Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Moderate Security Advisories
Loading...
Moderate
Ecosystems: cargo
Packages: apollo-router
Source: GitHub Advisory Database
Published: 22 days ago
GSA_kwCzR0hTQS1jZ3FmLTNjcTUtd3Zjas4AA5zT
Apollo Router's Compressed Payloads do not respect HTTP Payload LimitsEcosystems: cargo
Packages: apollo-router
Source: GitHub Advisory Database
Published: 22 days ago
Moderate
Ecosystems: cargo
Packages: Deno
Source: GitHub Advisory Database
Published: 22 days ago
GSA_kwCzR0hTQS0zajI3LTU2M3YtMjh3Zs4AA5zR
*const c_void / ExternalPointer unsoundness leading to use-after-freeEcosystems: cargo
Packages: Deno
Source: GitHub Advisory Database
Published: 22 days ago
Moderate
Ecosystems: cargo
Packages: deno
Source: GitHub Advisory Database
Published: 22 days ago
GSA_kwCzR0hTQS01ZnJ3LTRyd3EteGhjcs4AA5zP
Deno's improper suffix match testing for DENO_AUTH_TOKENSEcosystems: cargo
Packages: deno
Source: GitHub Advisory Database
Published: 22 days ago
Moderate
Ecosystems: npm
Packages: rsshub
Source: GitHub Advisory Database
Published: 22 days ago
GSA_kwCzR0hTQS0zcDNwLWNnajctdmd3M84AA5zO
RSSHub vulnerable to Server-Side Request ForgeryEcosystems: npm
Packages: rsshub
Source: GitHub Advisory Database
Published: 22 days ago
Moderate
Ecosystems: npm
Packages: rsshub
Source: GitHub Advisory Database
Published: 22 days ago
GSA_kwCzR0hTQS0yd3F3LWhyNGYteHJoaM4AA5zN
RSSHub Cross-site Scripting vulnerability caused by internal media proxyEcosystems: npm
Packages: rsshub
Source: GitHub Advisory Database
Published: 22 days ago
Moderate
Ecosystems: maven
Packages: org.apache.linkis:linkis
Source: GitHub Advisory Database
Published: 22 days ago
GSA_kwCzR0hTQS1tNzU3LXA4cnYtNHE5M84AA5zJ
Apache Linkis DataSource: DataSource module Oracle SQL Database Password LoggedEcosystems: maven
Packages: org.apache.linkis:linkis
Source: GitHub Advisory Database
Published: 22 days ago
Moderate
Ecosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Published: 22 days ago
GSA_kwCzR0hTQS0yNnczLXE0ajgtNHhqcM4AA5zI
1Panel open source panel project has an unauthorized vulnerability.Ecosystems: go
Packages: github.com/1Panel-dev/1Panel
Source: GitHub Advisory Database
Published: 22 days ago
Moderate
Ecosystems: pypi
Packages: esphome
Source: GitHub Advisory Database
Published: 22 days ago
GSA_kwCzR0hTQS05cDQzLWhqNWotOTZoNc4AA5zH
esphome vulnerable to stored Cross-site Scripting in edit configuration file APIEcosystems: pypi
Packages: esphome
Source: GitHub Advisory Database
Published: 22 days ago
Moderate
Ecosystems: go
Packages: github.com/IceWhaleTech/CasaOS-UserService
Source: GitHub Advisory Database
Published: 22 days ago
GSA_kwCzR0hTQS1jOTY3LTI2NTItZ2Zqbc4AA5zF
CasaOS Username EnumerationEcosystems: go
Packages: github.com/IceWhaleTech/CasaOS-UserService
Source: GitHub Advisory Database
Published: 22 days ago
Moderate
Ecosystems: go
Packages: google.golang.org/protobuf/internal/encoding/json, google.golang.org/protobuf/encoding/protojson, google.golang.org/protobuf
Source: GitHub Advisory Database
Published: 23 days ago
GSA_kwCzR0hTQS04cjNmLTg0NGMtbWMzN84AA5yO
Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSONEcosystems: go
Packages: google.golang.org/protobuf/internal/encoding/json, google.golang.org/protobuf/encoding/protojson, google.golang.org/protobuf
Source: GitHub Advisory Database
Published: 23 days ago
Moderate
Ecosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Published: 23 days ago
GSA_kwCzR0hTQS14ZzVwLTh3ZzUtcmh4bc4AA5yI
Phone information disclosure vulnerabilityEcosystems: pypi
Packages: Plone
Source: GitHub Advisory Database
Published: 23 days ago
Moderate
Ecosystems: cargo
Packages: deno
Source: GitHub Advisory Database
Published: 23 days ago
GSA_kwCzR0hTQS1ocnFyLWp2OHctdjlqaM4AA5xa
Insufficient permission checking in `Deno.makeTemp*` APIsEcosystems: cargo
Packages: deno
Source: GitHub Advisory Database
Published: 23 days ago
Moderate
Ecosystems: pypi
Packages: eth-abi
Source: GitHub Advisory Database
Published: 23 days ago
GSA_kwCzR0hTQS0zcXdjLTQ3amYtNXJmN84AA5xT
eth-abi is vulnerable to recursive DoSEcosystems: pypi
Packages: eth-abi
Source: GitHub Advisory Database
Published: 23 days ago
Moderate
Ecosystems: go
Packages: github.com/jackc/pgx/v5, github.com/jackc/pgx/v4, github.com/jackc/pgproto3/v2, github.com/jackc/pgproto3
Source: GitHub Advisory Database
Published: 24 days ago
GSA_kwCzR0hTQS03andoLTN2cnEtcTNtOM4AA5wG
pgproto3 SQL Injection via Protocol Message Size OverflowEcosystems: go
Packages: github.com/jackc/pgx/v5, github.com/jackc/pgx/v4, github.com/jackc/pgproto3/v2, github.com/jackc/pgproto3
Source: GitHub Advisory Database
Published: 24 days ago
Moderate
Ecosystems: packagist
Packages: sulu/sulu
Source: GitHub Advisory Database
Published: 24 days ago
GSA_kwCzR0hTQS1qcjgzLW0yMzMtZ2c2cM4AA5wF
Sulu grants access to pages regardless of role permissionsEcosystems: packagist
Packages: sulu/sulu
Source: GitHub Advisory Database
Published: 24 days ago
Moderate
Ecosystems: go
Packages: github.com/jackc/pgx/v5, github.com/jackc/pgx/v4, github.com/jackc/pgproto3/v2, github.com/jackc/pgproto3, github.com/jackc/pgx
Source: GitHub Advisory Database
Published: 24 days ago
GSA_kwCzR0hTQS1tcnd3LTI3dmMtZ2dods4AA5wA
pgx SQL Injection via Protocol Message Size OverflowEcosystems: go
Packages: github.com/jackc/pgx/v5, github.com/jackc/pgx/v4, github.com/jackc/pgproto3/v2, github.com/jackc/pgproto3, github.com/jackc/pgx
Source: GitHub Advisory Database
Published: 24 days ago
Moderate
Ecosystems: go
Packages: github.com/jackc/pgx/v4, github.com/jackc/pgx
Source: GitHub Advisory Database
Published: 24 days ago
GSA_kwCzR0hTQS1tN3dyLTJ4ZjctY205cM4AA5v_
pgx SQL Injection via Line Comment CreationEcosystems: go
Packages: github.com/jackc/pgx/v4, github.com/jackc/pgx
Source: GitHub Advisory Database
Published: 24 days ago
Moderate
Ecosystems: go
Packages: helm.sh/helm/v3
Source: GitHub Advisory Database
Published: 25 days ago
GSA_kwCzR0hTQS1qdzQ0LTRmM2otcTM5Ns4AA5uc
Helm shows secrets in clear textEcosystems: go
Packages: helm.sh/helm/v3
Source: GitHub Advisory Database
Published: 25 days ago
Moderate
Ecosystems: npm
Packages: hexo-theme-anzhiyu
Source: GitHub Advisory Database
Published: 26 days ago
GSA_kwCzR0hTQS04MmpmLThmMjQteHE5bc4AA5t8
hexo-theme-anzhiyu Cross-site Scripting vulnerabilityEcosystems: npm
Packages: hexo-theme-anzhiyu
Source: GitHub Advisory Database
Published: 26 days ago
Moderate
Ecosystems: npm
Packages: directus
Source: GitHub Advisory Database
Published: 27 days ago
GSA_kwCzR0hTQS01bWhnLXd2OHctcDU5as4AA5sN
Directus version number disclosureEcosystems: npm
Packages: directus
Source: GitHub Advisory Database
Published: 27 days ago
Moderate
Ecosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Published: 27 days ago
GSA_kwCzR0hTQS1ydjRoLW00d2Mtdjk5d84AA5r9
Apache Archiva Incorrect Authorization vulnerabilityEcosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Published: 27 days ago
Moderate
Ecosystems: packagist
Packages: bagisto/bagisto
Source: GitHub Advisory Database
Published: 27 days ago
GSA_kwCzR0hTQS13NW14LTMzNGotNmZ3ds4AA5r1
Bagist Cross-site Scripting vulnerabilityEcosystems: packagist
Packages: bagisto/bagisto
Source: GitHub Advisory Database
Published: 27 days ago
Moderate
Ecosystems: maven
Packages: org.apache.archiva:archiva-common
Source: GitHub Advisory Database
Published: 27 days ago
GSA_kwCzR0hTQS1ocDJ4LTZ2cm0tN2o3ds4AA5sA
Apache Archiva Reflected Cross-site Scripting vulnerabilityEcosystems: maven
Packages: org.apache.archiva:archiva-common
Source: GitHub Advisory Database
Published: 27 days ago
Moderate
Ecosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Published: 27 days ago
GSA_kwCzR0hTQS1oNTk1LXZ3aGMtM3h3eM4AA5r-
Apache Archiva Incorrect Authorization vulnerabilityEcosystems: maven
Packages: org.apache.archiva:archiva
Source: GitHub Advisory Database
Published: 27 days ago
Moderate
Ecosystems: maven
Packages: org.apache.ambari:ambari
Source: GitHub Advisory Database
Published: 27 days ago
GSA_kwCzR0hTQS05cTZ2LXJ4bXctZzNnaM4AA5ry
Apache Ambari: Various Cross site scripting problemsEcosystems: maven
Packages: org.apache.ambari:ambari
Source: GitHub Advisory Database
Published: 27 days ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 27 days ago
GSA_kwCzR0hTQS02eHdmLXh2ZjMtdjQ1Oc4AA5rU
Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers usersEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 27 days ago
Moderate
Ecosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Published: 27 days ago
GSA_kwCzR0hTQS1mZmZnLWN3YzkteHZqN84AA5rI
mongo-express Cross-site Request Forgery vulnerabilityEcosystems: npm
Packages: mongo-express
Source: GitHub Advisory Database
Published: 27 days ago
Moderate
Ecosystems: npm
Packages: nteract
Source: GitHub Advisory Database
Published: 28 days ago
GSA_kwCzR0hTQS02anZnLWhwMjUtNDJmNs4AA5rD
Nteract Remote Code Execution vulnerabilityEcosystems: npm
Packages: nteract
Source: GitHub Advisory Database
Published: 28 days ago
Moderate
Ecosystems: pypi
Packages: docassemble.webapp
Source: GitHub Advisory Database
Published: 28 days ago
GSA_kwCzR0hTQS1wY2Z4LWcyajItZjZmNs4AA5qg
Docassemble HTML and javascript injectionEcosystems: pypi
Packages: docassemble.webapp
Source: GitHub Advisory Database
Published: 28 days ago
Moderate
Ecosystems: pypi
Packages: docassemble.webapp
Source: GitHub Advisory Database
Published: 28 days ago
GSA_kwCzR0hTQS03d3hmLXIycXYtOXh3cs4AA5qf
Docassemble open redirectEcosystems: pypi
Packages: docassemble.webapp
Source: GitHub Advisory Database
Published: 28 days ago
Moderate
Ecosystems: packagist
Packages: cockpit-hq/cockpit
Source: GitHub Advisory Database
Published: 28 days ago
GSA_kwCzR0hTQS1xNzZyLTdwNHEtbXFwd84AA5qL
Cockpit CMS Cross-Site Scripting vulnerabilityEcosystems: packagist
Packages: cockpit-hq/cockpit
Source: GitHub Advisory Database
Published: 28 days ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 28 days ago
GSA_kwCzR0hTQS02djZ3LWg4bTYtN212Ms4AA5qK
Apache Airflow: DAG Code and Import Error Permissions IgnoredEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Published: 28 days ago
Moderate
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Published: 28 days ago
GSA_kwCzR0hTQS12bTltLTU3anItNHB4aM4AA5qH
Mattermost fails to limit the number of role namesEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Published: 28 days ago
Moderate
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Published: 28 days ago
GSA_kwCzR0hTQS1od2pmLTQ2NjctZ3F3eM4AA5qF
Mattermost allows attackers access to posts in channels they are not a member ofEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Published: 28 days ago
Moderate
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Published: 28 days ago
GSA_kwCzR0hTQS1meDQ4LXh2NnEtNmdwM84AA5p9
Mattermost post fetching without auditing in compliance exportEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Published: 28 days ago
Moderate
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Published: 28 days ago
GSA_kwCzR0hTQS02bXgzLTlxZmgtNzdnas4AA5qA
Mattermost denial of service through long emoji valueEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Published: 28 days ago
Moderate
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Published: 28 days ago
GSA_kwCzR0hTQS1wZnc2LTVyeDMteGgzY84AA5p-
Mattermost fails to check the "invite_guest" permissionEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Published: 28 days ago
Moderate
Ecosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Published: 28 days ago
GSA_kwCzR0hTQS03djN2LTk4NHYtaDc0cs4AA5p_
Mattermost leaks details of AD/LDAP groups of a teamsEcosystems: go
Packages: github.com/mattermost/mattermost/server/v8
Source: GitHub Advisory Database
Published: 28 days ago
Moderate
Ecosystems: nuget
Packages: FullStackHero.WebAPI.Boilerplate
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS03NXgyLTZoNG0taDZteM4AA5oj
FullStackHero's WebAPI Boilerplate host header injection vulnerabilityEcosystems: nuget
Packages: FullStackHero.WebAPI.Boilerplate
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: go
Packages: github.com/swaggo/http-swagger
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS00OXc3LTVyMzMtam05bc4AA5ok
http-swagger XSS via PUT requestsEcosystems: go
Packages: github.com/swaggo/http-swagger
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: maven
Packages: org.clojure:clojure
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS12cjY0LXI5cWotaDI3Zs4AA5o_
Reading specially crafted serializable objects from an untrusted source may cause an infinite loop and denial of serviceEcosystems: maven
Packages: org.clojure:clojure
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS12NGNwLTJxN3YtaGc5cc4AA5pT
livehelperchat Server-Side Template InjectionEcosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: maven
Packages: org.bitbucket.b_c:jose4j
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS02cXZ3LTI0OWotaDQ0Y84AA5mp
jose4j denial of service via specifically crafted JWEEcosystems: maven
Packages: org.bitbucket.b_c:jose4j
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS14NTc3LWdjYzktOXhqas4AA5mn
Concrete CMS Stored XSS in Layout Preset NameEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS00NW0yLThxN2YtOTN3ds4AA5nI
Concrete CMS Cross Site Request Forgery (CSRF) vulnerabilityEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: rubygems
Packages: json-jwt
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS1jOHY2LTc4Nmctdmp4Ns4AA5mu
json-jwt allows bypass of identity checks via a sign/encryption confusion attackEcosystems: rubygems
Packages: json-jwt
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: go
Packages: github.com/dvsekhvalnov/jose2go
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS02Mjk0LTZyZ3AtZnI3cs4AA5mt
jose2go vulnerable to denial of service via large p2c valueEcosystems: go
Packages: github.com/dvsekhvalnov/jose2go
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS0zcnh4LThmMzMtN3A2cM4AA5nJ
Concrete CMS Cross Site Request Forgery (CSRF) vulnerabilityEcosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: pypi
Packages: Mezzanine
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS1xcDU2LTgydnAteHFnds4AA5l8
Mezzanine allows attackers to bypass access control mechanismsEcosystems: pypi
Packages: Mezzanine
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: pypi
Packages: Mezzanine
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS0yMmNjLXc3eG0tcmZoeM4AA5l7
Mezzanine allows attackers to bypass access controls via manipulating the Host headerEcosystems: pypi
Packages: Mezzanine
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: rubygems
Packages: yard
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS04bXE0LTlqamgtOXhyY84AA5l2
YARD's default template vulnerable to Cross-site Scripting in generated frames.htmlEcosystems: rubygems
Packages: yard
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS1mcXhqLTQ2d2ctOXY4NM4AA5l0
Flask-AppBuilder's OAuth login page subject to Cross Site Scripting (XSS)Ecosystems: pypi
Packages: Flask-AppBuilder
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS0zdjlyLTg4NWotNzYyZ84AA5lb
Apache Superset: Improper authorization validation on dashboards and charts importEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS13cjZnLTl3Y3ItY21xas4AA5le
Apache Superset: Improper data authorization when creating a new datasetEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS01NDc0LWY3ZzUtMjczcc4AA5ld
Apache Superset: Improper validation of SQL statements allows for unauthorized access to dataEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS1tNmptLTN2MzgtNzZqNM4AA5la
Apache Superset: Improper Neutralization of custom SQL on embedded contextEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 29 days ago
GSA_kwCzR0hTQS1oN3I2LThxbW0taGo1cs4AA5lZ
Apache Superset: Improper error handling on alertsEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Published: 29 days ago
Moderate
Ecosystems: packagist
Packages: openmage/magento-lts
Source: GitHub Advisory Database
Published: 30 days ago
GSA_kwCzR0hTQS1ncDZtLWZxNmgtY2pjeM4AA5jQ
Magento LTS vulnerable to stored XSS in admin file formEcosystems: packagist
Packages: openmage/magento-lts
Source: GitHub Advisory Database
Published: 30 days ago
Moderate
Ecosystems: rubygems
Packages: activestorage
Source: GitHub Advisory Database
Published: 30 days ago
GSA_kwCzR0hTQS04aDIyLThjZjctaHE2Z84AA5jP
Rails has possible Sensitive Session Information Leak in Active StorageEcosystems: rubygems
Packages: activestorage
Source: GitHub Advisory Database
Published: 30 days ago
Moderate
Ecosystems: rubygems
Packages: rails, actionpack
Source: GitHub Advisory Database
Published: 30 days ago
GSA_kwCzR0hTQS05ODIyLTZtOTMteHFmNM4AA5jO
Rails has possible XSS Vulnerability in Action ControllerEcosystems: rubygems
Packages: rails, actionpack
Source: GitHub Advisory Database
Published: 30 days ago
Moderate
Ecosystems: maven
Packages: org.apache.james:apache-mime4j-core
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1qdzdyLXJ4ZmYtZ3YyNM4AA5if
Apache James MIME4J improper input validation vulnerabilityEcosystems: maven
Packages: org.apache.james:apache-mime4j-core
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: maven
Packages: org.apache.ambari.contrib.views:wfmanager
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1xcnA5LTIzcDctZzVtZs4AA5ic
Apache Ambari XML External Entity injectionEcosystems: maven
Packages: org.apache.ambari.contrib.views:wfmanager
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: intelliants/subrion
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1xNHFoLThweHctcjQ4cc4AA5iX
Subrion CMS vulnerable to Cross Site ScriptingEcosystems: packagist
Packages: intelliants/subrion
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: intelliants/subrion
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS14eGY4LWZwbXItZnc3ds4AA5ib
Subrion CMS vulnerable to SQL InjectionEcosystems: packagist
Packages: intelliants/subrion
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS12ZjdqLWNtcmotcG1tbc4AA5iJ
ZenML Server Remote Privilege Escalation VulnerabilityEcosystems: pypi
Packages: zenml
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: maven
Packages: org.apache.james:james-server
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1wNXE5LTg2dzQtMnhyNc4AA5iD
SMTP smuggling in Apache JamesEcosystems: maven
Packages: org.apache.james:james-server
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: maven
Packages: org.apache.james:james-server
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1weDd3LWM5Z3ctN2dqM84AA5hU
Apache James server: Privilege escalation via JMX pre-authentication deserializationEcosystems: maven
Packages: org.apache.james:james-server
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: diffoscope
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS0zM3c2LWh2bXEtZ2g0eM4AA5g-
diffoscope Path Traversal vulnerabilityEcosystems: pypi
Packages: diffoscope
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: bagisto/bagisto
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS03cDdxLWZqZnctdjNnZs4AA5gw
Bagisto Cross-Site Request Forgery vulnerabilityEcosystems: packagist
Packages: bagisto/bagisto
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: go
Packages: github.com/stacklok/minder
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1xNmg4LTRqMnYtcGpnNM4AA5gv
Minder trusts client-provided mapping from repo name to upstream IDEcosystems: go
Packages: github.com/stacklok/minder
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: getkirby/cms
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS02M2g0LXcyNWMtM3F2NM4AA5gk
Kirby vulnerable to Cross-site scripting (XSS) in the link field "Custom" typeEcosystems: packagist
Packages: getkirby/cms
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: langchain-experimental
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS12OHZqLWN2MjctaGp2OM4AA5gM
LangChain Experimental vulnerable to arbitrary code executionEcosystems: pypi
Packages: langchain-experimental
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: pretix
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS02NzJyLTk3cjctdngycc4AA5gJ
pretix mishandles file validationEcosystems: pypi
Packages: pretix
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: rubygems
Packages: rack-cors
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS03ODVnLTI4MnEtcHd2eM4AA5gh
Rack CORS Middleware has Insecure File PermissionsEcosystems: rubygems
Packages: rack-cors
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: getkirby/cms
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS01N2YyLThwODktNjZ4Ns4AA5fI
Kirby vulnerable to self cross-site scripting (self-XSS) in the URL fieldEcosystems: packagist
Packages: getkirby/cms
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: getkirby/cms
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS14cnZoLXJ2YzQtNW00M84AA5fH
Kirby vulnerable to unrestricted file upload of user avatar imagesEcosystems: packagist
Packages: getkirby/cms
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1ybTk3LXg1NTYtcTM2aM4AA5fD
sanitize-html Information Exposure vulnerabilityEcosystems: npm
Packages: sanitize-html
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: onnx
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1oOHd2LTloOTYtbTRocs4AA5eq
Onnx Out-of-bounds Read vulnerabilityEcosystems: pypi
Packages: onnx
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: appwrite/server-ce
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS13Zm0zLWdxOWgtbXJqbc4AA5dw
Appwrite Directory Traversal vulnerabilityEcosystems: packagist
Packages: appwrite/server-ce
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS02eHY5LTk1N2otcWZoZ84AA5dt
Label Studio vulnerable to Cross-site Scripting if `<Choices>` or `<Labels>` are used in labeling configEcosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: go
Packages: github.com/treeverse/lakefs
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1mdnY1LWgyOWctZjZ3Nc4AA5dq
User with ci:ReadAction permissions and write permissions to one path in a repository may copy objects from any path in the repositoryEcosystems: go
Packages: github.com/treeverse/lakefs
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS02NmMyLXA4cmgtcXg4N84AA5dj
baserCMS Cross-site Scripting vulnerability in Site search FeatureEcosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS03N2ZjLTRjdjUtaG1mcs4AA5di
baserCMS OS command injection vulnerability in InstallerEcosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1qanhxLW04aDMtNHZ3Nc4AA5dh
baserCMS Cross-site Scripting vulnerability in Content ManagementEcosystems: packagist
Packages: baserproject/basercms
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: enhavo/enhavo-app
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1wY204LXFxcnAtdzZxZs4AA5c8
Enhavo Cross-site Scripting vulnerabilityEcosystems: packagist
Packages: enhavo/enhavo-app
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: enhavo/enhavo-app
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1jNTc5LWhodzUtY3IzcM4AA5c9
Enhavo Cross-site Scripting vulnerabilityEcosystems: packagist
Packages: enhavo/enhavo-app
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: enhavo/enhavo-app
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS0zOG04LTVnZmMtNjYzZ84AA5c3
Enhavo Cross-site Scripting vulnerabilityEcosystems: packagist
Packages: enhavo/enhavo-app
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS05cTI0LWh3bWMtNzk3eM4AA5cx
Apache Answer Race Condition vulnerabilityEcosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS04cGYyLXFqNHYtZmo2NM4AA5c1
Apache Answer Cross-site Scripting vulnerabilityEcosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1ybXFwLW12djItNTRjNs4AA5ct
Apache Answer Unrestricted Upload of File with Dangerous Type vulnerabilityEcosystems: go
Packages: github.com/apache/incubator-answer
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1najQ4LXc3NHctOGd2bc4AA5cs
Path Traversal in TYPO3 CoreEcosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: getkirby/cms
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1xdjR4LXYydjQtZjhwOc4AA5cm
Kirby CMS HTML injection vulnerabilityEcosystems: packagist
Packages: getkirby/cms
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: maven
Packages: com.xwiki.licensing:application-licensing-licensor-ui
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS00aGZwLW05Z3YtbTc1M84AA5bO
XWiki extension license information is public, exposing instance id and license holder detailsEcosystems: maven
Packages: com.xwiki.licensing:application-licensing-licensor-ui
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: phenx/php-svg-lib
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1mM3FyLXFyNHgtajI3M84AA5bM
php-svg-lib lacks path validation on font through SVG inline stylesEcosystems: packagist
Packages: phenx/php-svg-lib
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS1oZ3I2LTZoaHctODgzZs4AA5aV
Liferay Portal Calendar module and Liferay DXP vulnerable to Cross-site Scripting, content spoofingEcosystems: maven
Packages: com.liferay.portal:release.dxp.bom, com.liferay.portal:release.portal.bom
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: maven
Packages: com.yetanalytics:lrs
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS03cncyLTNoaHAtcmM0Ns4AA5Z0
Cross-site Scripting Vulnerability in Statement BrowserEcosystems: maven
Packages: com.yetanalytics:lrs
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: go
Packages: github.com/cosmos/cosmos-sdk
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS0yNTU3LXg5bWctNzZ3OM4AA5Zz
ASA-2024-002: Default `PrepareProposalHandler` may produce invalid proposals when used with default `SenderNonceMempool`Ecosystems: go
Packages: github.com/cosmos/cosmos-sdk
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: packagist
Packages: prestashop/prestashop
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS0zMzY2LTkyODctN3Fwcs4AA5Zv
Path disclosure in JavaScript variableEcosystems: packagist
Packages: prestashop/prestashop
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: cargo
Packages: surrealdb
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS02d3I1LWptcHItbWpjeM4AA5Zt
Uncaught Exception in Macro Expecting Native Function to ExistEcosystems: cargo
Packages: surrealdb
Source: GitHub Advisory Database
Published: about 1 month ago
Moderate
Ecosystems: cargo
Packages: surrealdb
Source: GitHub Advisory Database
Published: about 1 month ago
GSA_kwCzR0hTQS04eGZmLTQ3M2gtZjg2M84AA5Zs
Uncaught Exception Handling Parsing Errors on Line TerminatorsEcosystems: cargo
Packages: surrealdb
Source: GitHub Advisory Database
Published: about 1 month ago
Statistics
Advisories: 17,221
Packages: 7,995
Repositories: 2,329
Ecosystems: 12
Packages: 7,995
Repositories: 2,329
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
207
moodle/moodle
193
tensorflow-cpu
191
tensorflow-gpu
190
org.jenkins-ci.main:jenkins-core
114
magento/community-edition
96
org.apache.tomcat:tomcat
95
pimcore/pimcore
83
microweber/microweber
62
typo3/cms
61
django
54
apache-airflow
51
typo3/cms-core
49
thorsten/phpmyfaq
45
actionpack
42
github.com/usememos/memos
42
apache-superset
39
concrete5/concrete5
34
showdoc/showdoc
34
librenms/librenms
31
plone
30
github.com/mattermost/mattermost-server/v6
30
dolibarr/dolibarr
29
phpmyadmin/phpmyadmin
28
ansible
28
org.keycloak:keycloak-core
27
com.liferay.portal:release.portal.bom
25
github.com/mattermost/mattermost/server/v8
24
craftcms/cms
24
snipe/snipe-it
24
github.com/grafana/grafana
23
symfony/symfony
23
org.elasticsearch:elasticsearch
23
baserproject/basercms
22
Plone
22
github.com/answerdev/answer
21
intelliants/subrion
21
silverstripe/framework
21
org.apache.struts:struts2-core
20
grumpydictator/firefly-iii
19
k8s.io/kubernetes
19
rdiffweb
18
shopware/shopware
18
remdex/livehelperchat
18
shopware/platform
17
getkirby/cms
17
matrix-synapse
17
org.apache.tomcat.embed:tomcat-embed-core
15
froxlor/froxlor
15
nokogiri
14
yetiforce/yetiforce-crm
14
puppet
14
com.jfinal:jfinal
13
org.keycloak:keycloak-parent
13
Pillow
13
drupal/core
13
forkcms/forkcms
13
prestashop/prestashop
13
org.apache.jspwiki:jspwiki-main
12
tinymce
12
com.thoughtworks.xstream:xstream
12
nova
12
github.com/goharbor/harbor
12
shopware/core
12
github.com/hashicorp/consul
12
io.undertow:undertow-core
12
tribalsystems/zenario
12
org.xwiki.platform:xwiki-platform-oldcore
12
org.apache.solr:solr-core
12
github.com/argoproj/argo-cd/v2
12
DotNetNuke.Core
11
github.com/hashicorp/vault
11
github.com/cilium/cilium
11
github.com/argoproj/argo-cd
11
feehi/feehicms
11
francoisjacquet/rosariosis
10
github.com/greenpau/caddy-security
10
pyftpdlib
10
cakephp/cakephp
10
org.springframework.security:spring-security-core
10
PaddlePaddle
10
fat_free_crm
10
activesupport
10
org.springframework:spring-core
10
com.vaadin:vaadin-bom
10
wallabag/wallabag
10
@openzeppelin/contracts-upgradeable
10
typo3/cms-backend
10
@openzeppelin/contracts
10
org.apache.jspwiki:jspwiki-war
10
github.com/ethereum/go-ethereum
10
github.com/containerd/containerd
10
org.apache.nifi:nifi
10
lavalite/cms
10
notebook
10
helm.sh/helm/v3
10
org.eclipse.jetty:jetty-server
10
github.com/docker/docker
9
TinyMCE
9
mautic/core
9
org.jenkins-ci.plugins:git
9
tinymce/tinymce
9
ghost
9
jquery-rails
9
gogs.io/gogs
9
directus
9
org.mortbay.jetty:jetty
9
rack
9
org.igniterealtime.openfire:parent
9
getgrav/grav
9
publify_core
9
org.opencrx:opencrx-core-models
9
angular
9
swagger-ui
9
nilsteampassnet/teampass
9
vyper
9
ckeditor4
9
rubygems-update
9
zendframework/zendframework1
9
github.com/hashicorp/nomad
9
glance
9
Django
8
Microsoft.ChakraCore
8
contao/core-bundle
8
actionview
8
impresscms/impresscms
8
rails
8
editor.md
8
electron
8
bootstrap
8
org.opencms:opencms-core
8
org.jenkins-ci.plugins:script-security
8
github.com/openfga/openfga
8
github.com/kubeedge/kubeedge
8
silverstripe/cms
8
centreon/centreon
8
opencv-contrib-python
8
rails-html-sanitizer
8
opencv-python
8
drupal/drupal
8
wasmtime
8
org.webjars.npm:jquery
8
org.apache.activemq:activemq-client
8
org.bouncycastle:bcprov-jdk14
8
org.jenkins-ci.plugins:electricflow
8
jquery
8
org.apache.archiva:archiva
8
next
7
OctoPrint
7
activerecord
7
joplin
7
org.keycloak:keycloak-services
7
jQuery
7
org.bouncycastle:bcprov-jdk15
7
io.jenkins.blueocean:blueocean
7
org.apache.cxf:cxf-core
7
org.jenkins-ci.plugins:subversion
7
github.com/mattermost/mattermost-server
7
vantage6
7
io.jenkins:configuration-as-code
7
admidio/admidio
7
org.jenkins-ci.plugins:email-ext
7
kevinpapst/kimai2
7
wagtail
7
org.apache.santuario:xmlsec
7
org.bouncycastle:bcprov-jdk15on
7
contao/contao
7
validator
7
com.vaadin:flow-server
7
jQuery.UI.Combined
7
phpmyfaq/phpmyfaq
7
org.webjars.npm:jquery-ui
7
org.jenkins-ci.plugins:config-file-provider
7
silverstripe/admin
7
pyload-ng
7
org.owasp.antisamy:antisamy
7
org.opennms:opennms
7
github.com/google/fscrypt
7
jquery-ui-rails
7
modoboa
7
jquery-ui
7
org.apache.james:james-server
7
sanitize-html
6
org.cloudfoundry.identity:cloudfoundry-identity-server
6
github.com/moby/moby
6
github.com/1Panel-dev/1Panel
6
url-parse
6
urllib3
6
cockpit-hq/cockpit
6
neutron
6
elefant/cms
6
snyk-broker
6
urijs
6
org.jenkins-ci.plugins:openshift-deployer
6
io.netty:netty
6
org.apache.pdfbox:pdfbox
6
facturascripts/facturascripts
6
aiohttp
6
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
6
github.com/cubefs/cubefs
6
Filter by Repository
https://github.com/tensorflow/tensorflow
207
https://github.com/moodle/moodle
164
https://github.com/jenkinsci/jenkins
90
https://github.com/pimcore/pimcore
80
https://github.com/microweber/microweber
58
https://github.com/apache/tomcat
50
https://github.com/apache/airflow
47
https://github.com/thorsten/phpmyfaq
45
https://github.com/usememos/memos
42
https://github.com/django/django
42
https://github.com/xwiki/xwiki-platform
36
https://github.com/rails/rails
33
https://github.com/TYPO3/typo3
32
https://github.com/star7th/showdoc
32
https://github.com/librenms/librenms
29
https://github.com/kubernetes/kubernetes
27
https://github.com/plone/Products.CMFPlone
26
https://github.com/ansible/ansible
23
https://github.com/answerdev/answer
21
https://github.com/spring-projects/spring-framework
21
https://github.com/craftcms/cms
20
https://github.com/snipe/snipe-it
20
https://github.com/concretecms/concretecms
19
https://github.com/apache/activemq
19
https://github.com/firefly-iii/firefly-iii
19
https://github.com/livehelperchat/livehelperchat
18
https://github.com/symfony/symfony
18
https://github.com/grafana/grafana
18
https://github.com/ikus060/rdiffweb
18
https://github.com/keycloak/keycloak
18
https://github.com/apache/struts
17
https://github.com/matrix-org/synapse
17
https://github.com/shopware/platform
17
https://github.com/argoproj/argo-cd
16
https://github.com/magento/magento2
16
https://github.com/shopware/shopware
15
https://github.com/CVEProject/cvelist
15
https://github.com/python-pillow/Pillow
14
https://github.com/OpenNMS/opennms
14
https://github.com/froxlor/froxlor
14
https://github.com/PaddlePaddle/Paddle
14
https://github.com/yetiforcecompany/yetiforcecrm
14
https://github.com/TYPO3/TYPO3.CMS
14
https://github.com/phpmyadmin/phpmyadmin
14
https://github.com/x-stream/xstream
13
https://github.com/Dolibarr/dolibarr
13
https://github.com/getkirby/kirby
13
https://github.com/octobercms/october
13
https://github.com/tinymce/tinymce
12
https://github.com/goharbor/harbor
12
https://github.com/apache/cxf
12
https://github.com/netty/netty
12
https://github.com/cilium/cilium
11
https://github.com/forkcms/forkcms
11
https://github.com/PrestaShop/PrestaShop
11
https://github.com/liufee/cms
10
https://github.com/silverstripe/silverstripe-framework
10
https://github.com/containerd/containerd
10
https://github.com/helm/helm
10
https://github.com/vaadin/platform
10
https://github.com/baserproject/basercms
10
https://github.com/jquery/jquery
10
https://github.com/ethereum/go-ethereum
10
https://github.com/OpenZeppelin/openzeppelin-contracts
10
https://github.com/greenpau/caddy-security
10
https://github.com/vyperlang/vyper
9
https://github.com/github/advisory-database
9
https://github.com/strapi/strapi
9
https://github.com/electron/electron
9
https://github.com/puppetlabs/puppet
9
https://github.com/sparklemotion/nokogiri
9
https://github.com/apache/nifi
9
https://github.com/publify/publify
9
https://github.com/fatfreecrm/fat_free_crm
9
https://github.com/mautic/mautic
9
https://github.com/geoserver/geoserver
9
https://github.com/go-gitea/gitea
9
https://github.com/jenkinsci/git-plugin
9
https://github.com/swagger-api/swagger-ui
8
https://github.com/bytecodealliance/wasmtime
8
https://github.com/eclipse/jetty.project
8
https://github.com/jupyter/notebook
8
https://github.com/kubeedge/kubeedge
8
https://github.com/intelliants/subrion
8
https://github.com/nilsteampassnet/teampass
8
https://github.com/openfga/openfga
8
https://github.com/moby/moby
8
https://github.com/bcgit/bc-java
8
https://github.com/wallabag/wallabag
8
https://github.com/hashicorp/consul
8
https://github.com/LavaLite/cms
8
https://github.com/directus/directus
8
https://github.com/rails/rails-html-sanitizer
8
https://github.com/rubygems/rubygems
8
https://github.com/pandao/editor.md
8
https://github.com/TryGhost/Ghost
8
https://github.com/getgrav/grav
8
https://github.com/contao/contao
7
https://github.com/jeecgboot/jeecg-boot
7
https://github.com/rack/rack
7
https://github.com/dolibarr/dolibarr
7
https://github.com/laurent22/joplin
7
https://github.com/pyload/pyload
7
https://github.com/modoboa/modoboa
7
https://github.com/vantage6/vantage6
7
https://github.com/gogs/gogs
7
https://github.com/twbs/bootstrap
7
https://github.com/hashicorp/vault
7
https://github.com/kevinpapst/kimai2
7
https://github.com/chakra-core/ChakraCore
7
https://github.com/google/fscrypt
7
https://github.com/ckeditor/ckeditor4
7
https://github.com/wagtail/wagtail
7
https://github.com/opencv/opencv
7
https://github.com/vaadin/flow
7
https://github.com/jenkinsci/blueocean-plugin
7
https://github.com/thorsten/phpMyFAQ
7
https://github.com/nahsra/antisamy
7
https://github.com/cubefs/cubefs
6
https://github.com/jenkinsci/config-file-provider-plugin
6
https://github.com/jquery/jquery-ui
6
https://github.com/neorazorx/facturascripts
6
https://github.com/cui2shark/security
6
https://github.com/onionshare/onionshare
6
https://github.com/opensearch-project/security
6
https://github.com/panva/jose
6
https://github.com/jenkinsci/fortify-on-demand-uploader-plugin
6
https://github.com/backstage/backstage
6
https://github.com/cloudflare/cfrpki
6
https://github.com/jenkinsci/script-security-plugin
6
https://github.com/igniterealtime/Openfire
6
https://github.com/pimcore/customer-data-framework
6
https://github.com/pimcore/admin-ui-classic-bundle
6
https://github.com/traefik/traefik
6
https://github.com/oroinc/orocommerce
6
https://github.com/aio-libs/aiohttp
6
https://github.com/parse-community/parse-server
6
https://github.com/giampaolo/pyftpdlib
6
https://github.com/opencast/opencast
6
https://github.com/urllib3/urllib3
6
https://github.com/1Panel-dev/1Panel
6
https://github.com/jenkinsci/configuration-as-code-plugin
6
https://github.com/vercel/next.js
5
https://github.com/Sylius/Sylius
5
https://github.com/dompdf/dompdf
5
https://github.com/apache/lucene-solr
5
https://github.com/lxml/lxml
5
https://github.com/vapor/vapor
5
https://github.com/zendframework/zf1
5
https://github.com/Amanieu/parking_lot
5
https://github.com/unshiftio/url-parse
5
https://github.com/nervosnetwork/ckb
5
https://github.com/puma/puma
5
https://github.com/etcd-io/etcd
5
https://github.com/jenkinsci/codedx-plugin
5
https://github.com/lief-project/LIEF
5
https://github.com/dotnet/runtime
5
https://github.com/sulu/sulu
5
https://github.com/nodejs/undici
5
https://github.com/cri-o/cri-o
5
https://bitbucket.org/snakeyaml/snakeyaml
5
https://github.com/NodeBB/NodeBB
5
https://github.com/cloudfoundry/uaa
5
https://github.com/admidio/admidio
5
https://github.com/apache/tika
5
https://github.com/paritytech/frontier
5
https://github.com/kivikakk/comrak
5
https://github.com/numpy/numpy
5
https://github.com/apache/kylin
5
https://github.com/xuxueli/xxl-job
5
https://github.com/jenkinsci/subversion-plugin
5
https://github.com/apache/dolphinscheduler
5
https://github.com/cakephp/cakephp
5
https://github.com/mattermost/mattermost
5
https://github.com/pmmp/PocketMine-MP
5
https://github.com/umbraco/Umbraco-CMS
5
https://github.com/opencontainers/runc
5
https://github.com/containers/podman
5
https://github.com/ipython/ipython
5
https://github.com/croogo/croogo
5
https://github.com/cosmos/cosmos-sdk
5
https://github.com/centreon/centreon-archived
5
https://github.com/alextselegidis/easyappointments
5
https://github.com/apache/superset
5
https://github.com/hyperium/hyper
5
https://github.com/evershopcommerce/evershop
5
https://github.com/jenkinsci/electricflow-plugin
5
https://github.com/openstack/keystone
5
https://github.com/apostrophecms/sanitize-html
4
https://github.com/jenkinsci/active-choices-plugin
4
https://github.com/vega/vega
4
https://github.com/silverstripe/silverstripe-admin
4
https://github.com/jenkinsci/ansible-plugin
4
https://github.com/jupyter-server/jupyter_server
4
https://github.com/psf/requests
4
https://github.com/keystonejs/keystone
4
https://github.com/codeigniter4/shield
4
https://github.com/rancher/rancher
4
https://github.com/decidim/decidim
4