Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Critical Security Advisories
Loading...
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:semantic-versioning-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oOHA4LTYzNzgtNjQ5cM4AAxJ1
XML external entity reference vulnerability on agents in Jenkins Semantic Versioning PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:semantic-versioning-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.jvnet.hudson.plugins:mstest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zcHByLTcyeDUteDY3cc4AAxKF
XML external entity vulnerability on agents in Jenkins MSTest PluginEcosystems: maven
Packages: org.jvnet.hudson.plugins:mstest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:keycloak
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS05OTYzLWdtaDgtdnZtNs4AAxJN
Session fixation vulnerability in Jenkins Keycloak Authentication PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:keycloak
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:semantic-versioning-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wY2MyLXc2bTgteDV3NM4AAxJ6
Agent-to-controller security bypass in Jenkins Semantic Versioning PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:semantic-versioning-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.jenkins-ci.plugins:TestComplete
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1nNW1qLWMyNmctdm1wbc4AAxJx
XML Entity Expansion in Jenkins TestComplete support PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:TestComplete
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 1 year ago
GSA_kwCzR0hTQS1xOWhyLWo0cmYtOGZqY84AAxJD
JWT audience claim is not verifiedEcosystems: go
Packages: github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: ca.uhn.hapi.fhir:org.hl7.fhir.validation, ca.uhn.hapi.fhir:org.hl7.fhir.utilities, ca.uhn.hapi.fhir:org.hl7.fhir.r5, ca.uhn.hapi.fhir:org.hl7.fhir.r4b, ca.uhn.hapi.fhir:org.hl7.fhir.convertors, ca.uhn.hapi.fhir:org.hl7.fhir.core
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: over 1 year ago
GSA_kwCzR0hTQS1qcWg2LTk1NzQtNXgyMs4AAxIl
MITM based Zip Slip in `ca.uhn.hapi.fhir:org.hl7.fhir.core`Ecosystems: maven
Packages: ca.uhn.hapi.fhir:org.hl7.fhir.validation, ca.uhn.hapi.fhir:org.hl7.fhir.utilities, ca.uhn.hapi.fhir:org.hl7.fhir.r5, ca.uhn.hapi.fhir:org.hl7.fhir.r4b, ca.uhn.hapi.fhir:org.hl7.fhir.convertors, ca.uhn.hapi.fhir:org.hl7.fhir.core
Source: GitHub Advisory Database
Blast Radius: 17.3
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.hl7.fhir.publisher:org.hl7.fhir.publisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS14cjh4LXB4bTYtcHJqZ84AAxIj
MITM based Zip Slip in `org.hl7.fhir.publisher:org.hl7.fhir.publisher`Ecosystems: maven
Packages: org.hl7.fhir.publisher:org.hl7.fhir.publisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS02am14LXB2Nzctd201d84AAxHU
Excessive Attack Surface in pyload-ngEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: apache-airflow-providers-mysql, apache-airflow
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: over 1 year ago
GSA_kwCzR0hTQS1jNzMyLXh2djgtZzk0Y84AAxHL
Command Injection in Apache Airflow and Apache Airflow MySQL ProviderEcosystems: pypi
Packages: apache-airflow-providers-mysql, apache-airflow
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: electerm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS14NzN3LWc4aHgtdjdycM4AAxGk
Code injection in electermEcosystems: npm
Packages: electerm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: xpressengine/xpressengine
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
GSA_kwCzR0hTQS04cjVqLTIyajUtdzRjbc4AAxF5
XpressEngine vulnerable to Unrestricted Upload of File with Dangerous TypeEcosystems: packagist
Packages: xpressengine/xpressengine
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: cakephp/database, cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 1 year ago
GSA_kwCzR0hTQS02ZzhxLXFmcHYtNTd3cM4AAxFy
CakePHP Database\\Query::offset() and limit() methods are vulnerable to SQL injectionEcosystems: packagist
Packages: cakephp/database, cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 36.7
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.jeecgframework.boot:jeecg-module-system, org.jeecgframework.boot:jeecg-boot-base-core
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: over 1 year ago
GSA_kwCzR0hTQS02dzg5LWM2NXctangyY84AAxE2
Jeecg-boot is vulnerable to SQL injectionEcosystems: maven
Packages: org.jeecgframework.boot:jeecg-module-system, org.jeecgframework.boot:jeecg-boot-base-core
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: shopware/core, shopware/platform
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: over 1 year ago
GSA_kwCzR0hTQS05M2N3LWY1amoteDg1d84AAxBk
Shopware vulnerable to Improper Control of Generation of Code in Twig rendered viewsEcosystems: packagist
Packages: shopware/core, shopware/platform
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: liftkit/database
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: over 1 year ago
GSA_kwCzR0hTQS04aGNmLTJtNHYtZjJycc4AAw_o
SQL Injection in liftkit/databaseEcosystems: packagist
Packages: liftkit/database
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: over 1 year ago
Critical
Ecosystems: rubygems
Packages: curupira
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS04NWdmLXdyNjctZjgzd84AAw_f
curupira is vulnerable to SQL injectionEcosystems: rubygems
Packages: curupira
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
GSA_kwCzR0hTQS1nOTJyLTlyeHctY21neM4AAw_S
phpMyFAQ Improper Authentication vulnerabilityEcosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
Critical
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
GSA_kwCzR0hTQS1yYzQyLWpnaGYtdnI4Zs4AAw-0
Integer overflow in publify_coreEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
Critical
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
GSA_kwCzR0hTQS1xM3JtLWY1MjctZ2h4as4AAw-1
Publify Improper Input Validation vulnerabilityEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wZjM4LTVwMjIteDZoNs4AAw-v
Code Injection in pyload-ngEcosystems: pypi
Packages: pyload-ng
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: cargo
Packages: webbrowser
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: over 1 year ago
GSA_kwCzR0hTQS1tNTg5LW12NHEtcDdyas4AAw-I
webbrowser-rs allows attackers to access arbitrary files via supplying a crafted URLEcosystems: cargo
Packages: webbrowser
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: global-modules-path
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 1 year ago
GSA_kwCzR0hTQS12dmozLTg1dmYtZmdtd84AAw93
global-modules-path Command Injection vulnerabilityEcosystems: npm
Packages: global-modules-path
Source: GitHub Advisory Database
Blast Radius: 46.5
Published: over 1 year ago
Critical
Ecosystems: hex
Packages: ecto
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: over 1 year ago
GSA_kwCzR0hTQS00cjJmLTZmbTktMnFnaM4AAw1-
Ecto lacks a protection mechanismEcosystems: hex
Packages: ecto
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: wifey
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS14ajl2LTZxMmYtdnFoeM4AAw0A
wifey vulnerable to Command Injection due to improper input sanitizationEcosystems: npm
Packages: wifey
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: webpa/webpa
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tamd3LWYyYzQtZjhxas4AAwzj
WebPA SQL Injection vulnerabilityEcosystems: packagist
Packages: webpa/webpa
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: ttskch/pagination-service-provider
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS13dzQzLW1jdmgtMzVwNM4AAwzd
PaginationServiceProvider SQL Injection vulnerabilityEcosystems: packagist
Packages: ttskch/pagination-service-provider
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/square/squalor
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
GSA_kwCzR0hTQS0zaGM3LTJ4Y2MtN3A4Zs4AAwzZ
Squalor SQL Injection vulnerabilityEcosystems: go
Packages: github.com/square/squalor
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/elgs/gosqljson
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: over 1 year ago
GSA_kwCzR0hTQS1nN213LTlwZjktcDJwbc4AAwzR
gosqljson SQL Injection vulnerabilityEcosystems: go
Packages: github.com/elgs/gosqljson
Source: GitHub Advisory Database
Blast Radius: 8.3
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: baobab
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 1 year ago
GSA_kwCzR0hTQS13dnIyLXE4Nm0tNndocM4AAwzO
Baobab vulnerable to Prototype PollutionEcosystems: npm
Packages: baobab
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: kelvinmo/simplexrd
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: over 1 year ago
GSA_kwCzR0hTQS1yaDNtLXByMzYteGgyZs4AAwzQ
kelvinmo simplexrd vulnerable to Improper Restriction of XML External Entity ReferenceEcosystems: packagist
Packages: kelvinmo/simplexrd
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: com.anrisoftware.globalpom:globalpomutils
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qanZwLXdmcDgtcnY2Oc4AAwyg
globalpom-utils has Insecure Temporary FileEcosystems: maven
Packages: com.anrisoftware.globalpom:globalpomutils
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: himiklab/yii2-jqgrid-widget
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: over 1 year ago
GSA_kwCzR0hTQS03bWc1LXJ3MzktcTY3Zs4AAwyN
himiklab yii2-jqgrid-widget vulnerable to SQL InjectionEcosystems: packagist
Packages: himiklab/yii2-jqgrid-widget
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/KubeOperator/kubepi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS12amhmLTh2cXgtdnFwcc4AAwyJ
KubePi allows malicious actor to login with a forged JWT token via Hardcoded JwtsigkeysEcosystems: go
Packages: github.com/KubeOperator/kubepi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.xwiki.contrib:application-ckeditor-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS02bWpwLTJybTYtOWc4Nc4AAwyI
XWiki CKEditor.HTMLConverter vulnerable to Remote Code Execution via Cross-Site Request ForgeryEcosystems: maven
Packages: org.xwiki.contrib:application-ckeditor-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: dbrisinajumi/d2files
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
GSA_kwCzR0hTQS02OGh2LTg5MjYtajM0Y84AAwyF
DBRisinajumi d2files SQL Injection vulnerabilityEcosystems: packagist
Packages: dbrisinajumi/d2files
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: nodebatis
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS04cGg4LTlxMmotYzNycc4AAwx-
nodebatis SQL Injection vulnerabilityEcosystems: npm
Packages: nodebatis
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: be.e_contract.dssp:dssp-client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS03N2NjLXczd20tNndocM4AAwyB
dssp vulnerable to Improper Restriction of XML External Entity ReferenceEcosystems: maven
Packages: be.e_contract.dssp:dssp-client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: exec-local-bin
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
GSA_kwCzR0hTQS1mMjU5LWg2bTgtaG04bc4AAwx2
exec-local-bin vulnerable to Command InjectionEcosystems: npm
Packages: exec-local-bin
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.bonitasoft.connectors:bonita-connector-webservice
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS13Zzk5LTV2cngtajJnZ84AAwwt
bonita-connector-webservice XML External Entity vulnerabilityEcosystems: maven
Packages: org.bonitasoft.connectors:bonita-connector-webservice
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: fr.turri:aXMLRPC
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: over 1 year ago
GSA_kwCzR0hTQS1nNHI4LTI4ZnAtZjI1Nc4AAwwx
aXMLRPC XML External Entity vulnerabilityEcosystems: maven
Packages: fr.turri:aXMLRPC
Source: GitHub Advisory Database
Blast Radius: 14.6
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.dolphinscheduler:dolphinscheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zeGg1LThodnEtcmM4eM4AAwvm
Apache DolphinScheduler vulnerable to Improper Input ValidationEcosystems: maven
Packages: org.apache.dolphinscheduler:dolphinscheduler
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.dubbo:dubbo-parent
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
GSA_kwCzR0hTQS1mcHJyLXJybTgtNDUzNM4AAwuU
Apache Dubbo vulnerable to remote code execution via Telnet HandlerEcosystems: maven
Packages: org.apache.dubbo:dubbo-parent
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: nonfiction/nterchange
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jcDJwLTZ4aDQtam1jcM4AAws8
nterchange Code Injection vulnerabilityEcosystems: packagist
Packages: nonfiction/nterchange
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: express-param
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
GSA_kwCzR0hTQS1mcjU0LTcyd3ItY3F2cc4AAwri
express-param vulnerable to Improper Handling of Extra ParametersEcosystems: npm
Packages: express-param
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: arc/web
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
GSA_kwCzR0hTQS1xcjk3LXY4N3AteDk2Nc4AAwrf
Ariadne Component Library vulnerable to Server-Side Request ForgeryEcosystems: packagist
Packages: arc/web
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS04dzVxLTVmcHEtdjRwbc4AAwrb
usememos/memos Cross-site Scripting vulnerabilityEcosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS14OXA5LXYzeDYtNjhtcc4AAwra
usememos/memos vulnerable to Cross-site ScriptingEcosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: mellium.im/sasl
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: over 1 year ago
GSA_kwCzR0hTQS1ndmZqLWZ4eDMtajMyM84AAwrY
mellium.im/sasl authentication failure due to insufficient nonce randomnessEcosystems: go
Packages: mellium.im/sasl
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: com.itextpdf:itext-rups
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qNjlmLWZnaDUtZjdtY84AAwqU
iText RUPS XML External Entity vulnerabilityEcosystems: maven
Packages: com.itextpdf:itext-rups
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.kylin:kylin-server-base
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: over 1 year ago
GSA_kwCzR0hTQS13OXJ2LXhtZjcteDNnaM4AAwqa
Apache Kylin vulnerable to Command injection by Diagnosis ControllerEcosystems: maven
Packages: org.apache.kylin:kylin-server-base
Source: GitHub Advisory Database
Blast Radius: 16.8
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/yi-ge/unzip
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1mNWM1LWhtdzktdjhoeM4AAwoX
Unzip vulnerable to path traversalEcosystems: go
Packages: github.com/yi-ge/unzip
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/ecnepsnai/web
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qcGdnLWNwMngtcXJ3M84AAwoP
ecnepsnai/web vulnerable to Uncontrolled Resource ConsumptionEcosystems: go
Packages: github.com/ecnepsnai/web
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/gorilla/handlers
Source: GitHub Advisory Database
Blast Radius: 44.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qY3I2LW1tamotcGNod84AAwoZ
gorilla/handlers may allow requester to bypass expected behavior of the Same Origin PolicyEcosystems: go
Packages: github.com/gorilla/handlers
Source: GitHub Advisory Database
Blast Radius: 44.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: code.cloudfoundry.org/archiver, github.com/cloudfoundry/archiver
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 1 year ago
GSA_kwCzR0hTQS0zMnFoLTh2ZzYtOWc0M84AAwop
Cloud Foundry Archiver vulnerable to path traversalEcosystems: go
Packages: code.cloudfoundry.org/archiver, github.com/cloudfoundry/archiver
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/Masterminds/goutils
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zODM5LTZyNjktbTQ5N84AAwoN
GoUtils's randomly-generated alphanumeric strings contain significantly less entropy than expectedEcosystems: go
Packages: github.com/Masterminds/goutils
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/whyrusleeping/tar-utils
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 1 year ago
GSA_kwCzR0hTQS1qcGY4LWg3aDctM3Bwbc4AAwoR
tar-utils Path Traversal vulnerabilityEcosystems: go
Packages: github.com/whyrusleeping/tar-utils
Source: GitHub Advisory Database
Blast Radius: 25.4
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/cloudflare/golz4
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: over 1 year ago
GSA_kwCzR0hTQS00d3AyLThybTItamdtaM4AAwoa
LZ4 vulnerable to Out-of-bounds WriteEcosystems: go
Packages: github.com/cloudflare/golz4
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/artdarek/go-unzip
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: over 1 year ago
GSA_kwCzR0hTQS1ybWo5LXE1OGctOXFnZ84AAwoW
go-unzip vulnerable to Path TraversalEcosystems: go
Packages: github.com/artdarek/go-unzip
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/nanobox-io/golang-nanoauth
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1ocm0zLTN4bTYteDMzaM4AAwoO
golang-nanoauth authentication bypass vulnerabilityEcosystems: go
Packages: github.com/nanobox-io/golang-nanoauth
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
GSA_kwCzR0hTQS1tOHI5LXF4eDgtbXJ4cM4AAwnn
rdiffweb Improper Access Control vulnerabilityEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: com.amazonaws:aws-android-sdk-mobile-client
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: over 1 year ago
GSA_kwCzR0hTQS1mNWg5LXF4MzgtMmhncM4AAwnj
AWS SDK is vulnerable to server-side request forgery (SSRF)Ecosystems: maven
Packages: com.amazonaws:aws-android-sdk-mobile-client
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: com.hazelcast:hazelcast-enterprise, com.hazelcast.jet:hazelcast-jet-enterprise, com.hazelcast.jet:hazelcast-jet, com.hazelcast:hazelcast
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: over 1 year ago
GSA_kwCzR0hTQS1jNWhnLW1yOHItZjZqcM4AAwnc
Hazelcast connection cachingEcosystems: maven
Packages: com.hazelcast:hazelcast-enterprise, com.hazelcast.jet:hazelcast-jet-enterprise, com.hazelcast.jet:hazelcast-jet, com.hazelcast:hazelcast
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: json-pointer
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
GSA_kwCzR0hTQS02eHJmLXE5NzctNXZnY84AAwmb
json-pointer vulnerable to Prototype PollutionEcosystems: npm
Packages: json-pointer
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: flat
Source: GitHub Advisory Database
Blast Radius: 55.3
Published: over 1 year ago
GSA_kwCzR0hTQS0yajJ4LTJncHctZzhmbc4AAwl4
flat vulnerable to Prototype PollutionEcosystems: npm
Packages: flat
Source: GitHub Advisory Database
Blast Radius: 55.3
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 1 year ago
GSA_kwCzR0hTQS1wNHFyLXZxMmctMjJ3cM4AAwkn
ThinkPHP Framework vulnerable to remote code executionEcosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS02OGd3LXIyeDUtN3I1cs4AAwkY
usememos/memos Authorization Bypass Through User-Controlled Key vulnerabilityEcosystems: go
Packages: github.com/usememos/memos
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.shardingsphere:shardingsphere-proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS13bXhtLTZ3eGMtM3hxZs4AAwgk
Apache ShardingSphere-Proxy Incomplete Cleanup vulnerabilityEcosystems: maven
Packages: org.apache.shardingsphere:shardingsphere-proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: code.sajari.com/docconv, github.com/sajari/docconv
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: over 1 year ago
GSA_kwCzR0hTQS02bTRoLWhmcHAteDhjeM4AAwgV
docconv OS Command Injection vulnerabilityEcosystems: go
Packages: code.sajari.com/docconv, github.com/sajari/docconv
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.karaf:apache-karaf
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: over 1 year ago
GSA_kwCzR0hTQS1jMnA0LThtdnYtcndtds4AAwel
Apache Karaf vulnerable to potential code injectionEcosystems: maven
Packages: org.apache.karaf:apache-karaf
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: over 1 year ago
GSA_kwCzR0hTQS00dzJqLTJyZzQtNW1qd84AAweA
vm2 vulnerable to Arbitrary Code ExecutionEcosystems: npm
Packages: vm2
Source: GitHub Advisory Database
Blast Radius: 46.2
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: apache-airflow-providers-apache-hive
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: over 1 year ago
GSA_kwCzR0hTQS1yYzU4LXFyOWotY3Bnd84AAwbo
Apache Airflow Hive Provider vulnerable to Command InjectionEcosystems: pypi
Packages: apache-airflow-providers-apache-hive
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: over 1 year ago
GSA_kwCzR0hTQS0zM3ZoLTd4OHEtbWczNc4AAwbl
safe-eval vulnerable to Prototype PollutionEcosystems: npm
Packages: safe-eval
Source: GitHub Advisory Database
Blast Radius: 33.7
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: mgallegos/laravel-jqgrid
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zZmhqLXdwdmoteDV3OM4AAwaM
laravel-jqgrid vulnerable to SQL InjectionEcosystems: packagist
Packages: mgallegos/laravel-jqgrid
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: whois
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: over 1 year ago
GSA_kwCzR0hTQS05N2p2LWMzNDItNXhoY84AAwaR
FurqanSoftware/node-whois vulnerable to Prototype PollutionEcosystems: npm
Packages: whois
Source: GitHub Advisory Database
Blast Radius: 23.5
Published: over 1 year ago
Critical
Ecosystems: nuget
Packages: DNS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1nM3djLXh2OTMtNDQ1cc4AAwZM
DNS NuGet package uses insufficiently random valuesEcosystems: nuget
Packages: DNS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/alist-org/alist/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wbWcyLXJwaDgtcDhyNs4AAwYe
Alist vulnerable to Path TraversalEcosystems: go
Packages: github.com/alist-org/alist/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: replicator
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 1 year ago
GSA_kwCzR0hTQS1odzQ2LXZnNnctODhmas4AAwXM
replicator vulnerable to Deserialization of Untrusted DataEcosystems: npm
Packages: replicator
Source: GitHub Advisory Database
Blast Radius: 34.4
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: rfc6902
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: over 1 year ago
GSA_kwCzR0hTQS1wNDk1LWp4aDItd3JmZ84AAwYT
npm package rfc6902 vulnerable to Prototype PollutionEcosystems: npm
Packages: rfc6902
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: fixpunkt/fp-newsletter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1mNjgzLTM1dzktMjhnNc4AAwWi
Multiple vulnerabilities in extension "Newsletter subscriber management" (fp_newsletter)Ecosystems: packagist
Packages: fixpunkt/fp-newsletter
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: derhansen/fe_change_pwd, typo3/cms
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: over 1 year ago
GSA_kwCzR0hTQS01M21tLWh4MzItNjQ3Nc4AAwWZ
TYPO3 vulnerable to Insufficient Session ExpirationEcosystems: packagist
Packages: derhansen/fe_change_pwd, typo3/cms
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: io.scif:scifio
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jbXdtLTQ1bWotbXBnM84AAwV0
SCIFIO vulnerable to Path TraversalEcosystems: maven
Packages: io.scif:scifio
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: cycle-import-check
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
GSA_kwCzR0hTQS05OTV4LTMzd3EtOGdjOc4AAwVt
cycle-import-check vulnerable to Command InjectionEcosystems: npm
Packages: cycle-import-check
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: over 1 year ago
GSA_kwCzR0hTQS1nOHE4LWZnZ3gtOXIzcc4AAwUa
Keycloak vulnerable to path traversal via double URL encodingEcosystems: maven
Packages: org.keycloak:keycloak-parent
Source: GitHub Advisory Database
Blast Radius: 14.7
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.cxf:cxf-core
Source: GitHub Advisory Database
Blast Radius: 31.7
Published: over 1 year ago
GSA_kwCzR0hTQS14M3gzLXF3anEtOGdqNM4AAwSr
Apache CXF Server-Side Request Forgery vulnerabilityEcosystems: maven
Packages: org.apache.cxf:cxf-core
Source: GitHub Advisory Database
Blast Radius: 31.7
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
GSA_kwCzR0hTQS1nNTk0LTU1bXAtZjZxOM4AAwRe
Improper Privilege Management in rdiffwebEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oYzVnLXhmNjQtajQ5as4AAwOq
Mingsoft MCMS vulnerable to SQL InjectionEcosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: over 1 year ago
GSA_kwCzR0hTQS0yaHZjLWh3ZzMtaHB2d84AAwMf
PaddlePaddle Out-of-bounds Read vulnerabilityEcosystems: pypi
Packages: paddlepaddle
Source: GitHub Advisory Database
Blast Radius: 30.4
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: over 1 year ago
GSA_kwCzR0hTQS1nY2pmLTI5bTktODg4cc4AAwMe
PaddlePaddle vulnerable to Code InjectionEcosystems: pypi
Packages: PaddlePaddle
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: over 1 year ago
Critical
Ecosystems: pypi
Packages: py7zr
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: over 1 year ago
GSA_kwCzR0hTQS1tOHh3LTl4NXgtNnZoM84AAwLr
py7zr directory traversal vulnerabilityEcosystems: pypi
Packages: py7zr
Source: GitHub Advisory Database
Blast Radius: 29.2
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: over 1 year ago
GSA_kwCzR0hTQS1yZjNnLXY4cDUtcDY3Nc4AAwJ4
NodeBB vulnerable to account takeover via prototype vulnerabilityEcosystems: npm
Packages: nodebb
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.camel:camel-ldap
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 1 year ago
GSA_kwCzR0hTQS13NjZqLXhjN3ItbTJqds4AAwJR
camel-ldap component allows LDAP Injection when using the filter optionEcosystems: maven
Packages: org.apache.camel:camel-ldap
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: nadesiko3
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
GSA_kwCzR0hTQS1tOHI1LTd3ZjQtNjNtd84AAwI7
Nadesiko3 OS Command Injection vulnerabilityEcosystems: npm
Packages: nadesiko3
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
Critical
Ecosystems: npm
Packages: nadesiko3
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
GSA_kwCzR0hTQS03MjQ5LTh4MjItNHJnNM4AAwI3
nadesiko3 vulnerable to OS Command InjectionEcosystems: npm
Packages: nadesiko3
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: over 1 year ago
GSA_kwCzR0hTQS12YzM5LXg3dzYtNnZqN84AAwG6
Apache Tapestry allows deserialization of untrusted dataEcosystems: maven
Packages: org.apache.tapestry:tapestry-core
Source: GitHub Advisory Database
Blast Radius: 28.3
Published: over 1 year ago
Critical
Ecosystems: maven
Packages: org.ff4j:ff4j-core
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 1 year ago
GSA_kwCzR0hTQS02NWhqLTlwcHctNzd4Y84AAwGQ
ff4j is vulnerable to Remote Code Execution (RCE)Ecosystems: maven
Packages: org.ff4j:ff4j-core
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: over 1 year ago
Critical
Ecosystems: packagist
Packages: tribalsystems/zenario
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS00cDM4LXJjOTgtY3IzOc4AAwF7
Zenario CMS is vulnerable to Remote Code Execution (RCE).Ecosystems: packagist
Packages: tribalsystems/zenario
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/crewjam/saml
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qMmpwLXd2cWctd2MyZ84AAwFN
crewjam/saml vulnerable to signature bypass via multiple Assertion elements due to improper authenticationEcosystems: go
Packages: github.com/crewjam/saml
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/owncast/owncast
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jdmg0LWNqYzktODRxbc4AAwFH
owncast is vulnerable to SQL InjectionEcosystems: go
Packages: github.com/owncast/owncast
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Critical
Ecosystems: go
Packages: github.com/benc-uk/kubeview
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS0yMnZjLTVwZ3ctNjQ0cc4AAwDN
KubeView vulnerable to full cluster takeover due to improper authenticationEcosystems: go
Packages: github.com/benc-uk/kubeview
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 1,300
Ecosystems: 12
Packages: 8,381
Repositories: 1,300
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
magento/community-edition
34
com.fasterxml.jackson.core:jackson-databind
24
dolibarr/dolibarr
23
org.jenkins-ci.main:jenkins-core
18
net.mingsoft:ms-mcms
18
salt
17
moodle/moodle
15
drupal/core
14
topthink/framework
13
com.liferay.portal:release.portal.bom
13
com.liferay.portal:release.dxp.bom
12
org.apache.dubbo:dubbo
12
langchain
12
mlflow
12
magento/core
11
org.apache.struts:struts2-core
11
apache-airflow
10
vm2
10
drupal/drupal
10
tensorflow
9
phpmyadmin/phpmyadmin
9
org.xwiki.platform:xwiki-platform-oldcore
9
funadmin/funadmin
9
tensorflow-gpu
8
tensorflow-cpu
8
paddlepaddle
8
froxlor/froxlor
8
org.jeecgframework.boot:jeecg-boot-common
8
shopware/platform
8
rdiffweb
8
org.xwiki.platform:xwiki-platform-web-templates
8
rusqlite
7
studio-42/elfinder
7
org.xwiki.platform:xwiki-platform-administration-ui
7
sequelize
7
gogs.io/gogs
7
ansible
7
symfony/symfony
7
thorsten/phpmyfaq
6
github.com/answerdev/answer
6
github.com/argoproj/argo-cd
6
parse-server
6
aaptjs
6
ezsystems/ezpublish-kernel
6
mautic/core
5
Microsoft.ChakraCore
5
django
5
org.jenkins-ci.plugins:script-security
5
org.xwiki.platform:xwiki-platform-web
5
safe-eval
5
org.jeecgframework.boot:jeecg-boot-parent
5
org.apache.inlong:manager-pojo
5
mercurial
5
org.apache.shiro:shiro-core
5
centreon/centreon
5
zendframework/zendframework
5
org.apache.activemq:activemq-client
5
shopware/core
5
prestashop/prestashop
5
ckb
5
steal
5
org.xwiki.commons:xwiki-commons-xml
5
Pillow
5
nodebb
5
org.cloudfoundry.identity:cloudfoundry-identity-server
4
github.com/grafana/grafana
4
nukeviet/nukeviet
4
github.com/argoproj/argo-cd/v2
4
org.apache.kylin:kylin-server-base
4
openssl-src
4
org.apache.tapestry:tapestry-core
4
baserproject/basercms
4
org.xwiki.platform:xwiki-platform-appwithinminutes-ui
4
librenms/librenms
4
pyload-ng
4
apache-airflow-providers-apache-hive
4
PaddlePaddle
4
net.opentsdb:opentsdb
4
feehi/cms
4
calibreweb
4
contao/core-bundle
4
spree_auth_devise
4
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
4
swagger-ui
4
org.apache.tomcat.embed:tomcat-embed-core
4
safer-eval
4
github.com/hashicorp/vault
4
org.eclipse.jetty:jetty-server
4
github.com/usememos/memos
4
code.gitea.io/gitea
4
org.jeecgframework.boot:jeecg-boot-base-core
4
smallvec
4
hermes-engine
4
org.apache.openmeetings:openmeetings-parent
4
messagepack-rs
4
org.apache.inlong:manager-service
4
contao/contao
4
Django
4
realms-shim
4
nilsteampassnet/teampass
4
codeigniter4/framework
3
org.apache.logging.log4j:log4j-core
3
showdoc/showdoc
3
lmdb
3
org.jenkins-ci.plugins:active-directory
3
github.com/dexidp/dex
3
org.xwiki.platform:xwiki-platform-icon-ui
3
zendframework/zendframework1
3
org.apache.storm:storm
3
github.com/rancher/rancher
3
org.xwiki.platform:xwiki-platform-search-ui
3
org.apache.dolphinscheduler:dolphinscheduler
3
typo3/cms
3
org.apache.ignite:ignite-core
3
org.apache.inlong:manager-web
3
com.hazelcast:hazelcast
3
modoboa
3
log4j:log4j
3
org.zenframework.z8.dependencies.commons:log4j-1.2.17
3
id-map
3
tribalsystems/zenario
3
@openzeppelin/contracts-upgradeable
3
pimcore/pimcore
3
org.xwiki.platform:xwiki-platform-panels-ui
3
nvflare
3
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
3
org.jeecgframework.boot:jeecg-boot-base
3
slp-validate
3
org.keycloak:keycloak-core
3
ro.pippo:pippo-core
3
facade/ignition
3
symfony/security
3
edu.stanford.nlp:stanford-corenlp
3
com.jflyfox:jflyfox_jfinal
3
symfony/security-core
3
com.alibaba:dubbo
3
ezsystems/ezplatform-kernel
3
org.apache.hadoop:hadoop-common
3
jsrsasign
3
codeigniter/framework
3
impresscms/impresscms
3
github.com/go-gitea/gitea
3
simplesamlphp/simplesamlphp
3
nokogiri
3
org.apache.any23:apache-any23
3
org.apache.linkis:linkis
3
craftcms/cms
3
handlebars
3
smarty/smarty
3
rubygems-update
3
io.dataease:dataease-plugin-common
3
org.jenkins-ci.plugins.workflow:workflow-cps
3
github.com/pterodactyl/wings
3
org.apache.ozone:ozone-main
3
adodb/adodb-php
3
slpjs
3
strapi
3
cobbler
3
dompdf/dompdf
3
org.springframework.security:spring-security-core
3
browserify-shim
3
org.apache.jmeter:ApacheJMeter
3
actix-web
3
ibexa/core
3
mongoose
3
io.undertow:undertow-core
3
org.apache.solr:solr-parent
3
xcb
3
phpmailer/phpmailer
3
org.apache.solr:solr-core
3
elefant/cms
3
org.richfaces:richfaces-core
3
francoisjacquet/rosariosis
3
ray
3
github.com/hashicorp/nomad
3
publify_core
3
feathers-sequelize
3
codiad/codiad
3
alextselegidis/easyappointments
2
eslint-config-eslint
2
github.com/beego/beego
2
github.com/beego/beego/v2
2
mysql2
2
org.xwiki.platform:xwiki-platform-attachment-ui
2
org.apache.flume.flume-ng-sources:flume-jms-source
2
llama-index
2
Radicale
2
github.com/russellhaering/gosaml2
2
laravel/framework
2
org.keycloak:keycloak-services
2
com.hazelcast.jet:hazelcast-jet
2
org.apache.derby:derby
2
cn.hutool:hutool-all
2
org.apache.inlong:manager-dao
2
@keystone-6/core
2
joplin
2
ctx
2
org.xwiki.platform:xwiki-platform-administration
2
org.xwiki.platform:xwiki-platform-distribution-war
2
org.jenkins-ci.plugins:semantic-versioning-plugin
2
Filter by Repository
https://github.com/xwiki/xwiki-platform
81
https://github.com/FasterXML/jackson-databind
24
https://github.com/jenkinsci/jenkins
17
https://github.com/Dolibarr/dolibarr
15
https://github.com/apache/airflow
14
https://github.com/saltstack/salt
14
https://github.com/mlflow/mlflow
11
https://github.com/PaddlePaddle/Paddle
11
https://github.com/ming-soft/MCMS
10
https://github.com/patriksimek/vm2
10
https://github.com/funadmin/funadmin
9
https://github.com/jeecgboot/jeecg-boot
9
https://github.com/tensorflow/tensorflow
9
https://github.com/django/django
9
https://github.com/top-think/framework
9
https://github.com/langchain-ai/langchain
8
https://github.com/magento/magento2
8
https://github.com/ikus060/rdiffweb
8
https://github.com/apache/inlong
8
https://github.com/argoproj/argo-cd
7
https://github.com/Studio-42/elFinder
7
https://github.com/python-pillow/Pillow
7
https://github.com/gogs/gogs
7
https://github.com/go-gitea/gitea
7
https://github.com/ansible/ansible
7
https://github.com/sequelize/sequelize
7
https://github.com/rusqlite/rusqlite
7
https://github.com/apache/struts
7
https://github.com/thorsten/phpmyfaq
6
https://github.com/shopware/platform
6
https://github.com/shenzhim/aaptjs
6
https://github.com/parse-community/parse-server
6
https://github.com/symfony/symfony
6
https://github.com/xwiki/xwiki-commons
6
https://github.com/answerdev/answer
6
https://github.com/apache/tomcat
5
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/PrestaShop/PrestaShop
5
https://github.com/nervosnetwork/ckb
5
https://github.com/froxlor/froxlor
5
https://github.com/NodeBB/NodeBB
5
https://github.com/apache/activemq
5
https://github.com/dromara/hutool
5
https://github.com/keycloak/keycloak
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/moodle/moodle
5
https://github.com/stealjs/steal
5
https://github.com/swagger-api/swagger-ui
4
https://github.com/hwchase17/langchain
4
https://github.com/OpenTSDB/opentsdb
4
https://github.com/janeczku/calibre-web
4
https://github.com/otake84/messagepack-rs
4
https://github.com/cloudfoundry/uaa
4
https://github.com/pippo-java/pippo
4
https://github.com/usememos/memos
4
https://github.com/contao/contao
4
https://github.com/dompdf/dompdf
4
https://github.com/spring-projects/spring-framework
4
https://github.com/ezsystems/ezpublish-kernel
4
https://github.com/servo/rust-smallvec
4
https://github.com/grafana/grafana
4
https://github.com/liufee/cms
4
https://github.com/pyload/pyload
4
https://github.com/CVEProject/cvelist
4
https://github.com/centreon/centreon-archived
3
https://github.com/shopware/shopware
3
https://github.com/modoboa/modoboa
3
https://github.com/PHPMailer/PHPMailer
3
https://github.com/publify/publify
3
https://github.com/facade/ignition
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/ImpressCMS/impresscms
3
https://github.com/star7th/showdoc
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/cobbler/cobbler
3
https://github.com/opencast/opencast
3
https://github.com/pimcore/pimcore
3
https://github.com/smarty-php/smarty
3
https://github.com/rancher/rancher
3
https://github.com/facebook/hermes
3
https://github.com/craftcms/cms
3
https://github.com/nukeviet/nukeviet
3
https://github.com/ezsystems/ezplatform-kernel
3
https://github.com/hazelcast/hazelcast
3
https://github.com/jflyfox/jfinal_cms
3
https://github.com/simpleledger/slpjs
3
https://github.com/phpmyadmin/phpmyadmin
3
https://github.com/crewjam/saml
3
https://github.com/chakra-core/ChakraCore
3
https://github.com/dataease/dataease
3
https://github.com/NVIDIA/NVFlare
3
https://github.com/ibexa/core
3
https://github.com/ADOdb/ADOdb
3
https://github.com/rubygems/rubygems.org
3
https://github.com/andrewhickman/id-map
3
https://github.com/rubygems/rubygems
3
https://github.com/twisted/twisted
3
https://github.com/apache/camel
3
https://github.com/actix/actix-web
3
https://github.com/pterodactyl/wings
3
https://github.com/dwisiswant0/advisory
3
https://github.com/run-llama/llama_index
3
https://github.com/jbroadway/elefant
3
https://github.com/strapi/strapi
3
https://github.com/octobercms/october
3
https://github.com/denoland/deno
3
https://github.com/mautic/mautic
3
https://github.com/TeamSeri0us/pocs
3
https://github.com/github/securitylab
3
https://github.com/baserproject/basercms
3
https://github.com/dexidp/dex
3
https://github.com/LetianYuan/My-CVE-Public-References
3
https://github.com/neorazorx/facturascripts
3
https://github.com/apache/shiro
3
https://github.com/kjur/jsrsasign
3
https://github.com/mbechler/marshalsec
3
https://github.com/jmrozanec/cron-utils
2
https://github.com/sjep/array
2
https://github.com/pytorch/serve
2
https://github.com/OpenAPITools/openapi-generator
2
https://github.com/jfinal/jfinal
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/top-think/thinkphp
2
https://github.com/SAP/cloud-pysec
2
https://github.com/apache/kylin
2
https://github.com/TribalSystems/Zenario
2
https://github.com/totaljs/framework
2
https://github.com/stanfordnlp/corenlp
2
https://github.com/HtmlUnit/htmlunit
2
https://github.com/ahdinosaur/set-in
2
https://github.com/kubernetes/kubernetes
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/MrSwitch/hello.js
2
https://github.com/ibexa/admin-ui
2
https://github.com/evmos/evmos
2
https://github.com/beego/beego
2
https://github.com/dominictarr/libnested
2
https://github.com/fluxcd/flux2
2
https://github.com/moby/buildkit
2
https://github.com/unshiftio/url-parse
2
https://github.com/sidorares/node-mysql2
2
https://github.com/noear/solon
2
https://github.com/h2database/h2database
2
https://github.com/firebase/php-jwt
2
https://github.com/netvl/acc_reader
2
https://github.com/rubyzip/rubyzip
2
https://github.com/russellhaering/gosaml2
2
https://github.com/jenkinsci/semantic-versioning-plugin
2
https://github.com/rest-client/rest-client
2
https://github.com/hashicorp/go-getter
2
https://github.com/qcubed/qcubed
2
https://github.com/nats-io/jwt
2
https://github.com/getgrav/grav
2
https://github.com/rochacbruno/quokka
2
https://github.com/graphite-project/graphite-web
2
https://github.com/rails/rails
2
https://github.com/uasoft-indonesia/badaso
2
https://github.com/apache/flume
2
https://github.com/Froxlor/Froxlor
2
https://github.com/TogaTech/tEnvoy
2
https://github.com/PowerJob/PowerJob
2
https://github.com/Gerapy/Gerapy
2
https://github.com/rust-random/rand
2
https://github.com/hashicorp/nomad
2
https://github.com/vert-x3/vertx-web
2
https://github.com/apache/karaf
2
https://github.com/simplesamlphp/simplesamlphp
2
https://github.com/nilsteampassnet/teampass
2
https://github.com/sparklemotion/nokogiri
2
https://github.com/laurent22/joplin
2
https://gitlab.com/francoisjacquet/rosariosis
2
https://github.com/dominictarr/event-stream
2
https://github.com/KnpLabs/snappy
2
https://github.com/apache/incubator-streampark
2
https://github.com/SAP/cloud-security-services-integration-library
2
https://github.com/skoranga/node-dns-sync
2
https://github.com/commenthol/safer-eval
2
https://github.com/SAP/cloud-security-client-go
2
https://github.com/dfinity/agent-js
2
https://github.com/jaw187/node-traceroute
2
https://github.com/WWBN/AVideo
2
https://github.com/markevans/dragonfly
2
https://github.com/soketi/soketi
2
https://github.com/nilsteampassnet/TeamPass
2
https://github.com/line/armeria
2
https://github.com/gofiber/fiber
2
https://github.com/joomla/joomla-cms
2
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
2
https://github.com/benbusby/whoogle-search
2
https://github.com/google/flatbuffers
2
https://github.com/gventuri/pandas-ai
2
https://github.com/nodejs/llhttp
2
https://github.com/zoujingli/ThinkAdmin
2
https://github.com/Automattic/mongoose
2
https://github.com/handlebars-lang/handlebars.js
2
https://github.com/hashicorp/vault
2
https://github.com/ionicabizau/parse-url
2
https://github.com/cockpit-hq/cockpit
2
https://github.com/keystonejs/keystone
2