscheduler:dolphinscheduler
3
org.xwiki.platform:xwiki-platform-panels-ui
3
ray
3
francoisjacquet/rosariosis
3
strapi
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
org.jeecgframework.boot:jeecg-boot-base
3
slp-validate
3
typo3/cms
3
facade/ignition
3
id-map
3
elefant/cms
3
impresscms/impresscms
3
handlebars
3
github.com/go-gitea/gitea
3
browserify-shim
3
org.xwiki.platform:xwiki-platform-search-ui
3
org.apache.storm:storm
3
dompdf/dompdf
3
org.apache.solr:solr-parent
3
org.richfaces:richfaces-core
3
ibexa/core
3
actix-web
3
lmdb
3
org.apache.solr:solr-core
3
jsrsasign
3
slpjs
3
publify_core
3
xcb
3
github.com/crewjam/saml
2
locutus
2
org.apache.shiro:shiro-web
2
tenvoy
2
org.apache.flume.flume-ng-sources:flume-jms-source
2
org.apache.derby:derby
2
org.apache.inlong:manager-dao
2
mathjs
2
github.com/sap/cloud-security-client-go
2
eslint-config-eslint
2
github.com/russellhaering/gosaml2
2
ghost
2
alextselegidis/easyappointments
2
org.springframework.amqp:spring-amqp
2
nadesiko3
2
apache-superset
2
org.apache.commons:commons-configuration2
2
llama-index
2
org.xwiki.platform:xwiki-platform-notifications-ui
2
traceroute
2
graphite-web
2
torchserve
2
com.hazelcast.jet:hazelcast-jet
2
org.xwiki.platform:xwiki-platform-attachment-ui
2
pidusage
2
org.xwiki.platform:xwiki-platform-invitation-ui
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/saltstack/salt
14
https://github.com/apache/airflow
14
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/top-think/framework
9
https://github.com/funadmin/funadmin
9
https://github.com/tensorflow/tensorflow
9
https://github.com/apache/inlong
8
https://github.com/django/django
8
https://github.com/magento/magento2
8
https://github.com/ikus060/rdiffweb
8
https://github.com/langchain-ai/langchain
8
https://github.com/ansible/ansible
7
https://github.com/gogs/gogs
7
https://github.com/apache/struts
7
https://github.com/Studio-42/elFinder
7
https://github.com/argoproj/argo-cd
7
https://github.com/rusqlite/rusqlite
7
https://github.com/python-pillow/Pillow
7
https://github.com/sequelize/sequelize
7
https://github.com/go-gitea/gitea
7
https://github.com/parse-community/parse-server
6
https://github.com/answerdev/answer
6
https://github.com/thorsten/phpmyfaq
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/shenzhim/aaptjs
6
https://github.com/shopware/platform
6
https://github.com/symfony/symfony
6
https://github.com/apache/tomcat
5
https://github.com/stealjs/steal
5
https://github.com/apache/activemq
5
https://github.com/nervosnetwork/ckb
5
https://github.com/NodeBB/NodeBB
5
https://github.com/moodle/moodle
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/froxlor/froxlor
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/keycloak/keycloak
5
https://github.com/dromara/hutool
4
https://github.com/dompdf/dompdf
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/pippo-java/pippo
4
https://github.com/janeczku/calibre-web
4
https://github.com/otake84/messagepack-rs
4
https://github.com/swagger-api/swagger-ui
4
https://github.com/contao/contao
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/PrestaShop/PrestaShop
4
https://github.com/CVEProject/cvelist
4
https://github.com/usememos/memos
4
https://github.com/liufee/cms
4
https://github.com/pyload/pyload
4
https://github.com/spring-projects/spring-framework
4
https://github.com/hwchase17/langchain
4
https://github.com/servo/rust-smallvec
4
https://github.com/cloudfoundry/uaa
4
https://github.com/neorazorx/facturascripts
3
https://github.com/github/securitylab
3
https://github.com/dexidp/dex
3
https://github.com/apache/shiro
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/baserproject/basercms
3
https://github.com/pterodactyl/wings
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/smarty-php/smarty
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/facade/ignition
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/rubygems/rubygems.org
3
https://github.com/facebook/hermes
3
https://github.com/mbechler/marshalsec
3
https://github.com/hazelcast/hazelcast
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/pimcore/pimcore
3
https://github.com/star7th/showdoc
3
https://github.com/rancher/rancher
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/publify/publify
3
https://github.com/dwisiswant0/advisory
3
https://github.com/centreon/centreon-archived
3
https://github.com/shopware/shopware
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/kjur/jsrsasign
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/apache/camel
3
https://github.com/octobercms/october
3
https://github.com/ibexa/core
3
https://github.com/denoland/deno
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/crewjam/saml
3
https://github.com/modoboa/modoboa
3
https://github.com/actix/actix-web
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/rubygems/rubygems
3
https://github.com/nukeviet/nukeviet
3
https://github.com/twisted/twisted
3
https://github.com/craftcms/cms
3
https://github.com/andrewhickman/id-map
3
https://github.com/pytorch/serve
2
https://github.com/sidorares/node-mysql2
2
https://github.com/javamelody/javamelody
2
https://github.com/Netflix/security-bulletins
2
https://github.com/neo4j-contrib/neo4j-apoc-procedures
2
https://github.com/kubernetes/kubernetes
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/nodejs/llhttp
2
https://github.com/sjep/array
2
https://github.com/apache/submarine
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/drupal/core
2
https://github.com/folio-org/mod-data-export-spring
2
https://github.com/apache/jmeter
2
https://github.com/google/flatbuffers
2
https://github.com/scalyr/scalyr-agent-2
2
https://github.com/IceWhaleTech/CasaOS
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/intelliants/subrion
2
https://github.com/benbusby/whoogle-search
2
https://github.com/laurent22/joplin
2
https://github.com/js-data/js-data
2
https://github.com/graphite-project/graphite-web
2
https://github.com/quarkusio/quarkus
2
https://github.com/gventuri/pandas-ai
2
https://github.com/dominictarr/event-stream
2
https://github.com/rochacbruno/quokka
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/KnpLabs/snappy
2
https://github.com/gnzlbg/slice_deque
2
https://github.com/ADOdb/ADOdb
2
https://github.com/keystonejs/keystone
2
https://github.com/jfinal/jfinal
2
https://github.com/TribalSystems/Zenario
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/codeigniter4/CodeIgniter4
2
https://github.com/Automattic/mongoose
2
https://github.com/rest-client/rest-client
2
https://github.com/netvl/acc_reader
2
https://github.com/michaelschwarz/Ajax.NET-Professional
2
https://github.com/h2database/h2database
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/hashicorp/vault
2
https://github.com/totaljs/framework
2
https://github.com/noear/solon
2
https://github.com/top-think/thinkphp
2
https://github.com/getgrav/grav
2
https://github.com/web2py/web2py
2
https://github.com/SAP/cloud-pysec
2
https://github.com/nats-io/jwt
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/jenkinsci/script-security-plugin
2
https://github.com/qcubed/qcubed
2
https://github.com/nystudio107/craft-seomatic
2
https://github.com/mautic/mautic
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jmrozanec/cron-utils
2
https://github.com/hashicorp/go-getter
2
https://github.com/rubyzip/rubyzip
2
https://github.com/apache/kylin
2
https://github.com/ahdinosaur/set-in
2
https://github.com/waycrate/swhkd
2
https://github.com/ionicabizau/parse-url
2
https://github.com/reem/rust-traitobject
2
https://github.com/actix/actix-net
2
https://github.com/Agoric/realms-shim
2
https://github.com/gofiber/fiber
2
https://github.com/apache/incubator-streampark
2
https://github.com/git-lfs/git-lfs
2
https://github.com/puma/puma
2
https://github.com/skoranga/node-dns-sync
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/evmos/evmos
2
https://github.com/rust-random/rand
2
https://github.com/MrSwitch/hello.js
2
https://github.com/OpenMage/magento-lts
2
https://github.com/ezsystems/ezplatform-admin-ui
2
https://github.com/xwiki/xwiki-rendering
2
https://github.com/grafana/grafana
2
https://github.com/Gerapy/Gerapy
2
https://github.com/Codiad/Codiad
2
https://github.com/moby/buildkit
2
https://github.com/soketi/soketi
2