An open API service providing security vulnerability metadata for many open source software ecosystems.

Browse Security Advisories

Moderate
4 days ago

Opencast still publishes global system account credentials GSA_kwCzR0hTQS1qNjNoLWhtZ3cteDRqN84ABKiM

maven org.opencastproject:opencast-publication-service-oaipmh-remote, org.opencastproject:opencast-kernel, org.opencastproject:opencast-ingest-service-impl, org.opencastproject:opencast-common
Moderate
8 days ago

HAX CMS application pages vulnerable to clickjacking GSA_kwCzR0hTQS01NHZ3LWY0eGYtZjkyas4ABKWO

packagist, npm elmsln/haxcms, @haxtheweb/haxcms-nodejs
Moderate
11 days ago

Mattermost Path Traversal vulnerability GSA_kwCzR0hTQS13dncyLTNqaDQtNGMzOc4ABKRq

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
11 days ago

Mattermost Missing Authentication for Critical Function GSA_kwCzR0hTQS03aDM0LTljaHItNThxaM4ABKRa

go github.com/mattermost/mattermost/server/v8, github.com/mattermost/mattermost-server
Moderate
13 days ago

vue-i18n's escapeParameterHtml does not prevent DOM-based XSS through its tag attributes GSA_kwCzR0hTQS14OHFwLXdxcW0tNTdwaM4ABKPO

npm petite-vue-i18n, @intlify/vue-i18n-core, @intlify/core-base, @intlify/core, vue-i18n
Moderate
13 days ago

Eclipse GlassFish is vulnerable to Reflected XSS attacks through its Administration Console GSA_kwCzR0hTQS12cXJtLTgzZzYtcGZ2NM4ABKND

maven org.glassfish.main.admingui:console-cluster-plugin, org.glassfish.main.admingui:console-common
Moderate
18 days ago

Apache Commons Lang is vulnerable to Uncontrolled Recursion when processing long inputs GSA_kwCzR0hTQS1qMjg4LXE5eDctMmY1ds4ABKDg

maven commons-lang:commons-lang, org.apache.commons:commons-lang3
Moderate
20 days ago

Jenkins ReadyAPI Functional Testing Plugin vulnerability exposes secrets GSA_kwCzR0hTQS1yNDk2LXg3NjktZjhqNM4ABJ-C

maven org.jenkins-ci.plugins:soapui-pro-functional-testing
Moderate
20 days ago

Jenkins Statistics Gatherer Plugin does not mask AWS Secret Key GSA_kwCzR0hTQS0yNngzLTdqdzUtN21nNM4ABJ94

maven org.jenkins.plugins.statistics.gatherer:statistics-gatherer
Moderate
20 days ago

Jenkins QMetry Test Management Plugin stores unencrypted API keys GSA_kwCzR0hTQS1wOWdoLXJwanctNzhxZ84ABJ-I

maven org.jenkins-ci.plugins:qmetry-test-management
Moderate
20 days ago

Jenkins Statistics Gatherer Plugin vulnerability exposes AWS Secret Key GSA_kwCzR0hTQS0zYzlmLWM2NG0taDR3Y84ABJ98

maven org.jenkins.plugins.statistics.gatherer:statistics-gatherer

Filter by Severity

Filter by Ecosystem

Filter by Package

moodle/moodle 307 tensorflow 200 tensorflow-cpu 198 tensorflow-gpu 197 magento/community-edition 167 org.jenkins-ci.main:jenkins-core 145 typo3/cms 129 org.apache.tomcat:tomcat 96 pimcore/pimcore 87 github.com/mattermost/mattermost/server/v8 76 typo3/cms-core 74 microweber/microweber 69 silverstripe/framework 68 com.liferay.portal:release.portal.bom 64 com.liferay.portal:release.dxp.bom 58 phpmyadmin/phpmyadmin 56 dolibarr/dolibarr 55 drupal/core 54 magento/project-community-edition 51 github.com/usememos/memos 47 thorsten/phpmyfaq 47 actionpack 45 concrete5/concrete5 45 Django 44 apache-airflow 43 drupal/drupal 42 librenms/librenms 42 apache-superset 41 Plone 36 showdoc/showdoc 34 mantisbt/mantisbt 33 symfony/symfony 33 org.elasticsearch:elasticsearch 33 org.keycloak:keycloak-core 32 github.com/grafana/grafana 31 github.com/mattermost/mattermost-server/v6 30 craftcms/cms 29 nova 29 plone 29 moin 27 intelliants/subrion 26 baserproject/basercms 26 snipe/snipe-it 25 ansible 25 mautic/core 24 k8s.io/kubernetes 24 directus 23 shopware/platform 22 django 21 github.com/mattermost/mattermost-server 21 nilsteampassnet/teampass 21 github.com/answerdev/answer 21 org.keycloak:keycloak-services 20 froxlor/froxlor 20 gradio 20 org.apache.struts:struts2-core 20 grumpydictator/firefly-iii 20 mediawiki/core 20 shopware/shopware 19 github.com/cilium/cilium 19 org.apache.tomcat.embed:tomcat-embed-core 19 matrix-synapse 19 remdex/livehelperchat 18 github.com/docker/docker 17 salt 17 shopware/core 17 getkirby/cms 17 zendframework/zendframework1 17 rdiffweb 16 github.com/hashicorp/vault 16 github.com/argoproj/argo-cd/v2 16 yetiforce/yetiforce-crm 15 github.com/hashicorp/nomad 15 prestashop/prestashop 15 io.undertow:undertow-core 15 org.opencms:opencms-core 15 vyper 15 rack 15 DotNetNuke.Core 14 puppet 14 tinymce 14 glance 14 github.com/hashicorp/consul 14 org.xwiki.platform:xwiki-platform-oldcore 14 org.springframework.security:spring-security-core 13 org.apache.jspwiki:jspwiki-main 13 com.thoughtworks.xstream:xstream 13 tribalsystems/zenario 13 forkcms/forkcms 13 contao/core-bundle 13 nokogiri 13 keystone 13 com.jfinal:jfinal 13 github.com/goharbor/harbor 13 github.com/argoproj/argo-cd 12 github.com/openfga/openfga 12 roundup 12 org.bouncycastle:bcprov-jdk14 12 wallabag/wallabag 12 simplesamlphp/simplesamlphp 12 lavalite/cms 11 phpoffice/phpexcel 11 github.com/containerd/containerd 11 org.eclipse.jetty:jetty-server 11 github.com/ethereum/go-ethereum 11 github.com/traefik/traefik/v2 11 ckeditor4 11 ec-cube/ec-cube 11 activesupport 11 getgrav/grav 11 org.apache.tomcat:tomcat-coyote 11 laravel/framework 11 tinymce/tinymce 11 bootstrap 11 @openzeppelin/contracts-upgradeable 11 genix/cms 11 TinyMCE 11 feehi/feehicms 11 @openzeppelin/contracts 11 vite 10 bootstrap 10 zendframework/zendframework 10 vllm 10 fat_free_crm 10 notebook 10 github.com/greenpau/caddy-security 10 org.springframework:spring-core 10 com.vaadin:vaadin-bom 10 OctoPrint 10 org.apache.nifi:nifi 10 PaddlePaddle 10 org.apache.solr:solr-core 10 joplin 10 org.keycloak:keycloak-parent 10 aiohttp 10 opencart/opencart 10 surrealdb 10 bolt/bolt 10 ghost 10 silverstripe/cms 10 typo3/cms-backend 10 francoisjacquet/rosariosis 10 helm.sh/helm/v3 10 org.apache.jspwiki:jspwiki-war 10 phpoffice/phpspreadsheet 10 org.apache.activemq:activemq-client 9 calibreweb 9 swagger-ui 9 pimcore/admin-ui-classic-bundle 9 rubygems-update 9 electron 9 org.jenkins-ci.plugins:git 9 next 9 horizon 9 twbs/bootstrap 9 bootstrap 9 org.jenkins-ci.plugins:script-security 9 org.bouncycastle:bcprov-jdk15on 9 org.opencrx:opencrx-core-models 9 publify_core 9 pyftpdlib 9 gogs.io/gogs 9 angular 9 code.gitea.io/gitea 9 org.webjars:bootstrap 9 sylius/sylius 9 urllib3 9 org.igniterealtime.openfire:parent 9 open-webui 9 org.mortbay.jetty:jetty 9 wasmtime 9 cakephp/cakephp 9 org.apache.ranger:ranger 8 editor.md 8 phpmyfaq/phpmyfaq 8 phpbb/phpbb 8 jquery-rails 8 Microsoft.ChakraCore 8 camaleon_cms 8 actionview 8 transformers 8 github.com/rancher/rancher 8 opencv-python 8 opencv-contrib-python 8 onionshare-cli 8 neutron 8 modoboa 8 mlflow 8 org.jenkins-ci.plugins:subversion 8 parse-server 8 bootstrap.sass 8 org.bouncycastle:bcprov-jdk15to18 8 github.com/traefik/traefik/v3 8 org.apache.archiva:archiva 8 centreon/centreon 8 contao/contao 8 rails-html-sanitizer 8 github.com/kubeedge/kubeedge 8 rails 8 org.jenkins-ci.plugins:electricflow 8

Filter by Repository

https://github.com/tensorflow/tensorflow 200 https://github.com/moodle/moodle 186 https://github.com/jenkinsci/jenkins 109 https://github.com/pimcore/pimcore 85 https://github.com/TYPO3/typo3 64 https://github.com/microweber/microweber 63 https://github.com/apache/tomcat 61 https://github.com/silverstripe/silverstripe-framework 50 https://github.com/django/django 50 https://github.com/xwiki/xwiki-platform 48 https://github.com/usememos/memos 47 https://github.com/thorsten/phpmyfaq 45 https://github.com/rails/rails 45 https://github.com/apache/airflow 43 https://github.com/keycloak/keycloak 40 https://github.com/librenms/librenms 39 https://github.com/kubernetes/kubernetes 38 https://github.com/liferay/liferay-portal 36 https://github.com/mantisbt/mantisbt 32 https://github.com/star7th/showdoc 32 https://github.com/symfony/symfony 27 https://github.com/grafana/grafana 27 https://github.com/concretecms/concretecms 27 https://github.com/ansible/ansible 26 https://github.com/phpmyadmin/phpmyadmin 26 https://github.com/spring-projects/spring-framework 26 https://github.com/mautic/mautic 24 https://github.com/craftcms/cms 24 https://github.com/directus/directus 24 https://github.com/argoproj/argo-cd 23 https://github.com/mattermost/mattermost 23 https://github.com/umbraco/Umbraco-CMS 22 https://github.com/Dolibarr/dolibarr 22 https://github.com/answerdev/answer 21 https://github.com/plone/Products.CMFPlone 20 https://github.com/shopware/shopware 20 https://github.com/snipe/snipe-it 20 https://github.com/magento/magento2 20 https://github.com/apache/activemq 20 https://github.com/firefly-iii/firefly-iii 20 https://github.com/cilium/cilium 19 https://github.com/openstack/nova 18 https://github.com/livehelperchat/livehelperchat 18 https://github.com/shopware/platform 17 https://github.com/apache/struts 17 https://github.com/matrix-org/synapse 16 https://github.com/gradio-app/gradio 16 https://github.com/ikus060/rdiffweb 16 https://github.com/vyperlang/vyper 15 https://github.com/getkirby/kirby 15 https://github.com/CVEProject/cvelist 15 https://github.com/PaddlePaddle/Paddle 14 https://github.com/baserproject/basercms 14 https://github.com/netty/netty 14 https://github.com/geoserver/geoserver 14 https://github.com/tinymce/tinymce 14 https://github.com/apache/cxf 14 https://github.com/yetiforcecompany/yetiforcecrm 14 https://github.com/x-stream/xstream 14 https://github.com/OpenNMS/opennms 14 https://github.com/froxlor/froxlor 14 https://github.com/TYPO3/TYPO3.CMS 14 https://github.com/contao/contao 14 https://github.com/saltstack/salt 14 https://github.com/nilsteampassnet/TeamPass 13 https://github.com/goharbor/harbor 13 https://github.com/moby/moby 13 https://github.com/apache/nifi 13 https://github.com/octobercms/october 13 https://github.com/go-gitea/gitea 13 https://github.com/traefik/traefik 12 https://github.com/rack/rack 12 https://github.com/openfga/openfga 12 https://github.com/containerd/containerd 12 https://github.com/PrestaShop/PrestaShop 12 https://github.com/strapi/strapi 11 https://github.com/openstack/keystone 11 https://github.com/OpenZeppelin/openzeppelin-contracts 11 https://github.com/ckeditor/ckeditor4 11 https://github.com/github/advisory-database 11 https://github.com/forkcms/forkcms 11 https://github.com/laravel/framework 11 https://github.com/ethereum/go-ethereum 11 https://github.com/backstage/backstage 10 https://github.com/simplesamlphp/simplesamlphp 10 https://github.com/hashicorp/consul 10 https://github.com/decidim/decidim 10 https://github.com/aio-libs/aiohttp 10 https://github.com/surrealdb/surrealdb 10 https://github.com/laurent22/joplin 10 https://github.com/PHPOffice/PhpSpreadsheet 10 https://github.com/vaadin/platform 10 https://github.com/greenpau/caddy-security 10 https://github.com/wallabag/wallabag 10 https://github.com/liufee/cms 10 https://github.com/electron/electron 10 https://github.com/intelliants/subrion 10 https://github.com/helm/helm 10 https://github.com/bytecodealliance/wasmtime 10 https://github.com/vitejs/vite 10 https://github.com/jquery/jquery 9 https://github.com/vllm-project/vllm 9 https://github.com/thorsten/phpMyFAQ 9 https://github.com/urllib3/urllib3 9 https://github.com/fatfreecrm/fat_free_crm 9 https://github.com/pimcore/admin-ui-classic-bundle 9 https://github.com/TryGhost/Ghost 9 https://github.com/alkacon/opencms-core 9 https://github.com/puppetlabs/puppet 9 https://github.com/jenkinsci/git-plugin 9 https://github.com/bcgit/bc-java 9 https://github.com/publify/publify 9 https://github.com/TYPO3-CMS/core 9 https://github.com/LavaLite/cms 8 https://github.com/hashicorp/nomad 8 https://github.com/dolibarr/dolibarr 8 https://github.com/opencast/opencast 8 https://github.com/kubeedge/kubeedge 8 https://github.com/gogs/gogs 8 https://github.com/swagger-api/swagger-ui 8 https://github.com/onionshare/onionshare 8 https://github.com/getgrav/grav 8 https://github.com/nilsteampassnet/teampass 8 https://github.com/dpgaspar/Flask-AppBuilder 8 https://github.com/parse-community/parse-server 8 https://github.com/eclipse/jetty.project 8 https://github.com/openstack/glance 8 https://github.com/zendframework/zendframework 8 https://github.com/dotnet/runtime 8 https://github.com/rails/rails-html-sanitizer 8 https://github.com/pandao/editor.md 8 https://github.com/OctoPrint/OctoPrint 8 https://github.com/rancher/rancher 8 https://github.com/sulu/sulu 8 https://github.com/apache/zeppelin 8 https://github.com/apache/superset 8 https://github.com/huggingface/transformers 8 https://github.com/rubygems/rubygems 8 https://github.com/modoboa/modoboa 8 https://github.com/denoland/deno 8 https://github.com/sparklemotion/nokogiri 8 https://github.com/undertow-io/undertow 7 https://github.com/pyload/pyload 7 https://github.com/openstack/horizon 7 https://github.com/google/fscrypt 7 https://github.com/vercel/next.js 7 https://github.com/nahsra/antisamy 7 https://github.com/containers/podman 7 https://github.com/chakra-core/ChakraCore 7 https://github.com/OPCFoundation/UA-.NETStandard 7 https://github.com/opencv/opencv 7 https://github.com/twbs/bootstrap 7 https://github.com/croogo/croogo 7 https://github.com/jenkinsci/blueocean-plugin 7 https://github.com/zitadel/zitadel 7 https://github.com/jupyter/notebook 7 https://github.com/jeecgboot/jeecg-boot 7 https://github.com/kevinpapst/kimai2 7 https://github.com/louislam/uptime-kuma 7 https://github.com/Leantime/leantime 7 https://github.com/matrix-org/matrix-rust-sdk 7 https://github.com/janeczku/calibre-web 7 https://github.com/Sylius/Sylius 7 https://github.com/modxcms/revolution 7 https://github.com/python-pillow/Pillow 7 https://github.com/scrapy/scrapy 7 https://github.com/vega/vega 7 https://github.com/nocodb/nocodb 7 https://github.com/opencontainers/runc 7 https://github.com/hashicorp/vault 7 https://github.com/vaadin/flow 7 https://github.com/wagtail/wagtail 6 https://github.com/lxml/lxml 6 https://github.com/tecnickcom/TCPDF 6 https://github.com/MobSF/Mobile-Security-Framework-MobSF 6 https://github.com/jenkinsci/config-file-provider-plugin 6 https://github.com/panva/jose 6 https://github.com/cui2shark/security 6 https://github.com/oroinc/orocommerce 6 https://github.com/FlowiseAI/Flowise 6 https://github.com/spatie/browsershot 6 https://github.com/run-llama/llama_index 6 https://github.com/zenml-io/zenml 6 https://github.com/pallets/jinja 6 https://github.com/psf/requests 6 https://github.com/owen2345/camaleon-cms 6 https://github.com/pomerium/pomerium 6 https://github.com/sfackler/rust-openssl 6 https://github.com/pimcore/customer-data-framework 6 https://github.com/ckan/ckan 6 https://github.com/pmmp/PocketMine-MP 6 https://github.com/dnnsoftware/Dnn.Platform 6 https://github.com/drupal/core 6 https://github.com/jenkinsci/fortify-on-demand-uploader-plugin 6 https://github.com/nodejs/undici 6 https://github.com/stacklok/minder 6 https://github.com/treeverse/lakeFS 6 https://github.com/StarCitizenTools/mediawiki-skins-Citizen 6 https://github.com/quarkusio/quarkus 6