Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Low Security Advisories
Loading...
Low
Ecosystems: cargo
Packages: cosmwasm-std
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 2 days ago
GSA_kwCzR0hTQS04NzI0LTV4bW0tdzV4cc4AA7R_
CosmWasm affected by arithmetic overflowsEcosystems: cargo
Packages: cosmwasm-std
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 2 days ago
Low
Ecosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 4 days ago
GSA_kwCzR0hTQS1weGh3LTU5NnItcndxNc4AA7Ph
Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission pluginEcosystems: go
Packages: k8s.io/kubernetes
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: 4 days ago
Low
Ecosystems: maven
Packages: io.github.skylot:jadx-core
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: 4 days ago
GSA_kwCzR0hTQS1odnA1LTV4NGYtMzNmcc4AA7PK
JADX file override vulnerabilityEcosystems: maven
Packages: io.github.skylot:jadx-core
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: 4 days ago
Low
Ecosystems: go
Packages: github.com/authelia/authelia/v4
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 days ago
GSA_kwCzR0hTQS14ODgzLTJ2bWcteHdmN84AA7PJ
Authelia's Group Changes may not have the expected results (YAML file backend)Ecosystems: go
Packages: github.com/authelia/authelia/v4
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 days ago
Low
Ecosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 days ago
GSA_kwCzR0hTQS0yM3EyLTVnZjgtZ2pwcM4AA7NN
Enabling Authentication does not close all logged in socket connections immediatelyEcosystems: npm
Packages: uptime-kuma
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 days ago
Low
Ecosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
GSA_kwCzR0hTQS02bTloLTJwcjItOWo4Zs4AA7Lw
1Panel's password verification is suspected to have a timing attack vulnerabilityEcosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
Low
Ecosystems: npm
Packages: derby
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
GSA_kwCzR0hTQS04Mmp2LTl3anctcHFoNs4AA7KU
Prototype pollution in emit functionEcosystems: npm
Packages: derby
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
Low
Ecosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
GSA_kwCzR0hTQS03ZnBqLTlocjgtMjh2aM4AA7JC
Keycloak vulnerable to impersonation via logout token exchangeEcosystems: maven
Packages: org.keycloak:keycloak-services
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 days ago
Low
Ecosystems: nuget
Packages: Microsoft.Identity.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 days ago
GSA_kwCzR0hTQS14Njc0LXY0NWotZnd4d84AA7DY
MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of serviceEcosystems: nuget
Packages: Microsoft.Identity.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 days ago
Low
Ecosystems: go
Packages: github.com/authzed/spicedb
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 16 days ago
GSA_kwCzR0hTQS1qODVxLTQ2aGctMzZwMs4AA658
SpiceDB: LookupSubjects may return partial results if a specific kind of relation is usedEcosystems: go
Packages: github.com/authzed/spicedb
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 16 days ago
Low
Ecosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: 16 days ago
GSA_kwCzR0hTQS0zN3E1LXY1cW0tYzl2OM4AA649
Transformers Deserialization of Untrusted Data vulnerabilityEcosystems: pypi
Packages: transformers
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: 16 days ago
Low
Ecosystems: go
Packages: github.com/kopia/kopia
Source: GitHub Advisory Database
Blast Radius: 3.2
Published: 16 days ago
GSA_kwCzR0hTQS1qNXZtLTdxY2MtMnd3Z84AA63w
Kopia: Storage connection credentials written to console on "repository status" CLI command with JSON outputEcosystems: go
Packages: github.com/kopia/kopia
Source: GitHub Advisory Database
Blast Radius: 3.2
Published: 16 days ago
Low
Ecosystems: packagist
Packages: contao/core-bundle
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 17 days ago
GSA_kwCzR0hTQS03NDd2LTUyYzQtOHZqOM4AA6y7
Contao: Unencoded insert tags in the frontendEcosystems: packagist
Packages: contao/core-bundle
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 17 days ago
Low
Ecosystems: maven
Packages: com.xuxueli:xxl-job-core
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 20 days ago
GSA_kwCzR0hTQS0ydjQyLXhwM2otNDdtNM4AA6rp
Xuxueli xxl-job template injection vulnerabilityEcosystems: maven
Packages: com.xuxueli:xxl-job-core
Source: GitHub Advisory Database
Blast Radius: 11.0
Published: 20 days ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 21 days ago
GSA_kwCzR0hTQS14cDlqLThwNjgtOXE5M84AA6p2
Mattermost Server Improper Access ControlEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 21 days ago
Low
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: 22 days ago
GSA_kwCzR0hTQS05cXhyLXFqNTQtaDY3Ms4AA6o2
Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrectEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: 22 days ago
Low
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 22 days ago
GSA_kwCzR0hTQS1tNHY4LXdxdnItcDlmN84AA6o1
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipelineEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 22 days ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 23 days ago
GSA_kwCzR0hTQS1xZ205LXJ4bXEtanhtcc4AA6nk
Concrete CMS Stored XSS in the Search FieldEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 23 days ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: 23 days ago
GSA_kwCzR0hTQS1wajQyLXI2NGYtNHhmcc4AA6ng
Concrete CMS Stored XSS on the calendar color settings screenEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: 23 days ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 23 days ago
GSA_kwCzR0hTQS1yN3E0LWN3OXItdmhwNM4AA6nj
Concrete CMS Stored XSS in the Custom Class page editingEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 23 days ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 23 days ago
GSA_kwCzR0hTQS05cWhjLXBnNmotd2YyM84AA6nm
Concrete CMS Stored XSS in blocks of type fileEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 23 days ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 23 days ago
GSA_kwCzR0hTQS14d3JoLXF4bWMteDhjOM4AA6ni
Concrete CMS Cross-site Scripting (XSS) in the Advanced File Search FilterEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 23 days ago
Low
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 24 days ago
GSA_kwCzR0hTQS03NWhxLWg2ZzktaDRxNc4AA6jC
Wasmtime vulnerable to panic when using a dropped extenref-typed element segmentEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 11.2
Published: 24 days ago
Low
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 25 days ago
GSA_kwCzR0hTQS1yMzJnLXc5Y3YtOWZnY84AA6g_
RosarioSIS cross site scripting vulnerabilityEcosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 25 days ago
Low
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 1 month ago
GSA_kwCzR0hTQS1tNzMyLXd2aDItN2NxNM4AA6R7
Unauthenticated views may expose information to anonymous usersEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 1 month ago
Low
Ecosystems: packagist
Packages: phpmyfaq/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 1 month ago
GSA_kwCzR0hTQS1tbWg2LTVjcGYtMmM3Ms4AA6RR
phpMyFAQ Path Traversal in AttachmentsEcosystems: packagist
Packages: phpmyfaq/phpmyfaq
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 1 month ago
Low
Ecosystems: nuget
Packages: UmbracoCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS01NTJmLTk3d2YtcG1wcc4AA6LG
Umbraco possible user enumerationEcosystems: nuget
Packages: UmbracoCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Low
Ecosystems: pypi
Packages: qiskit-ibm-runtime
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: about 1 month ago
GSA_kwCzR0hTQS1jcTk2LTk5NzQtdjhobc4AA6LE
Dynamic Variable Evaluation in qiskit-ibm-runtimeEcosystems: pypi
Packages: qiskit-ibm-runtime
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: about 1 month ago
Low
Ecosystems: packagist
Packages: ilicmiljan/secure-props
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS1yajI5LWoyZzQtNzdxOM4AA6Gr
[TagAwareCipher] - Decryption Failure (Regex Match)Ecosystems: packagist
Packages: ilicmiljan/secure-props
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Low
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS12bThxLW01N2ctcGZmM84AA6CU
Regular expression denial-of-service in DjangoEcosystems: pypi
Packages: django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Low
Ecosystems: pypi
Packages: fgr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS04NzlwLThndzQtbWNwd84AA6CK
fgr Vulnerable to Insecure Default Variable InitializationEcosystems: pypi
Packages: fgr
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Low
Ecosystems: cargo
Packages: quiche
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 1 month ago
GSA_kwCzR0hTQS14aGc5LXh3Y2gtdnI3eM4AA585
quiche vulnerable to unbounded storage of information related to connection ID retirementEcosystems: cargo
Packages: quiche
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 1 month ago
Low
Ecosystems: maven
Packages: io.quarkus:quarkus-kubernetes-deployment
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: about 1 month ago
GSA_kwCzR0hTQS03Zzk3LTdyM2MtNWNjNs4AA58e
In Quarkus, git credentials could be inadvertently publishedEcosystems: maven
Packages: io.quarkus:quarkus-kubernetes-deployment
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: about 1 month ago
Low
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: about 1 month ago
GSA_kwCzR0hTQS0yY2NyLWcycnYtaDY3N84AA571
Session Token in URL in directusEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: about 1 month ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.9
Published: about 2 months ago
GSA_kwCzR0hTQS00bTdoLTM0eG0tNHdqds4AA5xy
Concrete CMS Stored Cross-site Scripting vulnerabilityEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.9
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: langchain-core, langchain
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1oNTl4LXA3MzktOTgyY84AA5ue
LangChain directory traversal vulnerabilityEcosystems: pypi
Packages: langchain-core, langchain
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: npm
Packages: @sentry/react-native
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS02OGMyLTRtcHgtcWg5Nc4AA5rz
Potential leakage of Sentry auth tokens by React Native SDK with Expo pluginEcosystems: npm
Packages: @sentry/react-native
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS05dng2LTd4eGYteDk2N84AA5qR
OpenZeppelin Contracts base64 encoding may read from potentially dirty memoryEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS0zZzM1LXY1M3ItZ3B4Y84AA5qJ
Mattermost race conditionEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1yNGZtLWc2NWgtY3I1NM4AA5qG
Mattermost incorrectly allows access individual postsEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS14Z3hqLWo5OGMtNTlyds4AA5p6
Mattermost fails to properly restrict the access of files attached to postsEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: about 2 months ago
GSA_kwCzR0hTQS0zaHJyLXh3dmctaHh2cs4AA5pB
Keycloak DoS via account lockoutEcosystems: maven
Packages: org.keycloak:keycloak-core
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: about 2 months ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: about 2 months ago
GSA_kwCzR0hTQS05eHh2LXE2cHAtOTZ3cc4AA5mo
Concrete CMS Stored XSSEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: about 2 months ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS0yMmYyLXY1N2MtajljeM4AA5mE
Rack vulnerable to ReDoS in content type parsing (2nd degree polynomial)Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS14ajV2LTZ2NGctamZ3Ns4AA5mD
Rack has possible DoS Vulnerability with Range HeaderEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS01NHJyLTdmdnctNng4Zs4AA5mC
Rack Header Parsing leads to Possible Denial of Service VulnerabilityEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: go
Packages: github.com/cometbft/cometbft
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS01NTVwLW00djYtY3F4ds4AA5lr
ASA-2024-004: Default configuration param for Evidence may limit window of validityEcosystems: go
Packages: github.com/cometbft/cometbft
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: go
Packages: github.com/cosmos/cosmos-sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS04Nmg1LXhjcHgtY2ZxY84AA5jS
ASA-2024-005: Potential slashing evasion during re-delegationEcosystems: go
Packages: github.com/cosmos/cosmos-sdk
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1qamh4LWpodnAtNzR3cc4AA5jN
Rails has possible ReDoS vulnerability in Accept header parsing in Action DispatchEcosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: about 2 months ago
GSA_kwCzR0hTQS00aHdxLTRjcG0tOHZteM4AA5gr
Vyper's `extract32` can ready dirty memoryEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: about 2 months ago
GSA_kwCzR0hTQS05cDhyLTR4cDQtZ3c1d84AA5gq
Vyper's `_abi_decode` vulnerable to Memory OverflowEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: pypop-genomics
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
GSA_kwCzR0hTQS1wNG01LTMycHItMmhxcs4AA5gm
PyPop C extensions possible vulnerability: missing arguments and redundant null pointersEcosystems: pypi
Packages: pypop-genomics
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 months ago
Low
Ecosystems: npm
Packages: es5-ext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS00Z21qLTNwM2gtZ204aM4AA5gl
es5-ext vulnerable to Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`Ecosystems: npm
Packages: es5-ext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: about 2 months ago
GSA_kwCzR0hTQS1xcHhtLTY4OXItMzg0Oc4AA5gL
Apache Camel data exposure vulnerabilityEcosystems: maven
Packages: org.apache.camel:camel-core
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: about 2 months ago
Low
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: about 2 months ago
GSA_kwCzR0hTQS1oOWo3LTV4dmMtcWhnNc4AA5fj
langchain Server-Side Request Forgery vulnerabilityEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 15.8
Published: about 2 months ago
Low
Ecosystems: rubygems
Packages: decidim
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 2 months ago
GSA_kwCzR0hTQS1yMjc1LWo1N2MtN21mMs4AA5ZI
Race condition in EndorsementsEcosystems: rubygems
Packages: decidim
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 2 months ago
Low
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 5.0
Published: 2 months ago
GSA_kwCzR0hTQS05cjI2LTV3ODgtcWhwOc4AA5X0
Authorization Bypass in moodleEcosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 5.0
Published: 2 months ago
Low
Ecosystems: maven
Packages: org.openjfx:javafx-media
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: 2 months ago
GSA_kwCzR0hTQS00N2czLW1mMjQtNjU1Oc4AA5WN
Vulnerability affecting the org.openjfx:javafx-media maven component of the OpenJFX projectEcosystems: maven
Packages: org.openjfx:javafx-media
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: 2 months ago
Low
Ecosystems: pypi
Packages: tuf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS03N2hoLTQzY20tdjhqNs4AA5V2
tuf's Metadata API: Targets.get_delegated_role() is missing input validationEcosystems: pypi
Packages: tuf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Low
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 2 months ago
GSA_kwCzR0hTQS0zNzg3LTZwcnYtaDl3M84AA5Vg
Undici proxy-authorization header not cleared on cross-origin redirect in fetchEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 2 months ago
Low
Ecosystems: npm
Packages: @lambda-middleware/json-deserializer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
GSA_kwCzR0hTQS1tM2Y0LTk1N3gtbTc4Nc4AA5OZ
lambda-middleware Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: @lambda-middleware/json-deserializer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: 3 months ago
GSA_kwCzR0hTQS05djN3LWNqN20tcWg1Z84AA5MU
Concrete CMS vulnerable to reflected XSS via the Image URL Import FeatureEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: 3 months ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: 3 months ago
GSA_kwCzR0hTQS1tZ3A2LWo2NTgtdmN3Oc4AA5MT
Concrete CMS vulnerable to stored XSS in file tags and description attributesEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: 3 months ago
Low
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: 3 months ago
GSA_kwCzR0hTQS1xMjVoLWpjaDgtZ2ZycM4AA5MS
Concrete CMS vulnerable to stored XSS via the Role Name fieldEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 1.7
Published: 3 months ago
Low
Ecosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS00d3h3LTQyd3gtMndmeM4AA5MP
Apache Solr Schema Designer blindly "trusts" all configsetsEcosystems: maven
Packages: org.apache.solr:solr-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: maven
Packages: org.apache.solr:solr-solrj, org.apache.solr:solr-solrj-streaming
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS14cmo3LXg3Z3Atd3dxcs4AA5MN
Apache Solr's Streaming Expressions allow users to extract data from other Solr CloudsEcosystems: maven
Packages: org.apache.solr:solr-solrj, org.apache.solr:solr-solrj-streaming
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: pypi
Packages: vng-api-common-utrecht, vng-api-common, commonground-api-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1jNGNtLXI5ZmgtamdqOc4AA5ML
commonground-api-common unexploitable privilege escalation in JWT authentication middlewareEcosystems: pypi
Packages: vng-api-common-utrecht, vng-api-common, commonground-api-common
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost-plugin-jira
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1xcjhmLWNqdzctODM4bc4AA5L-
Mattermost Jira Plugin does not properly check security levelsEcosystems: go
Packages: github.com/mattermost/mattermost-plugin-jira
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1yODMzLXc3NTYtaDVwMs4AA5L7
Mattermost fails to check the required permissionsEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost-plugin-jira
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS00ZnA2LTU3NHAtZmMzNc4AA5L6
Mattermost Jira Plugin vulnerable to Cross-Site Request ForgeryEcosystems: go
Packages: github.com/mattermost/mattermost-plugin-jira
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: packagist
Packages: sulu/sulu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1nZnJoLWd3cWMtNjNjds4AA5El
Sulu HTML Injection via Autocomplete SuggestionEcosystems: packagist
Packages: sulu/sulu
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 3 months ago
GSA_kwCzR0hTQS02ODQ1LXh3MjItZmZ4ds4AA5Ef
Vyper sha3 codegen bugEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 3 months ago
Low
Ecosystems: npm
Packages: zmarkdown
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1tcTZ2LXczNWctM2M5N84AA5C1
Local File Inclusion vulnerability in zmarkdownEcosystems: npm
Packages: zmarkdown
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: go
Packages: go.etcd.io/etcd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS12amc2LTkzZnYtcXY2NM4AA5Co
Etcd auth Inaccurate logging of authentication attempts for users with CN-based auth onlyEcosystems: go
Packages: go.etcd.io/etcd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: go
Packages: go.etcd.io/etcd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS1wbTNtLTMycjMtN21maM4AA5Cn
Etcd embed auto compaction retention negative value causing a compaction loop or a crashEcosystems: go
Packages: go.etcd.io/etcd
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: go
Packages: go.etcd.io/etcd/client/pkg/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS01eDRnLXE1cmMtMzZqcM4AA5Cl
Etcd pkg Insecure ciphers are allowed by defaultEcosystems: go
Packages: go.etcd.io/etcd/client/pkg/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS1wcjM5LTgyNTctZnhjMs4AA5Ci
Nervos CKB DoS: Process exists when p2p discovery protocol receives unsupported peer IPEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Low
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 3 months ago
GSA_kwCzR0hTQS1ncDN3LTJ2Mm0tcDY4Ns4AA5Bo
Vyper's external calls can overflow return data to return input bufferEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 8.8
Published: 3 months ago
Low
Ecosystems: packagist
Packages: bref/bref
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 3 months ago
GSA_kwCzR0hTQS04MnZ4LW1tNnItZ2c4d84AA4_5
Bref vulnerable to Body Parsing Inconsistency in Event-Driven FunctionsEcosystems: packagist
Packages: bref/bref
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 3 months ago
Low
Ecosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 3 months ago
GSA_kwCzR0hTQS1oODRxLW04cnItM3Y5cc4AA4-6
wasmtime_trap_code C API function has out of bounds write vulnerabilityEcosystems: cargo
Packages: wasmtime
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 3 months ago
Low
Ecosystems: maven
Packages: org.springframework.cloud:spring-cloud-contract-shade
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: 3 months ago
GSA_kwCzR0hTQS1wNnJwLW14ODUtbTQ1Oc4AA49f
Spring Cloud Contract vulnerable to local information disclosureEcosystems: maven
Packages: org.springframework.cloud:spring-cloud-contract-shade
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: 3 months ago
Low
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: 3 months ago
GSA_kwCzR0hTQS1yam12LTUybXAtZ2pycs4AA480
vantage6 may create unencrypted tasks in encrypted collaborationEcosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: 3 months ago
Low
Ecosystems: pypi
Packages: vantage6-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS00NWdxLXE0eGgtY3A1M84AA48y
vantage6 vulnerable to username timing attackEcosystems: pypi
Packages: vantage6-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: maven
Packages: io.jenkins.plugins:gitlab-branch-source
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS1mNjdmLTJqNnItbTRjOc4AA4q0
Non-constant time webhook token comparison in Jenkins GitLab Branch Source PluginEcosystems: maven
Packages: io.jenkins.plugins:gitlab-branch-source
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Low
Ecosystems: pypi
Packages: changedetection-io, changedetection.io
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS1oY3ZwLTJjYzctanJ3cs4AA4oO
changedetection.io API endpoint is not secured with API tokenEcosystems: pypi
Packages: changedetection-io, changedetection.io
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Low
Ecosystems: cargo
Packages: ferris-says
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS12MzYzLXJyZjItNWZtas4AA4ig
ferris-says has undefined behavior when not using UTF-8Ecosystems: cargo
Packages: ferris-says
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: cargo
Packages: ursa, anoncreds-clsignatures
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: 3 months ago
GSA_kwCzR0hTQS0ycTZqLWdxYzQtNGd3M84AA4gE
Breaking unlinkability in Identity Mixer using malicious keysEcosystems: cargo
Packages: ursa, anoncreds-clsignatures
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: 3 months ago
Low
Ecosystems: pypi
Packages: streamlit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS04cXc5LWdmN3ctNDJ4Nc4AA4a1
Minor fix to previous patch for CVE-2022-35918Ecosystems: pypi
Packages: streamlit
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Low
Ecosystems: pypi
Packages: case-utils, cdo-local-uuid
Source: GitHub Advisory Database
Blast Radius: 0.7
Published: 4 months ago
GSA_kwCzR0hTQS1yZ3JmLTZtZjUtbTg4Ms4AA4Yr
cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration codeEcosystems: pypi
Packages: case-utils, cdo-local-uuid
Source: GitHub Advisory Database
Blast Radius: 0.7
Published: 4 months ago
Low
Ecosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1mODk5LTRtcjQtZnFwds4AA4Uf
Apache Answer Race Condition vulnerabilityEcosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: flarum/framework, flarum/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS03MzNyLTh4Y3Atdzltcs4AA4N5
Flarum's logout Route allows open redirectsEcosystems: packagist
Packages: flarum/framework, flarum/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Low
Ecosystems: go
Packages: github.com/karmada-io/karmada
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS03eGcyLTgzZjgtMzltcs4AA4Lf
The DES/3DES cipher was used as part of the TLS protocol by installation toolsEcosystems: go
Packages: github.com/karmada-io/karmada
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: gilacms/gila
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS0zcGZqLWc0d3ItcWozas4AA4J-
Gila CMS SQL Injection vulnerabilityEcosystems: packagist
Packages: gilacms/gila
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: gilacms/gila
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS00dmY2LTJybXgtZmdxeM4AA4KC
Gila CMS SQL Injection vulnerabilityEcosystems: packagist
Packages: gilacms/gila
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: winter/wn-backend-module
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: 4 months ago
GSA_kwCzR0hTQS0yeDdyLTkzd3ctY3hycc4AA4Je
Winter CMS Local File Inclusion through Server Side Template InjectionEcosystems: packagist
Packages: winter/wn-backend-module
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: 4 months ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS05dzk3LTlycXgtOHY0as4AA4Jd
Mattermost allows demoted guests to change group namesEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Low
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1oM2dxLWo3cDkteDNwNM4AA4Gf
Mattermost Cross-site Scripting vulnerabilityEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Low
Ecosystems: packagist
Packages: winter/wn-backend-module
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 4 months ago
GSA_kwCzR0hTQS00M3c0LTRqM2MtangyOc4AA4EN
Winter CMS Stored XSS through Backend ColorPicker FormWidgetEcosystems: packagist
Packages: winter/wn-backend-module
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 4 months ago
Low
Ecosystems: packagist
Packages: winter/wn-system-module
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 4 months ago
GSA_kwCzR0hTQS00d3Z3LTc1cWgtZnFqcM4AA4EM
Winter CMS Stored XSS through privileged upload of Media Manager file followed by renamingEcosystems: packagist
Packages: winter/wn-system-module
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: 4 months ago
Low
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 4 months ago
GSA_kwCzR0hTQS12ZjVtLXhyaG0tdjk5Oc4AA4AF
Nautobot missing object-level permissions enforcement when running Job ButtonsEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 4 months ago
Statistics
Advisories: 18,139
Packages: 8,241
Repositories: 430
Ecosystems: 12
Packages: 8,241
Repositories: 430
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
109
tensorflow-gpu
93
tensorflow-cpu
93
moodle/moodle
17
concrete5/concrete5
13
shopware/platform
12
typo3/cms
11
github.com/mattermost/mattermost/server/v8
10
shopware/core
10
phpmyadmin/phpmyadmin
10
org.apache.tomcat:tomcat
9
org.jenkins-ci.main:jenkins-core
9
vyper
7
matrix-synapse
7
Umbraco.CMS
6
rack
6
puppet
6
ansible
5
helm.sh/helm/v3
5
k8s.io/kubernetes
5
october/backend
5
wasmtime
5
baserproject/basercms
5
sweetalert2
5
undici
5
simplesamlphp/simplesamlphp
4
com.vaadin:flow-server
4
org.keycloak:keycloak-services
4
actionpack
4
helm.sh/helm
4
github.com/mattermost/mattermost-server/v6
4
github.com/cilium/cilium
4
typo3/cms-core
4
magento/community-edition
4
electron
4
shopware/shopware
4
@openzeppelin/contracts-upgradeable
3
github.com/cosmos/cosmos-sdk
3
go.etcd.io/etcd
3
org.graylog2:graylog2-server
3
ethyca-fides
3
nautobot
3
passenger
3
com.vaadin:vaadin-bom
3
bin-links
3
ckb
3
plone
3
org.apache.hive:hive-service
3
node-forge
3
symfony/symfony
3
org.apache.hive:hive-exec
3
org.apache.hive:hive
3
cryptography
3
typo3/cms-frontend
2
github.com/answerdev/answer
2
github.com/ntbosscher/gobase
2
github.com/authzed/spicedb
2
cargo
2
gilacms/gila
2
Zope
2
Pillow
2
s2n-quic
2
github.com/hashicorp/nomad
2
craftcms/cms
2
org.jenkins-ci.plugins:repository-connector
2
org.jenkins-ci.plugins:ec2
2
tools.devnull:build-notifications
2
pip
2
langchain
2
org.jenkins-ci.plugins:mercurial
2
github.com/cometbft/cometbft
2
org.jenkins-ci.plugins:azure-ad
2
node-ipc
2
tuf
2
com.ruoyi:ruoyi
2
Flask-Security-Too
2
parse-server
2
microweber/microweber
2
silverstripe/framework
2
braces
2
winter/wn-backend-module
2
org.jenkins-ci.plugins:bigpanda-jenkins
2
org.xwiki.platform:xwiki-platform-oldcore
2
symfony/security-http
2
@apollo/server
2
OctoPrint
2
org.jenkins-ci.plugins:wso2id-oauth
2
october/cms
2
grumpydictator/firefly-iii
2
org.apache.activemq:activemq-parent
2
org.eclipse.jetty:jetty-server
2
activesupport
2
aiohttp
2
ezsystems/ezpublish-kernel
2
ezsystems/ezplatform-kernel
2
typo3/cms-install
2
Flask-AppBuilder
2
github.com/mutagen-io/mutagen
2
@openzeppelin/contracts
2
github.com/mattermost/mattermost-plugin-jira
2
org.jenkins-ci.plugins:artifactory
2
wagtail
2
github.com/opencontainers/runc
2
django
2
sylius/sylius
2
vantage6
2
httplib2
2
go.etcd.io/etcd/client/v3
2
flarum/core
2
next-auth
2
com.inedo.proget:inedo-proget
2
github.com/sigstore/cosign
2
org.wiremock:wiremock-standalone
1
rabbit_common
1
@liquity/contracts
1
github.com/Masterminds/goutils
1
hyper
1
org.xwiki.platform:xwiki-platform-security-authentication-script
1
org.scala-sbt:io_2.12
1
org.scala-sbt:sbt
1
org.keycloak:keycloak-core
1
org.jenkins-ci.plugins:openshift-deployer
1
@diez/generation
1
horizon
1
org.scala-sbt:io_2.13
1
github.com/oauth2-proxy/oauth2-proxy
1
github.com/oauth2-proxy/oauth2-proxy/v7
1
org.scala-sbt:io_3
1
org.jenkins-ci.plugins:snsnotify
1
io.swagger:swagger-codegen
1
github.com/nats-io/nats-server/v2
1
io.quarkus.resteasy.reactive:resteasy-reactive-common
1
io.jenkins.plugins:tuleap-oauth
1
wiremock
1
zod
1
com.github.tomakehurst:wiremock-jre8-standalone
1
com.github.tomakehurst:wiremock-jre8
1
org.jenkins-ci.plugins:qmetry-for-jira-test-management
1
org.wiremock:wiremock
1
shescape
1
es5-ext
1
org.jenkins-ci.plugins:reverse-proxy-auth-plugin
1
flarum/framework
1
Werkzeug
1
django-basic-auth-ip-whitelist
1
qutebrowser
1
automad/automad
1
mindspore
1
go.elastic.co/apm
1
kafo
1
net.sf.mpxj:mpxj
1
net.sf.mpxj
1
net.sf.mpxj-for-csharp
1
net.sf.mpxj-for-vb
1
mpxj
1
keylime
1
zerocopy
1
francoisjacquet/rosariosis
1
@node-red/runtime
1
org.springframework.cloud:spring-cloud-contract-shade
1
io.jenkins.plugins:frugal-testing
1
fastify-http-proxy
1
org.jenkins-ci.plugins:synopsys-coverity
1
contao/core-bundle
1
basti-cdk
1
io.jenkins.plugins:gitlab-branch-source
1
keystone
1
org.springframework.batch:spring-batch-core
1
org.jenkins-ci.plugins:ghprb
1
com.xuxueli:xxl-job-core
1
virtualenv
1
com.typesafe.play:play
1
ember-source
1
@aedart/support
1
streamlit
1
markdown-link-extractor
1
github.com/flyteorg/flyteadmin
1
plone.restapi
1
datasette-graphql
1
org.keycloak:keycloak-server-spi-private
1
spina
1
admidio/admidio
1
phpmyfaq/phpmyfaq
1
solidus_backend
1
debug
1
org.keycloak:keycloak-parent
1
github.com/consensys/gnark-crypto
1
github.com/tendermint/tendermint
1
github.com/aws/aws-sdk-go
1
github.com/goharbor/harbor
1
croogo/croogo
1
@floffah/build
1
RPLY
1
seneca
1
hooka-tools
1
github.com/canonical/lxd
1
njwt
1
ascii-art
1
merge-objects
1
bigint-money
1
Filter by Repository
https://github.com/tensorflow/tensorflow
109
https://github.com/moodle/moodle
17
https://github.com/concretecms/concretecms
13
https://github.com/shopware/platform
12
https://github.com/etcd-io/etcd
8
https://github.com/vyperlang/vyper
7
https://github.com/phpmyadmin/phpmyadmin
7
https://github.com/matrix-org/synapse
7
https://github.com/octobercms/october
7
https://github.com/umbraco/Umbraco-CMS
7
https://github.com/eclipse/jetty.project
7
https://github.com/rack/rack
6
https://github.com/rails/rails
6
https://github.com/jenkinsci/jenkins
5
https://github.com/helm/helm
5
https://github.com/ansible/ansible
5
https://github.com/baserproject/basercms
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/nodejs/undici
5
https://github.com/xwiki/xwiki-platform
5
https://github.com/puppetlabs/puppet
5
https://github.com/bytecodealliance/wasmtime
5
https://github.com/keycloak/keycloak
5
https://github.com/kubernetes/kubernetes
5
https://github.com/wintercms/winter
4
https://github.com/simplesamlphp/simplesamlphp
4
https://github.com/cilium/cilium
4
https://github.com/apache/tomcat
4
https://github.com/TYPO3/typo3
4
https://github.com/electron/electron
4
https://github.com/vaadin/platform
4
https://github.com/shopware/shopware
4
https://github.com/ethyca/fides
3
https://github.com/CVEProject/cvelist
3
https://github.com/cosmos/cosmos-sdk
3
https://github.com/vaadin/flow
3
https://github.com/vantage6/vantage6
3
https://github.com/phusion/passenger
3
https://github.com/Graylog2/graylog2-server
3
https://github.com/nautobot/nautobot
3
https://github.com/pyca/cryptography
3
https://github.com/digitalbazaar/forge
3
https://github.com/nervosnetwork/ckb
3
https://github.com/symfony/symfony
3
https://github.com/hashicorp/nomad
2
https://github.com/TYPO3/TYPO3.CMS
2
https://github.com/Flask-Middleware/flask-security
2
https://github.com/Sylius/Sylius
2
https://github.com/openstack/keystone
2
https://github.com/aio-libs/aiohttp
2
https://github.com/nextauthjs/next-auth
2
https://github.com/RIAEvangelist/node-ipc
2
https://github.com/answerdev/answer
2
https://github.com/mutagen-io/mutagen
2
https://github.com/apache/activemq
2
https://github.com/microweber/microweber
2
https://github.com/GilaCMS/gila
2
https://github.com/apollographql/apollo-server
2
https://github.com/cometbft/cometbft
2
https://github.com/ntbosscher/gobase
2
https://github.com/wagtail/wagtail
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://gitlab.com/sequoia-pgp/sequoia
2
https://github.com/opencontainers/runc
2
https://github.com/jenkinsci/ec2-plugin
2
https://github.com/ezsystems/ezplatform-kernel
2
https://github.com/mattermost/mattermost-plugin-jira
2
https://github.com/dpgaspar/Flask-AppBuilder
2
https://github.com/opencontainers/distribution-spec
2
https://github.com/httplib2/httplib2
2
https://github.com/craftcms/cms
2
https://github.com/authzed/spicedb
2
https://github.com/micromatch/braces
2
https://github.com/pypa/pip
2
https://github.com/quarkusio/quarkus
2
https://github.com/octoprint/octoprint
2
https://github.com/firefly-iii/firefly-iii
2
https://github.com/flarum/framework
2
https://github.com/zopefoundation/Zope
2
https://github.com/sigstore/cosign
2
https://github.com/theupdateframework/python-tuf
2
https://github.com/rust-lang/cargo
2
https://github.com/parse-community/parse-server
2
https://github.com/aws/s2n-quic
2
https://github.com/Azure/setup-kubectl
1
https://github.com/cloudfoundry/uaa
1
https://github.com/directus/directus
1
https://github.com/swagger-api/swagger-codegen
1
https://github.com/skylot/jadx
1
https://github.com/knative-extensions/eventing-github
1
https://github.com/dojo/dijit
1
https://github.com/Masterminds/goutils
1
https://github.com/vega/vega
1
https://github.com/joeferner/redis-commander
1
https://github.com/keylime/keylime
1
https://github.com/plone/Products.CMFPlone
1
https://github.com/jenkinsci/repo-plugin
1
https://github.com/BohdanPetryshyn/basti
1
https://github.com/Archomeda/Gw2Sharp
1
https://github.com/jenkinsci/azure-ad-plugin
1
https://github.com/jenkinsci/mercurial-plugin
1
https://github.com/canonical/lxd
1
https://github.com/http4s/http4s
1
https://github.com/admidio/admidio
1
https://github.com/google/zerocopy
1
https://github.com/ezsystems/ezpublish-kernel
1
https://github.com/tinymce/tinymce
1
https://github.com/spring-projects/spring-data-rest
1
https://github.com/NVIDIA/NeMo
1
https://github.com/vapor/postgres-nio
1
https://github.com/Twipped/ircdkit
1
https://github.com/jquery-validation/jquery-validation
1
https://github.com/spinacms/spina
1
https://github.com/kitabisa/teler
1
https://github.com/endojs/endo
1
https://github.com/jeremylong/DependencyCheck
1
https://github.com/puma/puma
1
https://github.com/derbyjs/derby
1
https://github.com/tauri-apps/tauri
1
https://github.com/node-red/node-red
1
https://github.com/ubernostrum/django-registration
1
https://github.com/personnummer/php
1
https://github.com/openjdk/jfx
1
https://github.com/livehelperchat/livehelperchat
1
https://github.com/CosmWasm/cosmwasm
1
https://github.com/croogo/croogo
1
https://github.com/cjvnjde/google-translate-api-browser
1
https://github.com/theupdateframework/go-tuf
1
https://github.com/jenkinsci/digitalocean-plugin
1
https://github.com/zowe/imperative
1
https://github.com/decidim/decidim
1
https://github.com/simplegeo/python-oauth2
1
https://github.com/fastify/fastify-http-proxy
1
https://github.com/brefphp/bref
1
https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID
1
https://github.com/jenkinsci/qmetry-for-jira-test-management-plugin
1
https://github.com/python-imaging/Pillow
1
https://github.com/electron-userland/electron-packager
1
https://github.com/jenkinsci/email-ext-plugin
1
https://github.com/medikoo/es5-ext
1
https://github.com/ktorio/ktor
1
https://github.com/PrestaShop/productcomments
1
https://github.com/mlflow/mlflow
1
https://github.com/kopia/kopia
1
https://github.com/rails/globalid
1
https://github.com/moq/moq
1
https://github.com/sparklemotion/sqlite3-ruby
1
https://github.com/memorysafety/sudo-rs
1
https://github.com/ericcornelissen/shescape
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/tailscale/tailscale
1
https://github.com/Nebulosus/shamir
1
https://github.com/xuxueli/xxl-job
1
https://github.com/yourls/yourls
1
https://github.com/bbatsov/rubocop
1
https://github.com/dan1hc/fgr
1
https://github.com/jenkinsci/github-plugin
1
https://github.com/kiwitcms/Kiwi
1
https://github.com/gradle/gradle
1
https://gitlab.com/edneville/please
1
https://github.com/octokit/octopoller.rb
1
https://github.com/disintegration/imaging
1
https://github.com/node-js-libs/cli
1
https://github.com/Brondahl/EnumStringValues
1
https://github.com/visionmedia/debug
1
https://github.com/line/armeria
1
https://github.com/alex/rply
1
https://github.com/jaraco/keyring
1
https://github.com/waycrate/swhkd
1
https://github.com/jenkinsci/git-client-plugin
1
https://github.com/personnummer/go
1
https://github.com/amundsen-io/amundsenfrontendlibrary
1
https://github.com/elastic/apm-agent-go
1
https://github.com/jenkinsci/resource-disposer-plugin
1
https://github.com/zopefoundation/Products.GenericSetup
1
https://github.com/npm/npm
1
https://github.com/triaxtec/openapi-python-client
1
https://github.com/arguiot/EyeJS
1
https://github.com/openstack/nova
1
https://github.com/jenkinsci/gitlab-plugin
1
https://github.com/impredicative/bitlyshortener
1
https://github.com/aedart/ion
1
https://github.com/jenkinsci/parameterized-remote-trigger-plugin
1
https://github.com/elastic/apm-agent-dotnet
1
https://github.com/tendermint/tendermint
1
https://github.com/go-gitea/gitea
1
https://github.com/jenkinsci/ssh-agent-plugin
1
https://github.com/MicrochipTech/cryptoauthlib
1
https://github.com/oauth2-proxy/oauth2-proxy
1
https://github.com/octokit/octokit.rb
1
https://github.com/jenkinsci/inedo-buildmaster-plugin
1
https://github.com/karmada-io/karmada
1
https://github.com/python-pillow/Pillow
1
https://github.com/bcgit/bc-java
1
https://github.com/tokio-rs/tokio
1
https://github.com/senchalabs/connect
1
https://github.com/personnummer/js
1
https://github.com/erelsgl/limdu
1
https://github.com/sbt/sbt
1