Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Low Security Advisories
Loading...
Low
Ecosystems: go
Packages: github.com/ntbosscher/gobase
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS00MzQ4LXgyOTItaDQzN84AAwoe
GoBase Race Condition vulnerabilityEcosystems: go
Packages: github.com/ntbosscher/gobase
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: nuget
Packages: EnumStringValues
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS12cTIzLWh3ZzctaHhyaM4AAwfq
EnumStringValues vulnerable to Uncontrolled Resource ConsumptionEcosystems: nuget
Packages: EnumStringValues
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: maven
Packages: cn.hutool:hutool-json
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1meHJjLWhnNmotNnYzeM4AAwSH
hutool-json vulnerable to memory exhaustionEcosystems: maven
Packages: cn.hutool:hutool-json
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: cargo
Packages: linux-loader
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: over 1 year ago
GSA_kwCzR0hTQS01MmgyLW0yY2YtOWpoNs4AAwRz
linux-loader reading beyond EOF could lead to infinite loopEcosystems: cargo
Packages: linux-loader
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: over 1 year ago
Low
Ecosystems: go
Packages: github.com/containers/podman/v4
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: over 1 year ago
GSA_kwCzR0hTQS1ycHJnLTR2N3EtODd2N84AAwOX
Buildah (as part of Podman) vulnerable to Path TraversalEcosystems: go
Packages: github.com/containers/podman/v4
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: over 1 year ago
Low
Ecosystems: go
Packages: github.com/traefik/traefik/v2
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oMnBoLXZobTctZzRocM4AAwNV
Traefik may display authorization header in the debug logsEcosystems: go
Packages: github.com/traefik/traefik/v2
Source: GitHub Advisory Database
Blast Radius: 6.0
Published: over 1 year ago
Low
Ecosystems: go
Packages: teler.app
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS14cjdwLThxODItODc4cc4AAwLZ
teler dashboard vulnerable to DOM-based cross-site scripting (XSS)Ecosystems: go
Packages: teler.app
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: bitlyshortener
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1nZ3JoLWdyajMtdmZ2d84AAwEF
Package discontinued because Bitly lowered the free quotaEcosystems: pypi
Packages: bitlyshortener
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: pypi, nuget, maven
Packages: mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 1 year ago
GSA_kwCzR0hTQS1qZjJwLTRncWotODQ5Z84AAwED
Temporary File Information Disclosure vulnerability in MPXJEcosystems: pypi, nuget, maven
Packages: mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 1 year ago
Low
Ecosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS04amg5LXdxcGYtcTUyY84AAwBV
sweetalert2 v8.19.1 and above contains hidden functionalityEcosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wZzk4LTZ2N2YtMnhmds4AAwBU
sweetalert2 v9.17.4 and above contains hidden functionalityEcosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS00NTdyLWNxYzgtOXZqOc4AAwBT
sweetalert2 v10.16.10 and above contains hidden functionalityEcosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xcTZoLTVnNmotcTNjbc4AAwBN
sweetalert2 v11.4.9 and above contains hidden functionalityEcosystems: npm
Packages: sweetalert2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jcXZxLWZ2aHItdjZoY84AAv_Z
`CHECK` failure in `SobolSample` via missing validationEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS14ZjgzLXE3NjUteG02bc4AAv_Y
`CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in eager modeEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: go
Packages: tailscale.com/cmd
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xY2NtLXdtY3EtcHdyNs4AAv_M
Tailscale daemon is vulnerable to information disclosure via CSRFEcosystems: go
Packages: tailscale.com/cmd
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: rubygems
Packages: dalli
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zeGc4LWNjOGYtOXd2Ms4AAv9V
Unsanitized input leading to code injection in DalliEcosystems: rubygems
Packages: dalli
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: over 1 year ago
Low
Ecosystems: go
Packages: github.com/moby/moby
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS12cDM1LTg1cTUtOWYyNc4AAv0i
Container build can leak any path on the host into the containerEcosystems: go
Packages: github.com/moby/moby
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: over 1 year ago
GSA_kwCzR0hTQS05Zm1jLTVmcTQtNWp3aM4AAvx0
HashiCorp Nomad vulnerable to Insufficient Session ExpirationEcosystems: go
Packages: github.com/hashicorp/nomad
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: over 1 year ago
Low
Ecosystems: cargo
Packages: Tauri
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: over 1 year ago
GSA_kwCzR0hTQS1xOXd2LTIybTktdmhxaM4AAvvi
Tauri Filesystem Scope can be Partially BypassedEcosystems: cargo
Packages: Tauri
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: over 1 year ago
Low
Ecosystems: rubygems
Packages: fluentd
Source: GitHub Advisory Database
Blast Radius: 10.8
Published: over 1 year ago
GSA_kwCzR0hTQS1mcHBxLW1qNzYtZnBqMs4AAvrA
fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)Ecosystems: rubygems
Packages: fluentd
Source: GitHub Advisory Database
Blast Radius: 10.8
Published: over 1 year ago
Low
Ecosystems: npm
Packages: ses
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS13aHB4LXEzcnEtdzhqY84AAve6
Hardening of TypedArrays with non-canonical numeric property names in SESEcosystems: npm
Packages: ses
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:generic-webhook-trigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS0yanh4LTJ4OTMtMnEyZs4AAvdu
Non-constant time webhook token comparison in Jenkins Generic Webhook Trigger PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:generic-webhook-trigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:gitlab-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1mOWY5LTRyNjMtNHFjY84AAvda
Non-constant time webhook token comparison in Jenkins GitLab PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:gitlab-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: maven
Packages: io.jenkins.plugins:s3explorer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tZjRwLXdqcm0tY21qcM4AAvdJ
AWS secrets displayed without masking by Jenkins S3 Explorer PluginEcosystems: maven
Packages: io.jenkins.plugins:s3explorer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: npm
Packages: csrf-csrf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qam1nLXg0NTYtdzk3Ns4AAvOC
Incorrect default cookie name and recommendationEcosystems: npm
Packages: csrf-csrf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: go
Packages: go.etcd.io/etcd/client/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS05Z3A3LTY4MzMtd3Y4Oc4AAvLw
etcd having a negative value for cluster node size results in an index out-of-bound panic during service discoveryEcosystems: go
Packages: go.etcd.io/etcd/client/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: go
Packages: go.etcd.io/etcd/client/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS01MjhqLTlyNzgtd2ZmeM4AAvLv
etcd user credentials are stored in WAL logs in plaintextEcosystems: go
Packages: go.etcd.io/etcd/client/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: go
Packages: go.etcd.io/etcd/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1oOGc5LTZndmgtNW1yY84AAvLt
etcd vulnerable to TOCTOU of gateway endpoint authenticationEcosystems: go
Packages: go.etcd.io/etcd/v3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: packagist
Packages: codeigniter4/framework
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: over 1 year ago
GSA_kwCzR0hTQS03NDVwLXI2MzctN3Z2cM4AAvLo
Codeigniter4's Secure or HttpOnly flag set in Config\Cookie is not reflected in Cookies issuedEcosystems: packagist
Packages: codeigniter4/framework
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: over 1 year ago
Low
Ecosystems: rubygems
Packages: sqlite3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tZ3Z2LTVteHAteHE2N84AAvJx
SQLite3 addresses vulnerability in packaged version of libsqliteEcosystems: rubygems
Packages: sqlite3
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
GSA_kwCzR0hTQS1qeDdjLTdtajUtOTQzOM4AAvGq
Apache Tomcat Race Condition vulnerabilityEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
Low
Ecosystems: packagist
Packages: ec-cube/ec-cube
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS13anB2LWZyZjItM3I1OM4AAvFz
EC-CUBE Directory traversal vulnerabilityEcosystems: packagist
Packages: ec-cube/ec-cube
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 1.1
Published: over 1 year ago
GSA_kwCzR0hTQS1xcTI5LTV2amgtdnh3cs4AAvFY
rdiffweb vulnerable to Improper Cleanup on Thrown ExceptionEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 1.1
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: over 1 year ago
GSA_kwCzR0hTQS00OXdtLTRmcDYtaDU5Y84AAu_E
OctoPrint vulnerable to Unrestricted Upload of File with Dangerous TypeEcosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:bigpanda-jenkins
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qN3h2LWZjNDYtaGdwZ84AAu-q
Jenkins BigPanda Notifier Plugin stores BigPanda API key unencryptedEcosystems: maven
Packages: org.jenkins-ci.plugins:bigpanda-jenkins
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cons3rt
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1mbXE5LXI0cDItODI3Ms4AAu-R
API token stored in plain text by Jenkins CONS3RT PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:cons3rt
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:bigpanda-jenkins
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1jcG01LWNxcjktN3A3Oc4AAu-U
Jenkins BigPanda Notifier Plugin Missing Password Field MaskingEcosystems: maven
Packages: org.jenkins-ci.plugins:bigpanda-jenkins
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.springframework.data:spring-data-rest-core
Source: GitHub Advisory Database
Blast Radius: 12.4
Published: over 1 year ago
GSA_kwCzR0hTQS1mdjd4LXY2N3ctY3Zxds4AAu-J
Spring Data REST can expose hidden entity attributesEcosystems: maven
Packages: org.springframework.data:spring-data-rest-core
Source: GitHub Advisory Database
Blast Radius: 12.4
Published: over 1 year ago
Low
Ecosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: over 1 year ago
GSA_kwCzR0hTQS1yNjU3LTMzdnAtZ3AyMs4AAu9-
parse-server auth adapter app ID validation can be circumventedEcosystems: npm
Packages: parse-server
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: over 1 year ago
Low
Ecosystems: cargo
Packages: personnummer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS0yOHI5LXBxNGMtd3AzY84AAu94
personnummer/rust vulnerable to Improper Input ValidationEcosystems: cargo
Packages: personnummer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: pub
Packages: personnummer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS00eGg0LXYycHEtanZobc4AAu6V
personnummer/dart vulnerable to Improper Input ValidationEcosystems: pub
Packages: personnummer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1nNDY4LXFqOGctdmNqY84AAu2P
TensorFlow vulnerable to `CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs`Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1yaDg3LXE0dmctbTQ1as4AAu2M
TensorFlow vulnerable to integer overflow in math opsEcosystems: pypi
Packages: tensorflow-gpu, tensorflow-cpu, tensorflow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: go
Packages: github.com/theupdateframework/go-tuf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zNjMzLTVoODItMzlwcc4AAu1W
Go-tuf Improperly handles multiple key IDs for the same public keys in attacker-controlled metadataEcosystems: go
Packages: github.com/theupdateframework/go-tuf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: cargo
Packages: cargo
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: over 1 year ago
GSA_kwCzR0hTQS1yZmoyLXEzaDMtaG01as4AAu1O
Cargo extracting malicious crates can corrupt arbitrary filesEcosystems: cargo
Packages: cargo
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: tuf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1yN3ZxLTY0MjUtajk0d84AAuz1
Python-TUF vulnerable to incorrect threshold signature computation for new root metadataEcosystems: pypi
Packages: tuf
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: npm
Packages: mdx-mermaid
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: over 1 year ago
GSA_kwCzR0hTQS1ydmdtLTM1anctcTYyOM4AAujy
Improper Control of Generation of Code ('Code Injection') in mdx-mermaidEcosystems: npm
Packages: mdx-mermaid
Source: GitHub Advisory Database
Blast Radius: 9.7
Published: over 1 year ago
Low
Ecosystems: npm
Packages: moment-timezone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS01Nng0LWo3cDktZmNmOc4AAui0
Command Injection in moment-timezoneEcosystems: npm
Packages: moment-timezone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.wildfly.core:wildfly-server
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 1 year ago
GSA_kwCzR0hTQS13ODhtLTI5MzYtcm14cs4AAuf5
wildfly-core allows user with access to management interface to access vault expression, retrieve item from vaultEcosystems: maven
Packages: org.wildfly.core:wildfly-server
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:collabnet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1xaDg3LTJxdmgtNWpmOM4AAuZa
RabbitMQ password stored in plain text by Jenkins CollabNet Plugins PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:collabnet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: over 1 year ago
GSA_kwCzR0hTQS01dzV4LXE5cDUtOXFnM84AAuBj
OctoPrint does not have rate limiting on the login pageEcosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: over 1 year ago
Low
Ecosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: over 1 year ago
GSA_kwCzR0hTQS1wNm1tLTI3Z3EtOXYzcM4AAt2a
next-auth before v4.10.2 and v3.29.9 leaks excessive information into logEcosystems: npm
Packages: next-auth
Source: GitHub Advisory Database
Blast Radius: 14.1
Published: over 1 year ago
Low
Ecosystems: packagist
Packages: fof/byobu
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: over 1 year ago
GSA_kwCzR0hTQS02Z2ptLTZ3ajYtNHB4Nc4AAt2Y
Byobu user preference to prevent private discussions being started are not respectedEcosystems: packagist
Packages: fof/byobu
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: almost 2 years ago
GSA_kwCzR0hTQS0zMmZmLTRnNzktdmdmY84AAtvO
Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query stringsEcosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: com.coravy.hudson.plugins.github:github
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1teGNjLTdoNW0teDU3cs4AAtsO
Jenkins GitHub plugin uses weak webhook signature functionEcosystems: maven
Packages: com.coravy.hudson.plugins.github:github
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:http_request
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0ycWg2LWhodnYtbTJ3d84AAts9
Jenkins HTTP Request Plugin stores HTTP Request passwords unencryptedEcosystems: maven
Packages: org.jenkins-ci.plugins:http_request
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1xNzY4LXg5bTYtbTlxcM4AAtkI
undici before v5.8.0 vulnerable to uncleared cookies on cross-host / cross-origin redirectEcosystems: npm
Packages: undici
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: almost 2 years ago
Low
Ecosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
GSA_kwCzR0hTQS13YzV2LXI0OHYtZzR2aM4AAtaF
Cilium host policy bypass in endpoint-routes mode with dual-stackEcosystems: go
Packages: github.com/cilium/cilium
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
Low
Ecosystems: go
Packages: github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 3.9
Published: almost 2 years ago
GSA_kwCzR0hTQS1wbWpnLTUyaDktNzJxds4AAtUK
Argo CD SSO users vulnerable to Cross-site ScriptingEcosystems: go
Packages: github.com/argoproj/argo-cd
Source: GitHub Advisory Database
Blast Radius: 3.9
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.eclipse.jetty:jetty-http
Source: GitHub Advisory Database
Blast Radius: 10.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1jajd2LTI3cGctd2Y3cc4AAtJM
Jetty invalid URI parsing may produce invalid HttpURI.authorityEcosystems: maven
Packages: org.eclipse.jetty:jetty-http
Source: GitHub Advisory Database
Blast Radius: 10.5
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: net.praqma:rqm-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tNTlxLXZncTktNzVjcs4AAtD2
Password stored in plain text by Jenkins RQM PluginEcosystems: maven
Packages: net.praqma:rqm-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:skype-notifier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ndm1yLW1wNXEtOXd2d84AAtDz
Plaintext Storage of a Password in Jenkins Skype notifier PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:skype-notifier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:elasticsearch-query
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oNWg1LW0ybWMtajJwds4AAtDK
Plaintext Storage of a Password in Jenkins Elasticsearch Query PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:elasticsearch-query
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:cisco-spark
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13cHBwLXhxZnYtNmNtN84AAtDW
Token stored in plain text by Jenkins Cisco Spark PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:cisco-spark
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:jigomerge
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oNWczLXY3MngtaGM2Zs4AAtEE
Plaintext Storage of a Password in Jenkins Jigomerge PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:jigomerge
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:hpe-network-virtualization
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zNmo4LWYzM2otdmp3cc4AAtDk
Passwords stored in plain text by Jenkins hpe-network-virtualization pluginEcosystems: maven
Packages: org.jenkins-ci.plugins:hpe-network-virtualization
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: tools.devnull:build-notifications
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03Mjk4LXc1NGotcTd3bc4AAtEC
Cleartext Storage of Sensitive Information in Jenkins Build Notifications PluginEcosystems: maven
Packages: tools.devnull:build-notifications
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:ec2-deployment-dashboard
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01NmhjLXdmNDktMmg5Ns4AAtDx
Plaintext Storage of a Password in Jenkins Deployment Dashboard PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:ec2-deployment-dashboard
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: tools.devnull:build-notifications
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12M3I4LTZ2ZmotcHBwZs4AAtDC
Plaintext Storage of a Password in Jenkins Build Notifications PluginEcosystems: maven
Packages: tools.devnull:build-notifications
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:rocketchatnotifier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wZ3A5LXg4M2ctdjh4OM4AAtDV
Plaintext Storage of a Password in Jenkins RocketChat Notifier PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:rocketchatnotifier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.apache.tika:tika
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 2 years ago
GSA_kwCzR0hTQS02cTh2LTJodm0tZngzN84AAs_h
Apache Tika contains incomplete fix for regex DoSEcosystems: maven
Packages: org.apache.tika:tika
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 2 years ago
Low
Ecosystems: packagist
Packages: concrete5/core
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1tMnd3LTZ3djYtdnczY84AAs-f
Cross site scripting in Concrete CMSEcosystems: packagist
Packages: concrete5/core
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:squashtm-publisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05aDc5LTVtMmYtbXFqMs4AAs7y
Squash TM Publisher (Squash4Jenkins) Plugin stores passwords stored in plain textEcosystems: maven
Packages: org.jenkins-ci.plugins:squashtm-publisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: com.geteasyqa:easyqa
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14Y3A1LWo1ZmotM3hwNs4AAs8v
User passwords stored in plain text by Jenkins EasyQA PluginEcosystems: maven
Packages: com.geteasyqa:easyqa
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: cargo
Packages: shamir
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05NzhqLTg4ZjMtcDVqM84AArs3
Threshold value is ignored (all shares are n=3)Ecosystems: cargo
Packages: shamir
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: almost 2 years ago
GSA_kwCzR0hTQS1tcThqLTNoN2gtcDhnN84AArqs
Compromised child renderer processes could obtain IPC access without nodeIntegrationInSubFrames being enabledEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: almost 2 years ago
Low
Ecosystems: rubygems
Packages: octokit
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: almost 2 years ago
GSA_kwCzR0hTQS1nMjh4LXBncjMtcXF4Ns4AArmr
Octokit gem published with world-writable filesEcosystems: rubygems
Packages: octokit
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: almost 2 years ago
Low
Ecosystems: rubygems
Packages: octopoller
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: almost 2 years ago
GSA_kwCzR0hTQS0yNnFqLWNyMjctcjVjNM4AArmq
Octopoller gem published with world-writable filesEcosystems: rubygems
Packages: octopoller
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: almost 2 years ago
Low
Ecosystems: packagist
Packages: silverstripe/silverstripe-omnipay
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
GSA_kwCzR0hTQS00OGYyLW03amctODY2eM4AArZd
Failed payment recorded has completed in Silverstripe OmnipayEcosystems: packagist
Packages: silverstripe/silverstripe-omnipay
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Low
Ecosystems: npm
Packages: markdown-link-extractor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tbWg2LW03djktNTk1Ns4AArVk
Regular expression denial of service in markdown-link-extractorEcosystems: npm
Packages: markdown-link-extractor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: npm
Packages: semver-regex
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00eDV2LWdtcTgtMjVjaM4AArVj
Regular expression denial of service in semver-regexEcosystems: npm
Packages: semver-regex
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: nuget, npm
Packages: jQuery.Validation, jquery-validation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qOW0yLWgycHYtd3ZwaM4AArVh
Regular expression denial of service in jquery-validationEcosystems: nuget, npm
Packages: jQuery.Validation, jquery-validation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: go
Packages: gogs.io/gogs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wajk2LTRqaHYtdjc5Ms4AArT9
Cross site scripting via cookies in gogsEcosystems: go
Packages: gogs.io/gogs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: rubygems
Packages: solidus_backend
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: almost 2 years ago
GSA_kwCzR0hTQS04NjM5LXF4NTYtcjQyOM4AArTb
CSRF allows attacker to finalize/unfinalize order adjustments in solidus_backendEcosystems: rubygems
Packages: solidus_backend
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05cXJwLWg3ZnctNDJoZ84AArTY
Path Traversal in XWiki PlatformEcosystems: maven
Packages: org.xwiki.platform:xwiki-platform-oldcore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 4.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13OTQyLWZ3OTItbXFtMs4AApza
Magento Information Disclosure vulnerabilityEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 4.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:support-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05MnBnLThnNTctaHFweM4AAnqH
Support bundles can include user session IDs in Jenkins Support Core PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:support-core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: packagist
Packages: opencart/opencart
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: almost 2 years ago
GSA_kwCzR0hTQS0zajZtLW01djUtOTc4Nc4AAm2e
OpenCart Cross-Site Request Forgery (CSRF)Ecosystems: packagist
Packages: opencart/opencart
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: com.google.gerrit:gerrit-plugin-api
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1nNXEyLWN4Z3EtaDJyd84AAm1i
Information leak in GerritEcosystems: maven
Packages: com.google.gerrit:gerrit-plugin-api
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: rubygems
Packages: gitaly
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1tbW1tLWNoamYtam12d84AAmp5
Gitaly Insufficient Session Expiration vulnerabilityEcosystems: rubygems
Packages: gitaly
Source: GitHub Advisory Database
Blast Radius: 9.2
Published: almost 2 years ago
Low
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 4.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tcjhxLTdmNWotd2M3Oc4AAmnC
Magento information disclosure vulnerabilityEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 4.0
Published: almost 2 years ago
Low
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: almost 2 years ago
GSA_kwCzR0hTQS0zOXJ3LTRtNjYtODJnZs4AAmmH
Magento incorrect user permissions vulnerability within the Inventory componentEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: almost 2 years ago
Low
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: almost 2 years ago
GSA_kwCzR0hTQS1yd2Y3LTY1MmYtNzZtds4AAml3
Magento 2 Community Edition vulnerable to Improper AuthorizationEcosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:labmanager
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jZzRoLWNmanAtaDN4Ms4AAmgS
Password stored in plain text by Jenkins VMware Lab Manager Slaves PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:labmanager
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: com.rapid7:jenkinsci-appspider-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ybTdyLXh2NTMteHdjM84AAmgP
Password stored in plain text by Jenkins AppSpider PluginEcosystems: maven
Packages: com.rapid7:jenkinsci-appspider-plugin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: com.hoiio.jenkins:sms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12d2Z2LXFwdzgtODNjN84AAmK3
Access token stored in plain text by Jenkins SMS Notification PluginEcosystems: maven
Packages: com.hoiio.jenkins:sms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:couchdb-statistics
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qcmpyLTdyZjQtM3dxaM4AAmKu
Password stored in plain text by Jenkins couchdb-statistics PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:couchdb-statistics
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:Parameterized-Remote-Trigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13cGhxLWo3OHAtZmhncM4AAlxz
Secret stored in plain text by Jenkins Parameterized Remote Trigger PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:Parameterized-Remote-Trigger
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.jenkins-ci.plugins:tfs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13NmMyLWpyaGgtanJ4Z84AAlx_
Credentials stored in plain text by Jenkins tfs PluginEcosystems: maven
Packages: org.jenkins-ci.plugins:tfs
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Statistics
Advisories: 18,317
Packages: 8,278
Repositories: 435
Ecosystems: 12
Packages: 8,278
Repositories: 435
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
109
tensorflow-gpu
93
tensorflow-cpu
93
moodle/moodle
17
concrete5/concrete5
13
shopware/platform
12
typo3/cms
11
github.com/mattermost/mattermost/server/v8
10
phpmyadmin/phpmyadmin
10
shopware/core
10
org.apache.tomcat:tomcat
9
org.jenkins-ci.main:jenkins-core
9
vyper
7
matrix-synapse
7
puppet
6
Umbraco.CMS
6
rack
6
ansible
5
helm.sh/helm/v3
5
wasmtime
5
october/backend
5
undici
5
sweetalert2
5
baserproject/basercms
5
k8s.io/kubernetes
5
typo3/cms-core
4
electron
4
simplesamlphp/simplesamlphp
4
shopware/shopware
4
magento/community-edition
4
actionpack
4
github.com/cilium/cilium
4
org.keycloak:keycloak-services
4
com.vaadin:flow-server
4
github.com/mattermost/mattermost-server/v6
4
helm.sh/helm
4
plone
3
bin-links
3
org.apache.hive:hive-exec
3
org.graylog2:graylog2-server
3
@openzeppelin/contracts-upgradeable
3
passenger
3
org.apache.hive:hive-service
3
org.apache.hive:hive
3
go.etcd.io/etcd
3
github.com/mattermost/mattermost-server
3
node-forge
3
nautobot
3
com.vaadin:vaadin-bom
3
httplib2
3
cryptography
3
github.com/cosmos/cosmos-sdk
3
ethyca-fides
3
ckb
3
wagtail
3
symfony/symfony
3
org.jenkins-ci.plugins:ec2
2
typo3/cms-frontend
2
org.jenkins-ci.plugins:mercurial
2
gilacms/gila
2
Pillow
2
github.com/sigstore/cosign
2
org.apache.activemq:activemq-parent
2
salt
2
ceph-deploy
2
Django
2
craftcms/cms
2
@apollo/server
2
github.com/answerdev/answer
2
tools.devnull:build-notifications
2
@openzeppelin/contracts
2
github.com/opencontainers/runc
2
silverstripe/framework
2
moin
2
org.jenkins-ci.plugins:azure-ad
2
org.jenkins-ci.plugins:bigpanda-jenkins
2
winter/wn-backend-module
2
braces
2
node-ipc
2
next-auth
2
Flask-Security-Too
2
github.com/authzed/spicedb
2
tuf
2
Flask-AppBuilder
2
org.jenkins-ci.plugins:wso2id-oauth
2
grumpydictator/firefly-iii
2
org.xwiki.platform:xwiki-platform-oldcore
2
symfony/security-http
2
october/cms
2
aiohttp
2
typo3/cms-install
2
github.com/mutagen-io/mutagen
2
go.etcd.io/etcd/client/v3
2
org.jenkins-ci.plugins:repository-connector
2
s2n-quic
2
cargo
2
flarum/core
2
github.com/ntbosscher/gobase
2
langchain
2
com.ruoyi:ruoyi
2
github.com/cometbft/cometbft
2
parse-server
2
microweber/microweber
2
org.jenkins-ci.plugins:artifactory
2
django
2
activesupport
2
pip
2
com.inedo.proget:inedo-proget
2
OctoPrint
2
org.eclipse.jetty:jetty-server
2
ezsystems/ezpublish-kernel
2
ezsystems/ezplatform-kernel
2
Zope
2
vantage6
2
github.com/hashicorp/nomad
2
sylius/sylius
2
github.com/mattermost/mattermost-plugin-jira
2
github.com/oauth2-proxy/oauth2-proxy
1
org.jenkins-ci.plugins:snsnotify
1
github.com/Masterminds/goutils
1
github.com/oauth2-proxy/oauth2-proxy/v7
1
io.swagger:swagger-codegen
1
io.quarkus.resteasy.reactive:resteasy-reactive-common
1
hyper
1
io.jenkins.plugins:tuleap-oauth
1
zod
1
org.jenkins-ci.plugins:qmetry-for-jira-test-management
1
@liquity/contracts
1
org.scala-sbt:io_3
1
rabbit_common
1
horizon
1
org.scala-sbt:io_2.13
1
org.wiremock:wiremock-standalone
1
org.scala-sbt:io_2.12
1
org.wiremock:wiremock
1
github.com/nats-io/nats-server/v2
1
com.github.tomakehurst:wiremock-jre8
1
org.scala-sbt:sbt
1
@diez/generation
1
wiremock
1
com.github.tomakehurst:wiremock-jre8-standalone
1
org.jenkins-ci.plugins:openshift-deployer
1
org.keycloak:keycloak-core
1
qutebrowser
1
automad/automad
1
mindspore
1
go.elastic.co/apm
1
kafo
1
net.sf.mpxj:mpxj
1
net.sf.mpxj
1
net.sf.mpxj-for-csharp
1
net.sf.mpxj-for-vb
1
mpxj
1
keylime
1
zerocopy
1
francoisjacquet/rosariosis
1
RPLY
1
seneca
1
hooka-tools
1
github.com/canonical/lxd
1
org.jenkins-ci.plugins:synopsys-coverity
1
contao/core-bundle
1
basti-cdk
1
io.jenkins.plugins:gitlab-branch-source
1
keystone
1
org.springframework.batch:spring-batch-core
1
org.jenkins-ci.plugins:ghprb
1
com.xuxueli:xxl-job-core
1
virtualenv
1
com.typesafe.play:play
1
ember-source
1
@aedart/support
1
streamlit
1
org.jenkins-ci.plugins:reverse-proxy-auth-plugin
1
flarum/framework
1
Werkzeug
1
django-basic-auth-ip-whitelist
1
org.keycloak:keycloak-server-spi-private
1
spina
1
admidio/admidio
1
phpmyfaq/phpmyfaq
1
solidus_backend
1
debug
1
org.keycloak:keycloak-parent
1
org.xmlunit:xmlunit-core
1
github.com/consensys/gnark-crypto
1
github.com/tendermint/tendermint
1
github.com/aws/aws-sdk-go
1
github.com/goharbor/harbor
1
croogo/croogo
1
@floffah/build
1
ajenti
1
fast-xml-parser
1
es5-ext
1
njwt
1
ascii-art
1
merge-objects
1
bigint-money
1
put
1
apostrophe
1
Filter by Repository
https://github.com/tensorflow/tensorflow
109
https://github.com/moodle/moodle
17
https://github.com/concretecms/concretecms
13
https://github.com/shopware/platform
12
https://github.com/etcd-io/etcd
8
https://github.com/umbraco/Umbraco-CMS
7
https://github.com/matrix-org/synapse
7
https://github.com/phpmyadmin/phpmyadmin
7
https://github.com/eclipse/jetty.project
7
https://github.com/vyperlang/vyper
7
https://github.com/octobercms/october
7
https://github.com/rack/rack
6
https://github.com/rails/rails
6
https://github.com/helm/helm
5
https://github.com/nodejs/undici
5
https://github.com/kubernetes/kubernetes
5
https://github.com/keycloak/keycloak
5
https://github.com/bytecodealliance/wasmtime
5
https://github.com/baserproject/basercms
5
https://github.com/ansible/ansible
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/xwiki/xwiki-platform
5
https://github.com/puppetlabs/puppet
5
https://github.com/jenkinsci/jenkins
5
https://github.com/cilium/cilium
4
https://github.com/electron/electron
4
https://github.com/simplesamlphp/simplesamlphp
4
https://github.com/TYPO3/typo3
4
https://github.com/apache/tomcat
4
https://github.com/wintercms/winter
4
https://github.com/mattermost/mattermost
4
https://github.com/vaadin/platform
4
https://github.com/shopware/shopware
4
https://github.com/ethyca/fides
3
https://github.com/pyca/cryptography
3
https://github.com/nautobot/nautobot
3
https://github.com/digitalbazaar/forge
3
https://github.com/Graylog2/graylog2-server
3
https://github.com/wagtail/wagtail
3
https://github.com/httplib2/httplib2
3
https://github.com/vantage6/vantage6
3
https://github.com/cosmos/cosmos-sdk
3
https://github.com/symfony/symfony
3
https://github.com/CVEProject/cvelist
3
https://github.com/nervosnetwork/ckb
3
https://github.com/vaadin/flow
3
https://github.com/phusion/passenger
3
https://gitlab.com/sequoia-pgp/sequoia
2
https://github.com/apache/activemq
2
https://github.com/apollographql/apollo-server
2
https://github.com/GilaCMS/gila
2
https://github.com/ceph/ceph-deploy
2
https://github.com/mutagen-io/mutagen
2
https://github.com/answerdev/answer
2
https://github.com/opencontainers/runc
2
https://github.com/aio-libs/aiohttp
2
https://github.com/aws/s2n-quic
2
https://github.com/zopefoundation/Zope
2
https://github.com/ntbosscher/gobase
2
https://github.com/craftcms/cms
2
https://github.com/microweber/microweber
2
https://github.com/octoprint/octoprint
2
https://github.com/parse-community/parse-server
2
https://github.com/sigstore/cosign
2
https://github.com/dpgaspar/Flask-AppBuilder
2
https://github.com/mattermost/mattermost-plugin-jira
2
https://github.com/authzed/spicedb
2
https://github.com/django/django
2
https://github.com/quarkusio/quarkus
2
https://github.com/jenkinsci/ec2-plugin
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/TYPO3/TYPO3.CMS
2
https://github.com/Sylius/Sylius
2
https://github.com/hashicorp/nomad
2
https://github.com/openstack/keystone
2
https://github.com/cometbft/cometbft
2
https://github.com/RIAEvangelist/node-ipc
2
https://github.com/Flask-Middleware/flask-security
2
https://github.com/nextauthjs/next-auth
2
https://github.com/ezsystems/ezplatform-kernel
2
https://github.com/saltstack/salt
2
https://github.com/flarum/framework
2
https://github.com/rust-lang/cargo
2
https://github.com/micromatch/braces
2
https://github.com/firefly-iii/firefly-iii
2
https://github.com/opencontainers/distribution-spec
2
https://github.com/pypa/pip
2
https://github.com/theupdateframework/python-tuf
2
https://github.com/dojo/dijit
1
https://github.com/jcubic/jquery.terminal
1
https://github.com/joeferner/redis-commander
1
https://github.com/fastify/fastify-http-proxy
1
https://github.com/brefphp/bref
1
https://github.com/electron-userland/electron-packager
1
https://github.com/ktorio/ktor
1
https://github.com/PrestaShop/productcomments
1
https://github.com/mlflow/mlflow
1
https://github.com/kopia/kopia
1
https://github.com/floriangaerber/Magnesium-PHP
1
https://github.com/lexik/LexikJWTAuthenticationBundle
1
https://github.com/openstack/nova
1
https://github.com/kitabisa/teler
1
https://github.com/jeremylong/DependencyCheck
1
https://github.com/tauri-apps/tauri
1
https://github.com/node-red/node-red
1
https://github.com/tendermint/tendermint
1
https://github.com/elastic/apm-agent-dotnet
1
https://github.com/jenkinsci/parameterized-remote-trigger-plugin
1
https://github.com/dub-flow/vulnerability-research
1
https://github.com/plone/Products.CMFPlone
1
https://github.com/jenkinsci/mercurial-plugin
1
https://github.com/canonical/lxd
1
https://github.com/fluent/fluentd
1
https://github.com/aedart/ion
1
https://github.com/impredicative/bitlyshortener
1
https://github.com/google/zerocopy
1
https://github.com/ezsystems/ezpublish-kernel
1
https://github.com/tinymce/tinymce
1
https://github.com/NVIDIA/NeMo
1
https://github.com/vapor/postgres-nio
1
https://github.com/jquery-validation/jquery-validation
1
https://github.com/jenkinsci/gitlab-plugin
1
https://github.com/Azure/setup-kubectl
1
https://github.com/swagger-api/swagger-codegen
1
https://github.com/knative-extensions/eventing-github
1
https://github.com/rails/globalid
1
https://github.com/medikoo/es5-ext
1
https://github.com/jenkinsci/resource-disposer-plugin
1
https://github.com/jenkinsci/email-ext-plugin
1
https://github.com/python-imaging/Pillow
1
https://github.com/jenkinsci/qmetry-for-jira-test-management-plugin
1
https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID
1
https://github.com/simplegeo/python-oauth2
1
https://github.com/decidim/decidim
1
https://github.com/elastic/apm-agent-go
1
https://github.com/spinacms/spina
1
https://github.com/amundsen-io/amundsenfrontendlibrary
1
https://github.com/personnummer/go
1
https://github.com/keylime/keylime
1
https://github.com/vega/vega
1
https://github.com/Masterminds/goutils
1
https://github.com/skylot/jadx
1
https://github.com/cloudfoundry/uaa
1
https://github.com/directus/directus
1
https://github.com/Twipped/ircdkit
1
https://github.com/ubernostrum/django-registration
1
https://github.com/personnummer/php
1
https://github.com/arguiot/EyeJS
1
https://github.com/openjdk/jfx
1
https://github.com/livehelperchat/livehelperchat
1
https://github.com/CosmWasm/cosmwasm
1
https://github.com/cjvnjde/google-translate-api-browser
1
https://github.com/triaxtec/openapi-python-client
1
https://github.com/zowe/imperative
1
https://github.com/ESAPI/esapi-java-legacy
1
https://github.com/jenkinsci/digitalocean-plugin
1
https://github.com/theupdateframework/go-tuf
1
https://github.com/croogo/croogo
1
https://github.com/npm/npm
1
https://github.com/rust-vmm/linux-loader
1
https://github.com/derbyjs/derby
1
https://github.com/puma/puma
1
https://github.com/endojs/endo
1
https://github.com/moq/moq
1
https://github.com/zopefoundation/Products.GenericSetup
1
https://github.com/jenkinsci/git-client-plugin
1
https://github.com/waycrate/swhkd
1
https://github.com/Nebulosus/shamir
1
https://github.com/ConsenSys/discovery
1
https://github.com/personnummer/dart
1
https://github.com/magento/magento2
1
https://github.com/rust-vmm/vm-memory
1
https://github.com/tailscale/tailscale
1
https://github.com/argoproj/argo-workflows
1
https://github.com/containers/podman
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/mapfish/mapfish-print
1
https://github.com/ericcornelissen/shescape
1
https://github.com/memorysafety/sudo-rs
1
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
1
https://github.com/jenkinsci/m2release-plugin
1
https://github.com/sparklemotion/sqlite3-ruby
1
https://github.com/tlsfuzzer/tlslite-ng
1
https://github.com/tm-kn/django-basic-auth-ip-whitelist
1
https://github.com/onionshare/onionshare
1
https://github.com/jenkinsci/inedo-buildmaster-plugin
1
https://github.com/jenkinsci/github-plugin
1
https://github.com/kiwitcms/Kiwi
1
https://github.com/gradle/gradle
1
https://github.com/dan1hc/fgr
1
https://github.com/bbatsov/rubocop
1
https://gitlab.com/edneville/please
1
https://github.com/xmlunit/xmlunit
1
https://github.com/octokit/octopoller.rb
1
https://github.com/yourls/yourls
1
https://github.com/xuxueli/xxl-job
1
https://github.com/disintegration/imaging
1
https://github.com/node-js-libs/cli
1
https://github.com/Brondahl/EnumStringValues
1