Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
High Security Advisories
Loading...
High
Ecosystems: maven
Packages: org.apache.uima:uimaj
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
GSA_kwCzR0hTQS01cjhqLXFtY20tN2c3cc4AA2-w
Apache UIMA Java SDK Deserialization of Untrusted Data, Improper Input Validation vulnerabilityEcosystems: maven
Packages: org.apache.uima:uimaj
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
High
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1nMnFxLWM1ajktNXc1d84AA2-X
XWiki Platform vulnerable to privilege escalation and remote code execution via the edit actionEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
Ecosystems: go
Packages: github.com/projectcalico/calico
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: 6 months ago
GSA_kwCzR0hTQS01cjVoLXE5MzQtY2NjcM4AA29C
Calico Typha denial of service vulnerabilityEcosystems: go
Packages: github.com/projectcalico/calico
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: 6 months ago
High
Ecosystems: npm
Packages: @clickbar/dot-diver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS05dzVmLW13M3AtcGo0N84AA26p
Prototype Pollution(PP) vulnerability in setByPathEcosystems: npm
Packages: @clickbar/dot-diver
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: npm
Packages: @strapi/strapi, @strapi/plugin-users-permissions
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: 7 months ago
GSA_kwCzR0hTQS1nYzdwLWo1eG0teHhoMs4AA26o
Unauthorized Access to Private Fields in User Registration APIEcosystems: npm
Packages: @strapi/strapi, @strapi/plugin-users-permissions
Source: GitHub Advisory Database
Blast Radius: 26.4
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/kubernetes-csi/csi-proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1yNmNjLTd3ajctZ2Z4Ms4AA26g
Kubernetes csi-proxy vulnerable to privilege escalation due to improper input validationEcosystems: go
Packages: github.com/kubernetes-csi/csi-proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: packagist
Packages: intelliants/subrion
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: 7 months ago
GSA_kwCzR0hTQS0yeDI4LWM3ajctMjNnds4AA26P
Subrion remote command execution vulnerabilityEcosystems: packagist
Packages: intelliants/subrion
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: 7 months ago
High
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 7 months ago
GSA_kwCzR0hTQS04Z2hqLXA0dmotbXIzNc4AA250
Pillow Denial of Service vulnerabilityEcosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 37.1
Published: 7 months ago
High
Ecosystems: maven
Packages: top.tangyh.basic:lamp-util, top.tangyh.basic:lamp-core
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: 7 months ago
GSA_kwCzR0hTQS14cjhjLW1xNXgtNWY1Ns4AA25D
Dromara Lamp-Cloud Use of Hard-coded Cryptographic KeyEcosystems: maven
Packages: top.tangyh.basic:lamp-util, top.tangyh.basic:lamp-core
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: 7 months ago
High
Ecosystems: packagist
Packages: foodcoopshop/foodcoopshop
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1qaHd3LWZ4MmotM3JmN84AA24t
FoodCoopShop Server-Side Request Forgery vulnerabilityEcosystems: packagist
Packages: foodcoopshop/foodcoopshop
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: 7 months ago
GSA_kwCzR0hTQS1xbWY5LTZqcWYtajhmcc4AA23t
Django potential denial of service vulnerability in UsernameField on WindowsEcosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: 7 months ago
High
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 7 months ago
GSA_kwCzR0hTQS1yOWNtLXB3OWotM2ZweM4AA21l
Dolibarr Improper Input Validation vulnerabilityEcosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 7 months ago
High
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: 7 months ago
GSA_kwCzR0hTQS03ZnhtLWY0NzQtaGY4d84AA209
Kubernetes privilege escalation vulnerabilityEcosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: 7 months ago
High
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: 7 months ago
GSA_kwCzR0hTQS1xNzhjLWd3cXctamNtY84AA20_
Kubernetes privilege escalation vulnerabilityEcosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 37.9
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/nats-io/nats-server/v2, github.com/nats-io/nkeys
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: 7 months ago
GSA_kwCzR0hTQS1tcjQ1LXJ4OHEtd2NtOc4AA207
xkeys seal encryption used fixed key for all encryptionEcosystems: go
Packages: github.com/nats-io/nats-server/v2, github.com/nats-io/nkeys
Source: GitHub Advisory Database
Blast Radius: 33.4
Published: 7 months ago
High
Ecosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: 7 months ago
GSA_kwCzR0hTQS1nNWhwLTMyOGgtamo5OM4AA2zj
phpMyFAQ Cross-site Scripting vulnerabilityEcosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: 7 months ago
High
Ecosystems: npm
Packages: generator-jhipster
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 7 months ago
GSA_kwCzR0hTQS00Z3BtLXIyM2gtZ3Byd84AA2zp
generator-jhipster allows a timing attack against validateToken due to a string comparison that stops at the first characterEcosystems: npm
Packages: generator-jhipster
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 7 months ago
High
Ecosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 7 months ago
GSA_kwCzR0hTQS1mNzI4LXByaHctMmc2OM4AA2zm
Insufficient Session Expiration in thorsten/phpmyfaqEcosystems: packagist
Packages: thorsten/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: 7 months ago
High
Ecosystems: packagist
Packages: kimai/kimai
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 7 months ago
GSA_kwCzR0hTQS1mamhnLTk2Y3AtNmZjd84AA2xl
Kimai (Authenticated) SSTI to RCE by Uploading a Malicious Twig FileEcosystems: packagist
Packages: kimai/kimai
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 7 months ago
High
Ecosystems: packagist
Packages: codeigniter4/framework
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: 7 months ago
GSA_kwCzR0hTQS1od3hmLXF4ajctN3Jmas4AA2xN
CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environmentEcosystems: packagist
Packages: codeigniter4/framework
Source: GitHub Advisory Database
Blast Radius: 25.0
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/quic-go/quic-go
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: 7 months ago
GSA_kwCzR0hTQS0zcTZtLXY4NGYtNnA5aM4AA2xM
quic-go vulnerable to pointer dereference that can lead to panicEcosystems: go
Packages: github.com/quic-go/quic-go
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: 7 months ago
High
Ecosystems: pypi
Packages: apache-airflow, apache-airflow-providers-celery
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: 7 months ago
GSA_kwCzR0hTQS02NjZnLXJmYzUtYzlqds4AA2wn
Apache Airflow Celery provider Insertion of Sensitive Information into Log File vulnerabilityEcosystems: pypi
Packages: apache-airflow, apache-airflow-providers-celery
Source: GitHub Advisory Database
Blast Radius: 23.9
Published: 7 months ago
High
Ecosystems: packagist
Packages: juzaweb/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS1oOTJtLTRnOW0tNzJ2cs4AA2wi
juzawebCMS Injection vulnerabilityEcosystems: packagist
Packages: juzaweb/cms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: maven
Packages: org.owasp.esapi:esapi
Source: GitHub Advisory Database
Blast Radius: 23.8
Published: 7 months ago
GSA_kwCzR0hTQS03YzJxLTVxbXItdjc2cc4AA2we
DoS vulnerabilities persist in ESAPI file uploads despite remediation of CVE-2023-24998Ecosystems: maven
Packages: org.owasp.esapi:esapi
Source: GitHub Advisory Database
Blast Radius: 23.8
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v6, github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v5, github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v4
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS13NnJwLXZ4ajItZmpocs4AA2us
Cosmos packet-forward-middleware vulnerable to chain-haltEcosystems: go
Packages: github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v6, github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v5, github.com/cosmos/ibc-apps/middleware/packet-forward-middleware/v4
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: npm
Packages: browserify-sign
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: 7 months ago
GSA_kwCzR0hTQS14OXc1LXYzcTItM3Jod84AA2uZ
browserify-sign upper bound check issue in `dsaVerify` leads to a signature forgery attackEcosystems: npm
Packages: browserify-sign
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: 7 months ago
High
Ecosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 32.0
Published: 7 months ago
GSA_kwCzR0hTQS0yY3FmLTZ4djktZjIyd84AA2uM
Elasticsearch vulnerable to Uncontrolled Resource ConsumptionEcosystems: maven
Packages: org.elasticsearch:elasticsearch
Source: GitHub Advisory Database
Blast Radius: 32.0
Published: 7 months ago
High
Ecosystems: go
Packages: k8s.io/ingress-nginx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS1mcDlmLTQ0YzItY3cyN84AA2tB
Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotationEcosystems: go
Packages: k8s.io/ingress-nginx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: go
Packages: k8s.io/ingress-nginx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS01d2o0LXdmZnEtMzM3OM4AA2tO
Ingress nginx annotation injection causes arbitrary command executionEcosystems: go
Packages: k8s.io/ingress-nginx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: go
Packages: k8s.io/ingress-nginx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS1ndnJtLXcyZjktZjc3cc4AA2sh
Ingress-nginx path sanitization can be bypassedEcosystems: go
Packages: k8s.io/ingress-nginx
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: go
Packages: google.golang.org/grpc
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: 7 months ago
GSA_kwCzR0hTQS1tNDI1LW1xOTQtMjU3Z84AA2sQ
gRPC-Go HTTP/2 Rapid Reset vulnerabilityEcosystems: go
Packages: google.golang.org/grpc
Source: GitHub Advisory Database
Blast Radius: 39.0
Published: 7 months ago
High
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-core-rendering-macro-footnotes, org.xwiki.rendering:xwiki-rendering-macro-footnotes
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: 7 months ago
GSA_kwCzR0hTQS0zNWo1LW0yOXIteGZxNc4AA2sH
XWiki Rendering's footnote macro vulnerable to privilege escalation via the footnote macroEcosystems: maven
Packages: org.xwiki.platform:xwiki-core-rendering-macro-footnotes, org.xwiki.rendering:xwiki-rendering-macro-footnotes
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: 7 months ago
High
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-attachment-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1yd3d4LTY1NzItbXAyOc4AA2sF
org.xwiki.platform:xwiki-platform-attachment-api vulnerable to Missing Authorization on Attachment MoveEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-attachment-api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-menu-ui, org.xwiki.platform:xwiki-platform-menu
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS12MnJyLXh3OTUtd2NqeM4AA2sE
Privilege escalation (PR)/remote code execution from account through Menu.UIExtensionSheetEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-menu-ui, org.xwiki.platform:xwiki-platform-menu
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: maven
Packages: com.coravy.hudson.plugins.github:github
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: 7 months ago
GSA_kwCzR0hTQS1tdjc3LWZqNjMtcTV3OM4AA2q7
Stored XSS vulnerability in Jenkins GitHub PluginEcosystems: maven
Packages: com.coravy.hudson.plugins.github:github
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: 7 months ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:electricflow
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1qeDd4LXJmM2YtajY0NM4AA2ry
Jenkins CloudBees CD Plugin vulnerable to arbitrary file deletionEcosystems: maven
Packages: org.jenkins-ci.plugins:electricflow
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: maven
Packages: org.jenkins-ci.plugins:trac
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1qd3gzLTJocTMtNjgyY84AA2rF
Jenkins Edgewall Trac Plugin vulnerable to Stored XSSEcosystems: maven
Packages: org.jenkins-ci.plugins:trac
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: maven
Packages: cn.dev33:sa-token-core
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: 7 months ago
GSA_kwCzR0hTQS13OXZoLWh2NWctN3dtcs4AA2pw
SaToken authentication bypass vulnerabilityEcosystems: maven
Packages: cn.dev33:sa-token-core
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: 7 months ago
High
Ecosystems: npm
Packages: node-email-check
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS05MjQyLTZwMzYtNjI1Ns4AA2pR
Inefficient Regular Expression Complexity in node-email-checkEcosystems: npm
Packages: node-email-check
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: maven
Packages: org.bitbucket.b_c:jose4j
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: 7 months ago
GSA_kwCzR0hTQS03ZzI0LXFnODgtcDQzcc4AA2pM
jose4j uses weak cryptographic algorithmEcosystems: maven
Packages: org.bitbucket.b_c:jose4j
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: 7 months ago
High
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 7 months ago
GSA_kwCzR0hTQS1yMmh3LTc0eHYtNGdxcM4AA2oV
Nautobot vulnerable to exposure of hashed user passwords via REST APIEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 7 months ago
High
Ecosystems: maven
Packages: org.geoserver.extension:gs-wps-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS01cHIzLW01aG0tOTk1Ns4AA2oT
WPS Server Side Request Forgery vulnerabilityEcosystems: maven
Packages: org.geoserver.extension:gs-wps-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1qcTN3LTltZ2YtNDNtNM4AA2oO
Fides Server-Side Request Forgery Vulnerability in Custom Integration UploadEcosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: rubygems
Packages: encoded_id-rails
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS0zcHg3LWptMnAtNmgyY84AA2oN
encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDsEcosystems: rubygems
Packages: encoded_id-rails
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 23.1
Published: 7 months ago
GSA_kwCzR0hTQS03OTJxLXE2N2gtdzU3Oc4AA2oK
Parse Server may crash when uploading file without extensionEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 23.1
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/free5gc/udm
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 7 months ago
GSA_kwCzR0hTQS1jcXZ2LXIzZzMtMjZyZs4AA2nX
free5GC udm vulnerable to Invalid Curve AttackEcosystems: go
Packages: github.com/free5gc/udm
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 7 months ago
High
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 32.0
Published: 7 months ago
GSA_kwCzR0hTQS02aDhwLTRoeDktdzY2Y84AA2mq
Langchain Server-Side Request Forgery vulnerabilityEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 32.0
Published: 7 months ago
High
Ecosystems: pypi
Packages: pdm
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 7 months ago
GSA_kwCzR0hTQS1qNDR2LW1tZjIteHZtOc4AA2mh
PDM Trojan LockfileEcosystems: pypi
Packages: pdm
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: 7 months ago
High
Ecosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: 7 months ago
GSA_kwCzR0hTQS05d2ozLWNmcTgtd3B2as4AA2mc
modoboa Cross-site Scripting vulnerabilityEcosystems: pypi
Packages: modoboa
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: 7 months ago
High
Ecosystems: cargo, npm
Packages: tauri-cli, @tauri-apps/cli
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: 7 months ago
GSA_kwCzR0hTQS0ycmNwLWp2cjQtcjI1Oc4AA2mV
Tauri's Updater Private Keys Possibly Leaked via Vite Environment VariablesEcosystems: cargo, npm
Packages: tauri-cli, @tauri-apps/cli
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: 7 months ago
High
Ecosystems: cargo
Packages: pleaser
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1jZ2Y4LWgzZnAtaDk1Ns4AA2lB
Pleaser privilege escalation vulnerabilityEcosystems: cargo
Packages: pleaser
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: 7 months ago
GSA_kwCzR0hTQS1obWd3LTlqcmctaGYybc4AA2kX
Directus crashes on invalid WebSocket messageEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: 7 months ago
High
Ecosystems: maven
Packages: org.yamcs:yamcs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS13NG0yLXFtaDMtMmc4Zs4AA2kP
Yamcs Path Traversal vulnerabilityEcosystems: maven
Packages: org.yamcs:yamcs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/artifacthub/hub
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1obXE0LWMycjQtNXE4aM4AA2kJ
Artifact Hub arbitrary file read vulnerabilityEcosystems: go
Packages: github.com/artifacthub/hub
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/nats-io/nats-server/v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS1mcjJnLTloam0td3IyM84AA2kD
NATS.io: Adding accounts for just the system account adds auth bypassEcosystems: go
Packages: github.com/nats-io/nats-server/v2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: cargo
Packages: apollo-router
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: 7 months ago
GSA_kwCzR0hTQS1yMzQ0LXh3M3AtMmZyas4AA2kB
Apollo Router vulnerable to Improper Check or Handling of Exceptional ConditionsEcosystems: cargo
Packages: apollo-router
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: 7 months ago
High
Ecosystems: maven
Packages: org.apache.inlong:manager-pojo, org.apache.inlong:manager-common
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 7 months ago
GSA_kwCzR0hTQS1qajMyLTNwZjUtNW12Nc4AA2jn
Apache InLong Deserialization of Untrusted Data VulnerabilityEcosystems: maven
Packages: org.apache.inlong:manager-pojo, org.apache.inlong:manager-common
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 7 months ago
High
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: 7 months ago
GSA_kwCzR0hTQS02NTV3LWZtOG0tbTQ3OM4AA2ja
LangChain Server Side Request Forgery vulnerabilityEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: 7 months ago
High
Ecosystems: npm
Packages: deobfuscator
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: 7 months ago
GSA_kwCzR0hTQS1qZzgyLXhoM3ctcmh4eM4AA2jA
Synchrony deobfuscator prototype pollution vulnerability leading to arbitrary code executionEcosystems: npm
Packages: deobfuscator
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1ocjRmLTZqaDgtZjJ2cc4AA2i_
OpenFGA DoS vulnerabilityEcosystems: go
Packages: github.com/openfga/openfga
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/arduino/arduino-create-agent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS03NWo3LXc3OTgtY3d3eM4AA2i9
Arduino Create Agent path traversal - local privilege escalation vulnerabilityEcosystems: go
Packages: github.com/arduino/arduino-create-agent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/arduino/arduino-create-agent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS00eDVxLXE3d2MtcTIycM4AA2i7
Arduino Create Agent Insufficient Verification of Data Authenticity vulnerabilityEcosystems: go
Packages: github.com/arduino/arduino-create-agent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/ethereum/go-ethereum
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: 7 months ago
GSA_kwCzR0hTQS12OWpoLWo4cHgtOTh2cc4AA2iM
go-ethereum vulnerable to denial of service via crafted GraphQL queryEcosystems: go
Packages: github.com/ethereum/go-ethereum
Source: GitHub Advisory Database
Blast Radius: 28.8
Published: 7 months ago
High
Ecosystems: maven
Packages: org.opensearch.plugin:opensearch-security
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS04d3gzLTMyNGctdzRxcc4AA2ga
OpenSearch uncontrolled resource consumptionEcosystems: maven
Packages: org.opensearch.plugin:opensearch-security
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/crewjam/saml
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: 7 months ago
GSA_kwCzR0hTQS0yNjd2LTN2MzItZzZxNc4AA2gX
Cross-site Scripting via missing Binding syntax validationEcosystems: go
Packages: github.com/crewjam/saml
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: 7 months ago
High
Ecosystems: packagist
Packages: silverstripe/graphql
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: 7 months ago
GSA_kwCzR0hTQS12MjN3LXBwcG0tamg2Ns4AA2gU
Silverstripe GraphQL has DDOS Vulnerability due to lack of protection against recursive queriesEcosystems: packagist
Packages: silverstripe/graphql
Source: GitHub Advisory Database
Blast Radius: 17.9
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/kumahq/kuma
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 7 months ago
GSA_kwCzR0hTQS05d21jLXJnNGgtMjh3ds4AA2gR
github.com/kumahq/kuma affected by CVE-2023-44487Ecosystems: go
Packages: github.com/kumahq/kuma
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/gofiber/fiber/v2
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: 7 months ago
GSA_kwCzR0hTQS1tdjczLWY2OXgtNDQ0cM4AA2gQ
Go Fiber CSRF Token Validation VulnerabilityEcosystems: go
Packages: github.com/gofiber/fiber/v2
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: 7 months ago
High
Ecosystems: go
Packages: go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace, go.opentelemetry.io/contrib/instrumentation/gopkg.in/macaron.v1/otelmacaron, go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho, go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux, go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin, go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful, go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: 7 months ago
GSA_kwCzR0hTQS1yY2p2LW1ncDgtcXZtcs4AA2eX
OpenTelemetry-Go Contrib vulnerable to denial of service in otelhttp due to unbound cardinality metricsEcosystems: go
Packages: go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace, go.opentelemetry.io/contrib/instrumentation/gopkg.in/macaron.v1/otelmacaron, go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho, go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux, go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin, go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful, go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
Source: GitHub Advisory Database
Blast Radius: 31.4
Published: 7 months ago
High
Ecosystems: maven
Packages: org.apache.inlong:inlong
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1mcGNmLXFyNzktaGpxcM4AA2dw
SQL Injection in Apache InLongEcosystems: maven
Packages: org.apache.inlong:inlong
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: 7 months ago
GSA_kwCzR0hTQS1tcjZoLTd4Mm0tcmdtcc4AA2dG
SQL injection in librenms/librenmsEcosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: 7 months ago
High
Ecosystems: npm
Packages: node-qpdf
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 7 months ago
GSA_kwCzR0hTQS1mcHI4LTR3dngtajlxM84AA2cb
node-qpdf vulnerable to command injectionEcosystems: npm
Packages: node-qpdf
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 7 months ago
High
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 7 months ago
GSA_kwCzR0hTQS01bTIyLWNmcTktODZ4Ns4AA2cN
Pickle serialization vulnerable to Deserialization of Untrusted DataEcosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 7 months ago
High
Ecosystems: go
Packages: k8s.io/kops
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 7 months ago
GSA_kwCzR0hTQS04Z3dqLW02dmgtMmc2as4AA2Zu
kOps privilege escalation vulnerabilityEcosystems: go
Packages: k8s.io/kops
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: 7 months ago
High
Ecosystems: go
Packages: golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: 7 months ago
GSA_kwCzR0hTQS00Mzc0LXA2NjctcDZjOM4AA2ZJ
HTTP/2 rapid reset can cause excessive work in net/httpEcosystems: go
Packages: golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 40.8
Published: 7 months ago
High
Ecosystems: packagist
Packages: snipe/snipe-it
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS0zM3ZqLXI2cDYteDRwOM4AA2YJ
Cross-Site Request Forgery (CSRF) in snipe/snipe-itEcosystems: packagist
Packages: snipe/snipe-it
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: nuget
Packages: Microsoft.Native.Quic.MsQuic.Schannel, Microsoft.Native.Quic.MsQuic.OpenSSL
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1mcjQ0LTU0NnAtN3hjcM4AA2X_
MsQuic Remote Denial of Service VulnerabilityEcosystems: nuget
Packages: Microsoft.Native.Quic.MsQuic.Schannel, Microsoft.Native.Quic.MsQuic.OpenSSL
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: maven
Packages: io.netty:netty-codec-http2
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 7 months ago
GSA_kwCzR0hTQS14cHc4LXJjd3YtOGY4cM4AA2X-
io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset AttackEcosystems: maven
Packages: io.netty:netty-codec-http2
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 7 months ago
High
Ecosystems: hex
Packages: mtproto_proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS03MzhxLW1jNzItMnEyMs4AA2X9
MTProto proxy remote code execution vulnerabilityEcosystems: hex
Packages: mtproto_proxy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: npm
Packages: @graphql-mesh/runtime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS1ycjR4LWNyaGYtODg4Ns4AA2X5
Cache variables with the operations when transforms exist on the root level even if variables change in the further requests with the same operationEcosystems: npm
Packages: @graphql-mesh/runtime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1nOXYyLXdxY2otajk5Z84AA2X4
Uptime Kuma has Persistentent User SessionsEcosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: nuget
Packages: Microsoft.Native.Quic.MsQuic.OpenSSL, Microsoft.Native.Quic.MsQuic.Schannel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS14aDVtLThxcXAtYzV4N84AA2X0
Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.SchannelEcosystems: nuget
Packages: Microsoft.Native.Quic.MsQuic.OpenSSL, Microsoft.Native.Quic.MsQuic.Schannel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: maven
Packages: org.eclipse.jetty.http2:http2-hpack, org.eclipse.jetty.http3:http3-qpack
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: 7 months ago
GSA_kwCzR0hTQS13Z2g3LTU0ZjIteDk4cs4AA2Xy
HTTP/2 HPACK integer overflow and buffer allocationEcosystems: maven
Packages: org.eclipse.jetty.http2:http2-hpack, org.eclipse.jetty.http3:http3-qpack
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: 7 months ago
High
Ecosystems: nuget
Packages: Azure.Identity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS01bWZ4LTR3Y3gtcnYyN84AA2Vz
Azure Identity SDK Remote Code Execution VulnerabilityEcosystems: nuget
Packages: Azure.Identity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: go
Packages: github.com/nghttp2/nghttp2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS12eDc0LWY1MjgtZnhxZ84AA2Va
github.com/nghttp2/nghttp2 has HTTP/2 Rapid ResetEcosystems: go
Packages: github.com/nghttp2/nghttp2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: npm
Packages: openmct
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: 7 months ago
GSA_kwCzR0hTQS00eGN4LWN3cnEtdzc5Ms4AA2SA
Prototype Pollution in NASA Open MCTEcosystems: npm
Packages: openmct
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: 7 months ago
High
Ecosystems: maven
Packages: org.thingsboard:thingsboard
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS02cGdyLWo5djQteGZ2ds4AA2R_
ThingsBoard Server-Side Template InjectionEcosystems: maven
Packages: org.thingsboard:thingsboard
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: nuget
Packages: ImageResizer.Plugins.FreeImage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS13cWNyLXhtNDMtaHBxcs4AA2R3
Vulnerable version of libwebp and can be exploited with a malicious source imageEcosystems: nuget
Packages: ImageResizer.Plugins.FreeImage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: pypi
Packages: webp
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 7 months ago
GSA_kwCzR0hTQS1mOXBtLTRnOXAtNnZtM84AA2Rp
Bundled libwebp in pywebp vulnerableEcosystems: pypi
Packages: webp
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 7 months ago
High
Ecosystems: pypi
Packages: ni-measurementlink-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS0zZjQ4LTlqN3EtcTJnds4AA2Qr
NI MeasurementLink Python Services Improper Access Restriction vulnerabilityEcosystems: pypi
Packages: ni-measurementlink-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
Ecosystems: rubygems
Packages: decidim, decidim-templates
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: 8 months ago
GSA_kwCzR0hTQS02MzloLTg2aHctcWNqcc4AA2Qo
Decidim has broken access control in templatesEcosystems: rubygems
Packages: decidim, decidim-templates
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: 8 months ago
High
Ecosystems: nuget
Packages: CefSharp.Common.NETCore, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS00YzI5LWdmcnAtZzZ4Oc4AA2QO
CefSharp affected by libvpx's heap buffer overflow in vp8 encodingEcosystems: nuget
Packages: CefSharp.Common.NETCore, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
Ecosystems: pypi
Packages: imagecodecs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS05NHZjLXA4dzctNXA0Oc4AA2QD
Bundled libwebp in imagecodecs vulnerableEcosystems: pypi
Packages: imagecodecs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS01NnB3LW1wajQtZnh3d84AA2QC
Bundled libwebp in Pillow vulnerableEcosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: npm
Packages: express-zod-api
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 8 months ago
GSA_kwCzR0hTQS1tdnJwLTNjdngtYzMyNc4AA2PO
Zod denial of service vulnerability during email validationEcosystems: npm
Packages: express-zod-api
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 8 months ago
High
Ecosystems: maven
Packages: io.quarkus:quarkus-oidc
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: 8 months ago
GSA_kwCzR0hTQS02aGM5LWNmOHgtaGY4M84AA2O5
Quarkus OIDC can leak both ID and access tokensEcosystems: maven
Packages: io.quarkus:quarkus-oidc
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: 8 months ago
High
Ecosystems: maven
Packages: com.facebook.presto:presto-jdbc
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 8 months ago
GSA_kwCzR0hTQS04NnE1LXFjamMtN3B2NM4AA2Oc
Presto JDBC Server-Side Request Forgery by nextUriEcosystems: maven
Packages: com.facebook.presto:presto-jdbc
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 8 months ago
High
Ecosystems: maven
Packages: com.facebook.presto:presto-jdbc
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 8 months ago
GSA_kwCzR0hTQS14bTd4LWYzdzItNGhqbc4AA2Ob
Presto JDBC Server-Side Request Forgery by redirectEcosystems: maven
Packages: com.facebook.presto:presto-jdbc
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: 8 months ago
High
Ecosystems: pypi
Packages: asyncua
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 8 months ago
GSA_kwCzR0hTQS0yODk0LXFjcWYtZzIzZ84AA2Ml
asyncua Improper Authentication vulnerabilityEcosystems: pypi
Packages: asyncua
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 8 months ago
High
Ecosystems: npm
Packages: static-server
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: 8 months ago
GSA_kwCzR0hTQS12ODM0LXJodjQtNjVtM84AA2Mj
static-server Path Traversal vulnerabilityEcosystems: npm
Packages: static-server
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: 8 months ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 2,465
Ecosystems: 12
Packages: 8,381
Repositories: 2,465
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
Microsoft.ChakraCore
234
tensorflow
107
tensorflow-cpu
95
tensorflow-gpu
93
magento/community-edition
59
org.jenkins-ci.main:jenkins-core
48
moodle/moodle
44
com.fasterxml.jackson.core:jackson-databind
43
org.apache.tomcat:tomcat
33
dolibarr/dolibarr
31
drupal/core
30
microweber/microweber
27
pimcore/pimcore
27
drupal/drupal
26
nokogiri
25
org.apache.struts:struts2-core
23
phpmyadmin/phpmyadmin
23
com.thoughtworks.xstream:xstream
22
opencv-contrib-python
22
opencv-python
22
typo3/cms
22
Pillow
21
com.jfinal:jfinal
21
ansible
20
salt
20
django
19
github.com/rancher/rancher
19
thorsten/phpmyfaq
19
typo3/cms-core
18
org.jenkins-ci.plugins:script-security
18
librenms/librenms
18
mlflow
18
Plone
17
openssl-src
17
pocketmine/pocketmine-mp
17
getgrav/grav
16
symfony/symfony
16
org.apache.tomcat.embed:tomcat-embed-core
16
apache-airflow
16
parse-server
15
rdiffweb
15
nilsteampassnet/teampass
15
Microsoft.AspNetCore.App.Runtime.win-x86
14
Microsoft.AspNetCore.App.Runtime.win-x64
14
github.com/hashicorp/consul
14
net.mingsoft:ms-mcms
14
vyper
14
centreon/centreon
14
Microsoft.AspNetCore.App.Runtime.win-arm
13
github.com/usememos/memos
13
rubygems-update
13
golang.org/x/net
13
Microsoft.AspNetCore.App.Runtime.osx-x64
12
Microsoft.AspNetCore.App.Runtime.linux-x64
12
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
12
Microsoft.AspNetCore.App.Runtime.linux-arm
12
org.keycloak:keycloak-core
12
baserproject/basercms
12
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
12
org.apache.openmeetings:openmeetings-parent
12
electron
12
Microsoft.AspNetCore.App.Runtime.linux-arm64
12
activerecord
12
Microsoft.AspNetCore.App.Runtime.win-arm64
12
intelliants/subrion
11
github.com/argoproj/argo-cd
11
mautic/core
11
github.com/hashicorp/vault
11
github.com/nats-io/nats-server/v2
11
actionpack
11
org.keycloak:keycloak-parent
11
io.undertow:undertow-core
11
keystone
10
shopware/platform
10
org.springframework.security:spring-security-core
10
cobbler
10
Django
10
org.apache.nifi:nifi
10
org.xwiki.platform:xwiki-platform-oldcore
10
cockpit-hq/cockpit
10
froxlor/froxlor
10
openmage/magento-lts
10
github.com/hashicorp/nomad
10
matrix-synapse
10
org.bouncycastle:bcprov-jdk14
9
craftcms/cms
9
ckb
9
github.com/ethereum/go-ethereum
9
Microsoft.NetCore.App.Runtime.win-arm
9
org.apache.hadoop:hadoop-main
9
mercurial
9
Microsoft.NetCore.App.Runtime.win-arm64
9
org.apache.struts.xwork:xwork-core
9
org.cloudfoundry.identity:cloudfoundry-identity-server
9
Microsoft.NetCore.App.Runtime.win-x64
9
rusqlite
9
Microsoft.NetCore.App.Runtime.win-x86
9
org.apache.geode:geode-core
9
org.apache.solr:solr-core
9
laravel/framework
9
Microsoft.NETCore.App.Runtime.win-arm64
8
Microsoft.NETCore.App.Runtime.win-x64
8
gradio
8
Microsoft.NETCore.App.Runtime.win-x86
8
shopware/core
8
Microsoft.AspNetCore.App.Runtime.linux-musl-arm
8
org.bouncycastle:bcprov-jdk15
8
org.keycloak:keycloak-services
8
github.com/sylabs/singularity
8
october/system
8
cn.hutool:hutool-core
7
DotNetNuke.Core
7
tar
7
com.liferay.portal:release.portal.bom
7
snipe/snipe-it
7
apache-superset
7
com.xuxueli:xxl-job
7
strapi
7
org.elasticsearch:elasticsearch
7
deno
7
cakephp/cakephp
7
org.eclipse.jetty:jetty-server
7
symfony/security
7
phpmailer/phpmailer
7
pillow
7
org.apache.commons:commons-compress
7
magento/core
7
next
7
gogs.io/gogs
7
codeigniter4/framework
7
org.craftercms:crafter-studio
7
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
7
smarty/smarty
7
org.springframework:spring-core
7
org.jenkins-ci.plugins.workflow:workflow-cps
7
org.apache.inlong:manager-pojo
7
github.com/docker/docker
7
cryptography
6
Microsoft.NETCore.App
6
waitress
6
contao/core-bundle
6
contao/contao
6
Microsoft.AspNetCore.All
6
rack
6
sequelize
6
guzzlehttp/guzzle
6
ezsystems/ezpublish-kernel
6
github.com/hyperledger/fabric
6
@strapi/strapi
6
@openzeppelin/contracts
6
org.apache.camel:camel-core
6
opencv-python-headless
6
Microsoft.AspNetCore.App.Runtime.osx-arm64
6
opencv-contrib-python-headless
6
github.com/gravitl/netmaker
6
github.com/grafana/grafana
6
org.apache.tomcat:tomcat-coyote
6
nautobot
6
sized-chunks
6
kiwitcms
6
golang.org/x/crypto
6
org.apache.tika:tika-core
6
symfony/security-http
6
wwbn/avideo
6
prestashop/prestashop
6
npm
6
composer/composer
6
k8s.io/kubernetes
6
de.tum.in.ase:artemis-java-test-sandbox
6
express-cart
6
github.com/traefik/traefik/v2
6
github.com/zitadel/zitadel
6
istio.io/istio
6
org.apache.cxf:cxf
6
handlebars
6
org.xwiki.platform:xwiki-platform-web
5
pear/archive_tar
5
directus
5
org.apache.xmlgraphics:batik
5
phpbb/phpbb
5
zope
5
Microsoft.WindowsDesktop.App.Runtime.win-x86
5
Microsoft.WindowsDesktop.App.Runtime.win-x64
5
OPCFoundation.NetStandard.Opc.Ua.Core
5
getkirby/cms
5
org.apache.mesos:mesos
5
com.vaadin:vaadin-bom
5
ezsystems/ezpublish-legacy
5
@openzeppelin/contracts-upgradeable
5
plone
5
genix/cms
5
github.com/nats-io/jwt
5
CefSharp.Common
5
org.apache.tomcat:tomcat-catalina
5
github.com/cilium/cilium
5
forkcms/forkcms
5
serve
5
github.com/go-gitea/gitea
5
github.com/answerdev/answer
5
aubio
5
Filter by Repository
https://github.com/chakra-core/ChakraCore
204
https://github.com/tensorflow/tensorflow
107
https://github.com/xwiki/xwiki-platform
48
https://github.com/FasterXML/jackson-databind
44
https://github.com/jenkinsci/jenkins
36
https://github.com/apache/tomcat
34
https://github.com/django/django
26
https://github.com/python-pillow/Pillow
26
https://github.com/apache/airflow
25
https://github.com/pimcore/pimcore
25
https://github.com/microweber/microweber
25
https://github.com/moodle/moodle
24
https://github.com/keycloak/keycloak
22
https://github.com/apache/struts
22
https://github.com/x-stream/xstream
22
https://github.com/opencv/opencv
21
https://github.com/sparklemotion/nokogiri
20
https://github.com/Dolibarr/dolibarr
19
https://github.com/thorsten/phpmyfaq
18
https://github.com/pmmp/PocketMine-MP
17
https://github.com/dotnet/runtime
17
https://github.com/rancher/rancher
16
https://github.com/spring-projects/spring-framework
16
https://github.com/symfony/symfony
16
https://github.com/ansible/ansible
15
https://github.com/ikus060/rdiffweb
15
https://github.com/parse-community/parse-server
15
https://github.com/github/advisory-database
14
https://github.com/apache/inlong
14
https://github.com/librenms/librenms
14
https://github.com/vyperlang/vyper
14
https://github.com/getgrav/grav
14
https://github.com/mlflow/mlflow
13
https://github.com/usememos/memos
13
https://github.com/jenkinsci/script-security-plugin
13
https://github.com/rails/rails
12
https://github.com/hashicorp/consul
11
https://github.com/mautic/mautic
11
https://github.com/electron/electron
11
https://github.com/apache/nifi
11
https://github.com/centreon/centreon
10
https://github.com/OpenMage/magento-lts
10
https://github.com/go-gitea/gitea
10
https://github.com/argoproj/argo-cd
10
https://github.com/octobercms/october
10
https://github.com/strapi/strapi
9
https://github.com/golang/go
9
https://github.com/cui2shark/cms
9
https://github.com/openstack/keystone
9
https://github.com/rusqlite/rusqlite
9
https://github.com/apache/camel
9
https://github.com/cloudfoundry/uaa
9
https://github.com/nilsteampassnet/teampass
9
https://github.com/kubernetes/kubernetes
9
https://github.com/nervosnetwork/ckb
9
https://github.com/TYPO3/TYPO3.CMS
8
https://github.com/cobbler/cobbler
8
https://github.com/gradio-app/gradio
8
https://github.com/cockpit-hq/cockpit
8
https://github.com/nats-io/nats-server
8
https://github.com/denoland/deno
8
https://github.com/bcgit/bc-java
8
https://github.com/matrix-org/synapse
8
https://github.com/shopware/platform
8
https://github.com/netty/netty
7
https://github.com/dotnet/aspnetcore
7
https://github.com/PHPMailer/PHPMailer
7
https://github.com/eclipse/jetty.project
7
https://github.com/spring-projects/spring-security
7
https://github.com/undertow-io/undertow
7
https://github.com/snipe/snipe-it
7
https://github.com/hashicorp/vault
7
https://github.com/laravel/framework
7
https://github.com/rubygems/rubygems
7
https://github.com/DSpace/DSpace
7
https://github.com/apache/activemq
7
https://github.com/plone/Products.CMFPlone
7
https://github.com/apache/cxf
7
https://github.com/nautobot/nautobot
6
https://github.com/DrunkenShells/Disclosures
6
https://github.com/istio/istio
6
https://github.com/PaddlePaddle/Paddle
6
https://github.com/hyperledger/fabric
6
https://github.com/OpenNMS/opennms
6
https://github.com/intelliants/subrion
6
https://github.com/smarty-php/smarty
6
https://github.com/pyca/cryptography
6
https://github.com/CVEProject/cvelist
6
https://github.com/xuxueli/xxl-job
6
https://github.com/saltstack/salt
6
https://github.com/TYPO3/typo3
6
https://github.com/guzzle/guzzle
6
https://github.com/sequelize/sequelize
6
https://github.com/kiwitcms/Kiwi
6
https://github.com/contao/contao
6
https://github.com/bodil/sized-chunks
6
https://github.com/dnnsoftware/Dnn.Platform
6
https://github.com/phpmyadmin/phpmyadmin
6
https://github.com/dromara/hutool
6
https://github.com/gravitl/netmaker
6
https://github.com/zitadel/zitadel
6
https://github.com/OpenZeppelin/openzeppelin-contracts
6
https://github.com/Pylons/waitress
6
https://github.com/ls1intum/Ares
6
https://github.com/magento/magento2
6
https://github.com/npm/node-tar
6
https://github.com/OPCFoundation/UA-.NETStandard
6
https://github.com/nilsteampassnet/TeamPass
6
https://github.com/WWBN/AVideo
6
https://github.com/backstage/backstage
6
https://github.com/opencast/opencast
6
https://github.com/froxlor/froxlor
6
https://github.com/ethereum/go-ethereum
5
https://github.com/hpcng/singularity
5
https://github.com/cilium/cilium
5
https://github.com/apache/hadoop
5
https://github.com/drupal/core
5
https://github.com/getkirby/kirby
5
https://github.com/PrestaShop/PrestaShop
5
https://github.com/directus/directus
5
https://github.com/forkcms/forkcms
5
https://github.com/composer/composer
5
https://github.com/pear/Archive_Tar
5
https://github.com/zopefoundation/Zope
5
https://github.com/geoserver/geoserver
5
https://github.com/vercel/next.js
5
https://github.com/aubio/aubio
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/gogs/gogs
5
https://github.com/answerdev/answer
5
https://github.com/docker/docker
5
https://github.com/apache/xmlgraphics-batik
5
https://github.com/traefik/traefik
5
https://github.com/codeigniter4/CodeIgniter4
5
https://github.com/cakephp/cakephp
5
https://github.com/matrix-org/matrix-js-sdk
5
https://github.com/twisted/twisted
5
https://github.com/apache/kylin
5
https://github.com/apache/dolphinscheduler
5
https://github.com/protocolbuffers/protobuf
5
https://github.com/cefsharp/CefSharp
5
https://github.com/grafana/grafana
5
https://github.com/IBAX-io/go-ibax
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/ericcornelissen/shescape
4
https://github.com/jenkinsci/workflow-cps-global-lib-plugin
4
https://github.com/playframework/playframework
4
https://github.com/containers/podman
4
https://github.com/tidwall/gjson
4
https://github.com/jettison-json/jettison
4
https://github.com/vantage6/vantage6
4
https://github.com/fiveai/Cachet
4
https://github.com/kubernetes/ingress-nginx
4
https://github.com/apache/geode
4
https://github.com/yiisoft/yii2
4
https://github.com/totaljs/framework
4
https://github.com/bolt/bolt
4
https://github.com/phpseclib/phpseclib
4
https://github.com/opencontainers/runc
4
https://github.com/apple/swift-nio-http2
4
https://github.com/scrapy/scrapy
4
https://github.com/PrismJS/prism
4
https://github.com/free5gc/free5gc
4
https://github.com/Codiad/Codiad
4
https://github.com/0xJacky/nginx-ui
4
https://github.com/hashicorp/nomad
4
https://github.com/nocodb/nocodb
4
https://github.com/containers/buildah
4
https://github.com/quarkusio/quarkus
4
https://github.com/livehelperchat/livehelperchat
4
https://github.com/baserproject/basercms
4
https://github.com/ethyca/fides
4
https://github.com/pgadmin-org/pgadmin4
4
https://github.com/wixtoolset/issues
4
https://github.com/pimcore/admin-ui-classic-bundle
4
https://github.com/cri-o/cri-o
4
https://github.com/igniterealtime/Openfire
4
https://github.com/RaspAP/raspap-webgui
4
https://github.com/ckeditor/ckeditor4
4
https://github.com/npm/cli
4
https://github.com/cloudflare/cfrpki
4
https://github.com/libp2p/go-libp2p
4
https://github.com/statamic/cms
4
https://github.com/centreon/centreon-archived
4
https://github.com/surrealdb/surrealdb
4
https://github.com/restlet/restlet-framework-java
4
https://github.com/jnqnfe/pulse-binding-rust
4
https://github.com/Froxlor/Froxlor
4
https://github.com/nightcloudos/new_cms
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/ezsystems/ezpublish-legacy
4
https://github.com/jeecgboot/jeecg-boot
4
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/dpgaspar/Flask-AppBuilder
3
https://github.com/phusion/passenger
3
https://github.com/grpc/grpc
3
https://github.com/jupyterhub/oauthenticator
3
https://gitlab.com/edneville/please
3
https://github.com/edgelesssys/constellation
3